Refactoring of BigBuf handling in order to prepare for more efficient memory allocation and longer traces.

2025-08-20 13:23:51 -07:00 · 2015-01-16 11:00:17 +01:00 · 2015-01-16 11:00:17 +01:00 · 117d9ec25c
commit 117d9ec25c
parent 936e0729f9
14 changed files with 251 additions and 164 deletions
--- a/armsrc/BigBuf.c
+++ b/armsrc/BigBuf.c
@ -0,0 +1,68 @@
 //-----------------------------------------------------------------------------
 // Jonathan Westhues, Aug 2005
 // Gerhard de Koning Gans, April 2008, May 2011
 //
 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
 // at your option, any later version. See the LICENSE.txt file for the text of
 // the license.
 //-----------------------------------------------------------------------------
 // BigBuf and functions to allocate/free parts of it.
 //-----------------------------------------------------------------------------
 #include <stdint.h>
 #include "proxmark3.h"
 #include "apps.h"
 #include "string.h"
 // The large multi-purpose buffer, typically used to hold A/D samples or traces,
 // may be processed in some way. Also used to hold various smaller buffers.
 static uint8_t BigBuf[BIGBUF_SIZE];
 // High memory mark
 static uint16_t BigBuf_hi = BIGBUF_SIZE;
 // trace related global variables. Change to function calls?
 //uint8_t *trace = BigBuf;
 uint16_t traceLen;
 // get the address of BigBuf
 uint8_t *BigBuf_get_addr(void)
 {
 	return BigBuf;
 }
 // clear ALL of BigBuf
 void BigBuf_Clear(void)
 {
 	memset(BigBuf,0,BIGBUF_SIZE);
 	Dbprintf("Buffer cleared (%i bytes)",BIGBUF_SIZE);
 }
 // allocate a chunk of memory from BigBuf. We allocate high memory first. Low memory
 // is always for traces/samples
 uint8_t *BigBuf_malloc(uint16_t chunksize)
 {
 	if (BigBuf_hi - chunksize < 0) { 
 		return NULL;						// no memory left
 	} else {
 		BigBuf_hi -= chunksize; 		  	// aligned to 4 Byte boundary 
 		return BigBuf + BigBuf_hi;
 	}
 }
 // free ALL allocated chunks. The whole BigBuf is available for traces again.
 void BigBuf_free(void)
 {
 	BigBuf_hi = BIGBUF_SIZE;
 }
 // return the maximum trace length (i.e. the unallocated size of BigBuf)
 uint16_t BigBuf_max_trace_len(void)
 {
 	return BigBuf_hi;
 }
--- a/armsrc/BigBuf.h
+++ b/armsrc/BigBuf.h
@ -0,0 +1,40 @@
 //-----------------------------------------------------------------------------
 // Jonathan Westhues, Aug 2005
 // Gerhard de Koning Gans, April 2008, May 2011
 //
 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
 // at your option, any later version. See the LICENSE.txt file for the text of
 // the license.
 //-----------------------------------------------------------------------------
 // BigBuf and functions to allocate/free parts of it.
