From cd93f3a134500e90b65ced2ef43d894324d1c011 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 27 Apr 2018 10:09:14 +0200 Subject: [PATCH] ADD: sample buffer size variable, to keep track of possible download lengths which is reserved on client. --- client/cmdhw.c | 1 + client/cmdmain.c | 6 +++++- client/data.c | 4 ++++ client/data.h | 1 + 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/client/cmdhw.c b/client/cmdhw.c index 90fa7323f..6095360b7 100644 --- a/client/cmdhw.c +++ b/client/cmdhw.c @@ -276,6 +276,7 @@ int CmdVersion(const char *Cmd) { int CmdStatus(const char *Cmd) { uint8_t speed_test_buffer[USB_CMD_DATA_SIZE]; sample_buf = speed_test_buffer; + sample_buf_size = USB_CMD_DATA_SIZE; clearCommandBuffer(); UsbCommand c = {CMD_STATUS}; SendCommand(&c); diff --git a/client/cmdmain.c b/client/cmdmain.c index 340d40d14..1e93e9b91 100644 --- a/client/cmdmain.c +++ b/client/cmdmain.c @@ -118,7 +118,7 @@ void storeCommand(UsbCommand *command) { int getCommand(UsbCommand* response) { pthread_mutex_lock(&cmdBufferMutex); //If head == tail, there's nothing to read, or if we just got initialized - if(cmd_head == cmd_tail) { + if (cmd_head == cmd_tail) { pthread_mutex_unlock(&cmdBufferMutex); return 0; } @@ -235,6 +235,10 @@ void UsbCommandReceived(UsbCommand* _ch) { uint32_t offset = c->arg[0]; uint32_t len = c->arg[1]; //uint32_t tracelen = c->arg[2]; + + // extra bounds check. + len = MIN(sample_buf_size, len); + memcpy( sample_buf + offset, c->d.asBytes, len); //PrintAndLogEx(NORMAL, "ICE:: Download from device. chunk %" PRIu32 " | size %" PRIu32 " | tracelen:%" PRIu32 " \n", offset, len, c->arg[2]); break; diff --git a/client/data.c b/client/data.c index 56887daa8..46645a223 100644 --- a/client/data.c +++ b/client/data.c @@ -15,12 +15,14 @@ #include "proxmark3.h" #include "cmdmain.h" +uint32_t sample_buf_size; uint8_t* sample_buf; // this triggers a download sequence from device, its received inside cmdmain.c UsbCommandReceived() void GetFromBigBuf(uint8_t *dest, uint32_t len, uint32_t start_index) { // global sample_buf = dest; + sample_buf_size = len; UsbCommand c = {CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K, {start_index, len, 0}}; clearCommandBuffer(); SendCommand(&c); @@ -29,6 +31,7 @@ void GetFromBigBuf(uint8_t *dest, uint32_t len, uint32_t start_index) { // inside the BigBuf EML zon. bool GetEMLFromBigBuf(uint8_t *dest, uint32_t len, uint32_t start_index) { sample_buf = dest; + sample_buf_size = len; UsbCommand c = {CMD_DOWNLOAD_EML_BIGBUF, {start_index, len, 0}}; clearCommandBuffer(); SendCommand(&c); @@ -45,6 +48,7 @@ bool GetEMLFromBigBuf(uint8_t *dest, uint32_t len, uint32_t start_index) { // Download data from flashmem, rdv40 void GetFromFlashMen(uint8_t *dest, uint32_t len, uint32_t start_index) { sample_buf = dest; + sample_buf_size = len; UsbCommand c = {CMD_DOWNLOAND_FLASH_MEM, {start_index, len, 0}}; clearCommandBuffer(); SendCommand(&c); diff --git a/client/data.h b/client/data.h index 885880796..bea0657b4 100644 --- a/client/data.h +++ b/client/data.h @@ -16,6 +16,7 @@ #define FILE_PATH_SIZE 1000 +extern uint32_t sample_buf_size; extern uint8_t* sample_buf; extern void GetFromBigBuf(uint8_t *dest, uint32_t len, uint32_t start_index); extern bool GetEMLFromBigBuf(uint8_t *dest, uint32_t len, uint32_t start_index);