cident - verify rats has size and empty buffers before

2025-01-07 16:48:15 +08:00 · 2020-10-29 12:26:43 +01:00 · 2020-10-29 12:26:43 +01:00 · fd6dda5e36
commit fd6dda5e36
parent 5154a28ce3
1 changed files with 52 additions and 42 deletions
--- a/armsrc/mifarecmd.c
+++ b/armsrc/mifarecmd.c
@ -2247,6 +2247,11 @@ void MifareCIdent(bool is_mfc) {
    uint8_t *par = BigBuf_malloc(MAX_PARITY_SIZE);
    uint8_t *buf = BigBuf_malloc(PM3_CMD_DATA_SIZE);
    uint8_t *uid = BigBuf_malloc(10);
+
+    memset(par, 0x00, MAX_PARITY_SIZE);
+    memset(buf, 0x00, PM3_CMD_DATA_SIZE);
+    memset(uid, 0x00, 10);
+
    uint32_t cuid = 0;
    uint8_t data[1] = {0x00};

@ -2278,50 +2283,53 @@ void MifareCIdent(bool is_mfc) {

        ReaderTransmit(rats, sizeof(rats), NULL);
        res = ReaderReceive(buf, par);
-        // test for some MFC gen2
-        if (memcmp(buf, "\x09\x78\x00\x91\x02\xDA\xBC\x19\x10\xF0\x05", 11) == 0) {
+        if (res ) {

-            // super card ident
-            uint8_t super[] = {0x0A, 0x00, 0x00, 0xA6, 0xB0, 0x00, 0x10, 0x14, 0x1D};
-            ReaderTransmit(super, sizeof(super), NULL);
-            res = ReaderReceive(buf, par);
-            if (res == 22) {
-                isGen = MAGIC_SUPER;
+            // test for some MFC gen2
+            if (memcmp(buf, "\x09\x78\x00\x91\x02\xDA\xBC\x19\x10\xF0\x05", 11) == 0) {
+
+                // super card ident
+                uint8_t super[] = {0x0A, 0x00, 0x00, 0xA6, 0xB0, 0x00, 0x10, 0x14, 0x1D};
+                ReaderTransmit(super, sizeof(super), NULL);
+                res = ReaderReceive(buf, par);
+                if (res == 22) {
+                    isGen = MAGIC_SUPER;
+                    goto OUT;
+                }
+
+                isGen = MAGIC_GEN_2;
+                goto OUT;
+            }
+            // test for some MFC 7b gen2
+            if (memcmp(buf, "\x0D\x78\x00\x71\x02\x88\x49\xA1\x30\x20\x15\x06\x08\x56\x3D", 15) == 0) {
+                isGen = MAGIC_GEN_2;
+                goto OUT;
+            }
+            // test for Ultralight magic gen2
+            if (memcmp(buf, "\x0A\x78\x00\x81\x02\xDB\xA0\xC1\x19\x40\x2A\xB5", 12) == 0) {
+                isGen = MAGIC_GEN_2;
+                goto OUT;
+            }
+            // test for Ultralight EV1 magic gen2
+            if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x41\xDF", 18) == 0) {
+                isGen = MAGIC_GEN_2;
+                goto OUT;
+            }
+            // test for some other Ultralight EV1 magic gen2
+            if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x16\xD7", 18) == 0) {
+                isGen = MAGIC_GEN_2;
+                goto OUT;
+            }
+            // test for some other Ultralight magic gen2
+            if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xB0\x00\x00\x00\x00\x00\x00\x00\x00\x18\x4D", 18) == 0) {
+                isGen = MAGIC_GEN_2;
+                goto OUT;
+            }
+            // test for NTAG213 magic gen2
+            if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xA5\x00\x04\x04\x02\x01\x00\x0F\x03\x79\x0C", 18) == 0) {
+                isGen = MAGIC_GEN_2;
                goto OUT;
            }
-
-            isGen = MAGIC_GEN_2;
-            goto OUT;
-        }
-        // test for some MFC 7b gen2
-        if (memcmp(buf, "\x0D\x78\x00\x71\x02\x88\x49\xA1\x30\x20\x15\x06\x08\x56\x3D", 15) == 0) {
-            isGen = MAGIC_GEN_2;
-            goto OUT;
-        }
-        // test for Ultralight magic gen2
-        if (memcmp(buf, "\x0A\x78\x00\x81\x02\xDB\xA0\xC1\x19\x40\x2A\xB5", 12) == 0) {
-            isGen = MAGIC_GEN_2;
-            goto OUT;
-        }
-        // test for Ultralight EV1 magic gen2
-        if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x41\xDF", 18) == 0) {
-            isGen = MAGIC_GEN_2;
-            goto OUT;
-        }
-        // test for some other Ultralight EV1 magic gen2
-        if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xC3\x00\x04\x03\x01\x01\x00\x0B\x03\x16\xD7", 18) == 0) {
-            isGen = MAGIC_GEN_2;
-            goto OUT;
-        }
-        // test for some other Ultralight magic gen2
-        if (memcmp(buf, "\x85\x00\x00\xA0\x0A\x00\x0A\xB0\x00\x00\x00\x00\x00\x00\x00\x00\x18\x4D", 18) == 0) {
-            isGen = MAGIC_GEN_2;
-            goto OUT;
-        }
-        // test for NTAG213 magic gen2
-        if (memcmp(buf, "\x85\x00\x00\xA0\x00\x00\x0A\xA5\x00\x04\x04\x02\x01\x00\x0F\x03\x79\x0C", 18) == 0) {
-            isGen = MAGIC_GEN_2;
-            goto OUT;
        }

        if (is_mfc == false) {
@ -2767,6 +2775,8 @@ void MifareU_Counter_Tearoff(uint8_t counter, uint32_t tearoff_time) {
    if (!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
        if (DBGLEVEL >= DBG_ERROR) Dbprintf("Can't select card");
        OnError(1);
+        switch_off();
+        LEDsoff();
        return;
    };

@ -2775,6 +2785,6 @@ void MifareU_Counter_Tearoff(uint8_t counter, uint32_t tearoff_time) {
    LED_D_ON();
    SpinDelayUsPrecision(tearoff_time);
    switch_off();
-
+    LEDsoff();
    reply_ng(CMD_HF_MFU_COUNTER_TEAROFF, PM3_SUCCESS, NULL, 0);
 }