 //-----------------------------------------------------------------------------
 #ifndef __BIGBUF_H
 #define __BIGBUF_H
 #define BIGBUF_SIZE				40000
 #define TRACE_OFFSET			0
 #define TRACE_SIZE				3000
 #define RECV_CMD_OFFSET			(TRACE_OFFSET + TRACE_SIZE)
 #define MAX_FRAME_SIZE			256
 #define MAX_PARITY_SIZE			((MAX_FRAME_SIZE + 1)/ 8)
 #define RECV_CMD_PAR_OFFSET		(RECV_CMD_OFFSET + MAX_FRAME_SIZE)
 #define RECV_RESP_OFFSET		(RECV_CMD_PAR_OFFSET + MAX_PARITY_SIZE)
 #define RECV_RESP_PAR_OFFSET 	(RECV_RESP_OFFSET + MAX_FRAME_SIZE)
 #define CARD_MEMORY_OFFSET		(RECV_RESP_PAR_OFFSET + MAX_PARITY_SIZE)
 #define CARD_MEMORY_SIZE		4096	
 #define DMA_BUFFER_OFFSET  		CARD_MEMORY_OFFSET
 #define DMA_BUFFER_SIZE    		CARD_MEMORY_SIZE
 #define FREE_BUFFER_OFFSET 		(CARD_MEMORY_OFFSET + CARD_MEMORY_SIZE)
 #define FREE_BUFFER_SIZE   		(BIGBUF_SIZE - FREE_BUFFER_OFFSET - 1)
 extern uint8_t *BigBuf_get_addr(void);
 extern uint16_t BigBuf_max_trace_len(void);
 void BigBuf_Clear(void);
 extern uint8_t *BigBuf_malloc(uint16_t);
 extern void BigBuf_free(void);
 extern uint16_t traceLen;
 #endif /* __BIGBUF_H */
--- a/armsrc/Makefile
+++ b/armsrc/Makefile
@ -41,8 +41,8 @@ ARMSRC = fpgaloader.c \
 	$(SRC_CRAPTO1) \
 	$(SRC_CRC) \
 	legic_prng.c \
-	iclass.c
+	iclass.c \
-
+	BigBuf.c \
 # stdint.h provided locally until GCC 4.5 becomes C99 compliant
 APP_CFLAGS += -I.
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@ -42,12 +42,6 @@ int ToSendMax;
 static int ToSendBit;
 struct common_area common_area __attribute__((section(".commonarea")));
 void BufferClear(void)
 {
 	memset(BigBuf,0,sizeof(BigBuf));
 	Dbprintf("Buffer cleared (%i bytes)",sizeof(BigBuf));
 }
 void ToSendReset(void)
 {
 	ToSendMax = -1;
@ -246,7 +240,7 @@ void MeasureAntennaTuningHf(void)
 void SimulateTagHfListen(void)
 {
-	uint8_t *dest = (uint8_t *)BigBuf+FREE_BUFFER_OFFSET;
+	uint8_t *dest = BigBuf_get_addr() + FREE_BUFFER_OFFSET;
 	uint8_t v = 0;
 	int i;
 	int p = 0;
@ -808,10 +802,10 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			MifareUC_Auth2(c->arg[0],c->d.asBytes);
 			break;
 		case CMD_MIFAREU_READCARD:
-			MifareUReadCard(c->arg[0],c->arg[1],c->d.asBytes);
+			MifareUReadCard(c->arg[0], c->arg[1], c->d.asBytes);
 			break;
 		case CMD_MIFAREUC_READCARD:
-			MifareUReadCard(c->arg[0],c->arg[1],c->d.asBytes);
+			MifareUReadCard(c->arg[0], c->arg[1], c->d.asBytes);
 			break;
 		case CMD_MIFARE_READSC:
 			MifareReadSector(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
@ -891,7 +885,7 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			break;
 		case CMD_BUFF_CLEAR:
-			BufferClear();
+			BigBuf_Clear();
 			break;
 		case CMD_MEASURE_ANTENNA_TUNING:
@ -915,9 +909,10 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K:
 			LED_B_ON();
 			uint8_t *BigBuf = BigBuf_get_addr();
 			for(size_t i=0; i<c->arg[1]; i += USB_CMD_DATA_SIZE) {
 				size_t len = MIN((c->arg[1] - i),USB_CMD_DATA_SIZE);
-				cmd_send(CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K,i,len,0,((byte_t*)BigBuf)+c->arg[0]+i,len);
+				cmd_send(CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K,i,len,0,BigBuf+c->arg[0]+i,len);
 			}
 			// Trigger a finish downloading signal with an ACK frame
 			cmd_send(CMD_ACK,0,0,0,0,0);
@ -925,7 +920,7 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			break;
 		case CMD_DOWNLOADED_SIM_SAMPLES_125K: {
-			uint8_t *b = (uint8_t *)BigBuf;
+			uint8_t *b = BigBuf_get_addr();
 			memcpy(b+c->arg[0], c->d.asBytes, USB_CMD_DATA_SIZE);
 			cmd_send(CMD_ACK,0,0,0,0,0);
 			break;
--- a/armsrc/apps.h
+++ b/armsrc/apps.h
@ -17,50 +17,10 @@
 #include "common.h"
 #include "hitag2.h"
 #include "mifare.h"
 #include "../common/crc32.h"
-
+#include "BigBuf.h"
 // The large multi-purpose buffer, typically used to hold A/D samples,
 // maybe processed in some way.
 #define BIGBUF_SIZE				40000
 uint32_t BigBuf[BIGBUF_SIZE / sizeof(uint32_t)];
 #define TRACE_OFFSET			0
 #define TRACE_SIZE				3000
 #define RECV_CMD_OFFSET			(TRACE_OFFSET + TRACE_SIZE)
 #define MAX_FRAME_SIZE			256
 #define MAX_PARITY_SIZE			((MAX_FRAME_SIZE + 1)/ 8)
 #define RECV_CMD_PAR_OFFSET		(RECV_CMD_OFFSET + MAX_FRAME_SIZE)
 #define RECV_RESP_OFFSET		(RECV_CMD_PAR_OFFSET + MAX_PARITY_SIZE)
 #define RECV_RESP_PAR_OFFSET 	(RECV_RESP_OFFSET + MAX_FRAME_SIZE)
 #define CARD_MEMORY_OFFSET		(RECV_RESP_PAR_OFFSET + MAX_PARITY_SIZE)
 #define CARD_MEMORY_SIZE		4096	
 #define DMA_BUFFER_OFFSET  		CARD_MEMORY_OFFSET
 #define DMA_BUFFER_SIZE    		CARD_MEMORY_SIZE
 #define FREE_BUFFER_OFFSET 		(CARD_MEMORY_OFFSET + CARD_MEMORY_SIZE)
 #define FREE_BUFFER_SIZE   		(BIGBUF_SIZE - FREE_BUFFER_OFFSET - 1)
 /*
 The statements above translates into this :
 BIGBUF_SIZE         = 40000
 TRACE_OFFSET        = 0
 TRACE_SIZE          = 3000
 RECV_CMD_OFFSET     = 3000
 MAX_FRAME_SIZE      = 256
 MAX_PARITY_SIZE     = 32
 RECV_CMD_PAR_OFFSET = 3256
 RECV_RESP_OFFSET    = 3288
 RECV_RESP_PAR_OFFSET= 3544
 CARD_MEMORY_OFFSET  = 3576
 CARD_MEMORY_SIZE    = 4096
 DMA_BUFFER_OFFSET   = 3576
 DMA_BUFFER_SIZE     = 4096
 FREE_BUFFER_OFFSET  = 7672
 FREE_BUFFER_SIZE    = 32327
 */
 extern const uint8_t OddByteParity[256];
 extern uint8_t *trace; // = (uint8_t *) BigBuf;
 extern int traceLen;   // = 0;
 extern int rsamples;   // = 0;
 extern int tracing;    // = TRUE;
 extern uint8_t trigger;
@ -88,7 +48,6 @@ void SnoopLFRawAdcSamples(int divisor, int trigger_threshold);
 void DoAcquisition125k(int trigger_threshold);
 extern int ToSendMax;
 extern uint8_t ToSend[];
 extern uint32_t BigBuf[];
 /// fpga.h
 void FpgaSendCommand(uint16_t cmd, uint16_t v);
--- a/armsrc/hitag2.c
+++ b/armsrc/hitag2.c
@ -29,8 +29,12 @@ bool bAuthenticating;
 bool bPwd;
 bool bSuccessful;
 int LogTraceHitag(const uint8_t * btBytes, int iBits, int iSamples, uint32_t dwParity, int bReader)
 {
  static uint16_t traceLen = 0;
  uint8_t *trace = BigBuf_get_addr();
  // Return when trace is full
  if (traceLen >= TRACE_SIZE) return FALSE;
@ -92,7 +96,6 @@ static struct hitag2_tag tag = {
 #define AUTH_TABLE_OFFSET FREE_BUFFER_OFFSET
 #define AUTH_TABLE_LENGTH FREE_BUFFER_SIZE
 byte_t* auth_table = (byte_t *)BigBuf+AUTH_TABLE_OFFSET;
 size_t auth_table_pos = 0;
 size_t auth_table_len = AUTH_TABLE_LENGTH;
@ -302,6 +305,8 @@ static void hitag_send_frame(const byte_t* frame, size_t frame_len)
 void hitag2_handle_reader_command(byte_t* rx, const size_t rxlen, byte_t* tx, size_t* txlen)
 {
    byte_t* auth_table;
    auth_table = (byte_t *)BigBuf_get_addr() + AUTH_TABLE_OFFSET;
 	byte_t rx_air[HITAG_FRAME_LEN];
 	// Copy the (original) received frame how it is send over the air
@ -664,6 +669,10 @@ bool hitag2_authenticate(byte_t* rx, const size_t rxlen, byte_t* tx, size_t* txl
 }
 bool hitag2_test_auth_attempts(byte_t* rx, const size_t rxlen, byte_t* tx, size_t* txlen) {
    byte_t* auth_table;
    auth_table = (byte_t *)BigBuf_get_addr() + AUTH_TABLE_OFFSET;
 	// Reset the transmission frame length 
 	*txlen = 0;
@ -736,6 +745,8 @@ void SnoopHitag(uint32_t type) {
 	auth_table_len = 0;
 	auth_table_pos = 0;
    byte_t* auth_table;
    auth_table = (byte_t *)BigBuf_get_addr() + AUTH_TABLE_OFFSET;
 	memset(auth_table, 0x00, AUTH_TABLE_LENGTH);
 	DbpString("Starting Hitag2 snoop");
@ -945,6 +956,8 @@ void SimulateHitagTag(bool tag_mem_supplied, byte_t* data) {
 	iso14a_clear_trace();
 	auth_table_len = 0;
 	auth_table_pos = 0;
    byte_t* auth_table;
    auth_table = (byte_t *)BigBuf_get_addr() + AUTH_TABLE_OFFSET;
 	memset(auth_table, 0x00, AUTH_TABLE_LENGTH);
 	DbpString("Starting Hitag2 simulation");
@ -1133,6 +1146,9 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
 	// Clean up trace and prepare it for storing frames
 	iso14a_set_tracing(TRUE);
 	iso14a_clear_trace();
    byte_t* auth_table;
    auth_table = (byte_t *)BigBuf_get_addr() + AUTH_TABLE_OFFSET;
 	DbpString("Starting Hitag reader family");
 	// Check configuration
--- a/armsrc/iclass.c
+++ b/armsrc/iclass.c
@ -640,9 +640,9 @@ void RAMFUNC SnoopIClass(void)
    // The command (reader -> tag) that we're receiving.
 	// The length of a received command will in most cases be no more than 18 bytes.
 	// So 32 should be enough!
-	uint8_t *readerToTagCmd = (((uint8_t *)BigBuf) + RECV_CMD_OFFSET);
+	uint8_t *readerToTagCmd = BigBuf_get_addr() + RECV_CMD_OFFSET;
    // The response (tag -> reader) that we're receiving.
-	uint8_t *tagToReaderResponse = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET);
+	uint8_t *tagToReaderResponse = BigBuf_get_addr() + RECV_RESP_OFFSET;
    FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
@ -652,9 +652,9 @@ void RAMFUNC SnoopIClass(void)
    iso14a_set_trigger(FALSE);
    // The DMA buffer, used to stream samples from the FPGA
-    int8_t *dmaBuf = ((int8_t *)BigBuf) + DMA_BUFFER_OFFSET;
+    uint8_t *dmaBuf = BigBuf_get_addr() + DMA_BUFFER_OFFSET;
    int lastRxCounter;
-    int8_t *upTo;
+    uint8_t *upTo;
    int smpl;
    int maxBehindBy = 0;
@ -1065,26 +1065,26 @@ int doIClassSimulation(uint8_t csn[], int breakAfterMacReceived, uint8_t *reader
 	//uint8_t sof = 0x0f;
 	// Respond SOF -- takes 1 bytes
-	uint8_t *resp1 = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET);
+	uint8_t *resp1 = (BigBuf_get_addr() + FREE_BUFFER_OFFSET);
 	int resp1Len;
 	// Anticollision CSN (rotated CSN)
 	// 22: Takes 2 bytes for SOF/EOF and 10 * 2 = 20 bytes (2 bytes/byte)
-	uint8_t *resp2 = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET + 2);
+	uint8_t *resp2 = (BigBuf_get_addr() + FREE_BUFFER_OFFSET + 2);
 	int resp2Len;
 	// CSN
 	// 22: Takes 2 bytes for SOF/EOF and 10 * 2 = 20 bytes (2 bytes/byte)
-	uint8_t *resp3 = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET + 30);
+	uint8_t *resp3 = (BigBuf_get_addr() + FREE_BUFFER_OFFSET + 30);
 	int resp3Len;
 	// e-Purse
 	// 18: Takes 2 bytes for SOF/EOF and 8 * 2 = 16 bytes (2 bytes/byte)
-	uint8_t *resp4 = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET + 60);
+	uint8_t *resp4 = (BigBuf_get_addr() + FREE_BUFFER_OFFSET + 60);
 	int resp4Len;
 	// + 1720..
-	uint8_t *receivedCmd = (((uint8_t *)BigBuf) + RECV_CMD_OFFSET);
+	uint8_t *receivedCmd = BigBuf_get_addr() + RECV_CMD_OFFSET;
 	memset(receivedCmd, 0x44, MAX_FRAME_SIZE);
 	int len;
@ -1529,7 +1529,7 @@ uint8_t handshakeIclassTag(uint8_t *card_data)
 	static uint8_t identify[]    = { 0x0c };
 	static uint8_t select[]      = { 0x81, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
 	static uint8_t readcheck_cc[]= { 0x88, 0x02 };
-	uint8_t *resp = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET);
+	uint8_t *resp = BigBuf_get_addr() + RECV_RESP_OFFSET;
 	uint8_t read_status = 0;
@ -1650,7 +1650,7 @@ void ReaderIClass_Replay(uint8_t arg0, uint8_t *MAC) {
 	  int keyaccess;
 	} memory;
-	uint8_t* resp = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET);
+	uint8_t* resp = BigBuf_get_addr() + RECV_RESP_OFFSET;
    setupIclassReader();
--- a/armsrc/iso14443.c
+++ b/armsrc/iso14443.c
@ -339,10 +339,10 @@ void SimulateIso14443Tag(void)
    uint8_t *resp;
    int respLen;
-    uint8_t *resp1 = (((uint8_t *)BigBuf) + 800);
+    uint8_t *resp1 = BigBuf_get_addr() + 800;
    int resp1Len;
-    uint8_t *receivedCmd = (uint8_t *)BigBuf;
+    uint8_t *receivedCmd = BigBuf_get_addr();
    int len;
    int i;
@ -629,31 +629,32 @@ static void GetSamplesFor14443Demod(int weTx, int n, int quiet)
    int gotFrame = FALSE;
 //#   define DMA_BUFFER_SIZE 8
-    int8_t *dmaBuf;
+    uint8_t *dmaBuf;
    int lastRxCounter;
-    int8_t *upTo;
+    uint8_t *upTo;
    int ci, cq;
    int samples = 0;
    // Clear out the state of the "UART" that receives from the tag.
 	uint8_t *BigBuf = BigBuf_get_addr();
    memset(BigBuf, 0x00, 400);
-    Demod.output = (uint8_t *)BigBuf;
+    Demod.output = BigBuf;
    Demod.len = 0;
    Demod.state = DEMOD_UNSYNCD;
    // And the UART that receives from the reader
-    Uart.output = (((uint8_t *)BigBuf) + 1024);
+    Uart.output = BigBuf + 1024;
    Uart.byteCntMax = 100;
    Uart.state = STATE_UNSYNCD;
    // Setup for the DMA.
-    dmaBuf = (int8_t *)(BigBuf + 32);
+    dmaBuf = BigBuf + 32;
    upTo = dmaBuf;
    lastRxCounter = DEMOD_DMA_BUFFER_SIZE;
-    FpgaSetupSscDma((uint8_t *)dmaBuf, DEMOD_DMA_BUFFER_SIZE);
+    FpgaSetupSscDma(dmaBuf, DEMOD_DMA_BUFFER_SIZE);
    // Signal field is ON with the appropriate LED:
    if (weTx) LED_D_ON(); else LED_D_OFF();
@ -1013,19 +1014,19 @@ void RAMFUNC SnoopIso14443(void)
    FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
    // The command (reader -> tag) that we're working on receiving.
-    uint8_t *receivedCmd = (uint8_t *)(BigBuf) + DEMOD_TRACE_SIZE;
+    uint8_t *receivedCmd = BigBuf_get_addr() + DEMOD_TRACE_SIZE;
    // The response (tag -> reader) that we're working on receiving.
-    uint8_t *receivedResponse = (uint8_t *)(BigBuf) + DEMOD_TRACE_SIZE + READER_TAG_BUFFER_SIZE;
+    uint8_t *receivedResponse = BigBuf_get_addr() + DEMOD_TRACE_SIZE + READER_TAG_BUFFER_SIZE;
    // As we receive stuff, we copy it from receivedCmd or receivedResponse
    // into trace, along with its length and other annotations.
-    uint8_t *trace = (uint8_t *)BigBuf;
+    uint8_t *trace = BigBuf_get_addr();
    int traceLen = 0;
    // The DMA buffer, used to stream samples from the FPGA.
-    int8_t *dmaBuf = (int8_t *)(BigBuf) + DEMOD_TRACE_SIZE + READER_TAG_BUFFER_SIZE + TAG_READER_BUFFER_SIZE;
+    uint8_t *dmaBuf = BigBuf_get_addr() + DEMOD_TRACE_SIZE + READER_TAG_BUFFER_SIZE + TAG_READER_BUFFER_SIZE;
    int lastRxCounter;
-    int8_t *upTo;
+    uint8_t *upTo;
    int ci, cq;
    int maxBehindBy = 0;
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@ -22,9 +22,7 @@
 #include "mifareutil.h"
 static uint32_t iso14a_timeout;
 uint8_t *trace = (uint8_t *) BigBuf+TRACE_OFFSET;
 int rsamples = 0;
 int traceLen = 0;
 int tracing = TRUE;
 uint8_t trigger = 0;
 // the block number for the ISO14443-4 PCB
@ -149,6 +147,7 @@ void iso14a_set_trigger(bool enable) {
 }
 void iso14a_clear_trace() {
 	uint8_t *trace = BigBuf_get_addr();
 	memset(trace, 0x44, TRACE_SIZE);
 	traceLen = 0;
 }
@ -204,6 +203,7 @@ bool RAMFUNC LogTrace(const uint8_t *btBytes, uint16_t iLen, uint32_t timestamp_
 {
 	if (!tracing) return FALSE;
 	uint8_t *trace = BigBuf_get_addr();
 	uint16_t num_paritybytes = (iLen-1)/8 + 1;	// number of valid paritybytes in *parity
 	uint16_t duration = timestamp_end - timestamp_start;
@ -604,19 +604,19 @@ void RAMFUNC SnoopIso14443a(uint8_t param) {
 	// The command (reader -> tag) that we're receiving.
 	// The length of a received command will in most cases be no more than 18 bytes.
 	// So 32 should be enough!
-	uint8_t *receivedCmd = ((uint8_t *)BigBuf) + RECV_CMD_OFFSET;
+	uint8_t *receivedCmd = BigBuf_get_addr() + RECV_CMD_OFFSET;
-	uint8_t *receivedCmdPar = ((uint8_t *)BigBuf) + RECV_CMD_PAR_OFFSET;
+	uint8_t *receivedCmdPar = BigBuf_get_addr() + RECV_CMD_PAR_OFFSET;
 	// The response (tag -> reader) that we're receiving.
-	uint8_t *receivedResponse = ((uint8_t *)BigBuf) + RECV_RESP_OFFSET;
+	uint8_t *receivedResponse = BigBuf_get_addr() + RECV_RESP_OFFSET;
-	uint8_t *receivedResponsePar = ((uint8_t *)BigBuf) + RECV_RESP_PAR_OFFSET;
+	uint8_t *receivedResponsePar = BigBuf_get_addr() + RECV_RESP_PAR_OFFSET;
 	// As we receive stuff, we copy it from receivedCmd or receivedResponse
 	// into trace, along with its length and other annotations.
 	//uint8_t *trace = (uint8_t *)BigBuf;
 	// The DMA buffer, used to stream samples from the FPGA
-	uint8_t *dmaBuf = ((uint8_t *)BigBuf) + DMA_BUFFER_OFFSET;
+	uint8_t *dmaBuf = BigBuf_get_addr() + DMA_BUFFER_OFFSET;
 	uint8_t *data = dmaBuf;
 	uint8_t previous_data = 0;
 	int maxDataLen = 0;
@ -885,7 +885,7 @@ int EmSendCmdPar(uint8_t *resp, uint16_t respLen, uint8_t *par);
 bool EmLogTrace(uint8_t *reader_data, uint16_t reader_len, uint32_t reader_StartTime, uint32_t reader_EndTime, uint8_t *reader_Parity,
 				 uint8_t *tag_data, uint16_t tag_len, uint32_t tag_StartTime, uint32_t tag_EndTime, uint8_t *tag_Parity);
-static uint8_t* free_buffer_pointer = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET);
+static uint8_t* free_buffer_pointer;
 typedef struct {
  uint8_t* response;
@ -896,7 +896,7 @@ typedef struct {
 } tag_response_info_t;
 void reset_free_buffer() {
-  free_buffer_pointer = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET);
+  free_buffer_pointer = BigBuf_get_addr() + FREE_BUFFER_OFFSET;
 }
 bool prepare_tag_modulation(tag_response_info_t* response_info, size_t max_buffer_size) {
@ -936,7 +936,7 @@ bool prepare_allocated_tag_modulation(tag_response_info_t* response_info) {
  response_info->modulation = free_buffer_pointer;
  // Determine the maximum size we can use from our buffer
-  size_t max_buffer_size = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET + FREE_BUFFER_SIZE) - free_buffer_pointer;
+  size_t max_buffer_size = BigBuf_get_addr() + FREE_BUFFER_OFFSET + FREE_BUFFER_SIZE - free_buffer_pointer;
  // Forward the prepare tag modulation function to the inner function
  if (prepare_tag_modulation(response_info,max_buffer_size)) {
@ -1091,8 +1091,8 @@ void SimulateIso14443aTag(int tagType, int uid_1st, int uid_2nd, byte_t* data)
 	iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
 	// buffers used on software Uart:
-	uint8_t *receivedCmd = ((uint8_t *)BigBuf) + RECV_CMD_OFFSET;
+	uint8_t *receivedCmd = BigBuf_get_addr() + RECV_CMD_OFFSET;
-	uint8_t *receivedCmdPar = ((uint8_t *)BigBuf) + RECV_CMD_PAR_OFFSET;
+	uint8_t *receivedCmdPar = BigBuf_get_addr() + RECV_CMD_PAR_OFFSET;
 	cmdsRecvd = 0;
 	tag_response_info_t* p_response;
@ -1727,8 +1727,8 @@ int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_hi14a_card, u
 	uint8_t sel_all[]    = { 0x93,0x20 };
 	uint8_t sel_uid[]    = { 0x93,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
 	uint8_t rats[]       = { 0xE0,0x80,0x00,0x00 }; // FSD=256, FSDI=8, CID=0
-	uint8_t *resp = ((uint8_t *)BigBuf) + RECV_RESP_OFFSET;
+	uint8_t *resp = BigBuf_get_addr() + RECV_RESP_OFFSET;
-	uint8_t *resp_par = ((uint8_t *)BigBuf) + RECV_RESP_PAR_OFFSET;
+	uint8_t *resp_par = BigBuf_get_addr() + RECV_RESP_PAR_OFFSET;
 	byte_t uid_resp[4];
 	size_t uid_resp_len;
@ -2020,8 +2020,8 @@ void ReaderMifare(bool first_try)
 	uint8_t mf_nr_ar[]   = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
 	static uint8_t mf_nr_ar3;
-	uint8_t* receivedAnswer = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET);
+	uint8_t* receivedAnswer = BigBuf_get_addr() + RECV_RESP_OFFSET;
-	uint8_t* receivedAnswerPar = (((uint8_t *)BigBuf) + RECV_RESP_PAR_OFFSET);
+	uint8_t* receivedAnswerPar = BigBuf_get_addr() + RECV_RESP_PAR_OFFSET;
 	iso14a_clear_trace();
 	iso14a_set_tracing(TRUE);
@ -2722,18 +2722,18 @@ void RAMFUNC SniffMifare(uint8_t param) {
 	// The command (reader -> tag) that we're receiving.
 	// The length of a received command will in most cases be no more than 18 bytes.
 	// So 32 should be enough!
-	uint8_t *receivedCmd = (((uint8_t *)BigBuf) + RECV_CMD_OFFSET);
+	uint8_t *receivedCmd = BigBuf_get_addr() + RECV_CMD_OFFSET;
-	uint8_t *receivedCmdPar = ((uint8_t *)BigBuf) + RECV_CMD_PAR_OFFSET;
+	uint8_t *receivedCmdPar = BigBuf_get_addr() + RECV_CMD_PAR_OFFSET;
 	// The response (tag -> reader) that we're receiving.
-	uint8_t *receivedResponse = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET);
+	uint8_t *receivedResponse = BigBuf_get_addr() + RECV_RESP_OFFSET;
-	uint8_t *receivedResponsePar = ((uint8_t *)BigBuf) + RECV_RESP_PAR_OFFSET;
+	uint8_t *receivedResponsePar = BigBuf_get_addr() + RECV_RESP_PAR_OFFSET;
 	// As we receive stuff, we copy it from receivedCmd or receivedResponse
 	// into trace, along with its length and other annotations.
 	//uint8_t *trace = (uint8_t *)BigBuf;
 	// The DMA buffer, used to stream samples from the FPGA
-	uint8_t *dmaBuf = ((uint8_t *)BigBuf) + DMA_BUFFER_OFFSET;
+	uint8_t *dmaBuf = BigBuf_get_addr() + DMA_BUFFER_OFFSET;
 	uint8_t *data = dmaBuf;
 	uint8_t previous_data = 0;
 	int maxDataLen = 0;
--- a/armsrc/iso15693.c
+++ b/armsrc/iso15693.c
@ -296,7 +296,7 @@ static void TransmitTo15693Reader(const uint8_t *cmd, int len, int *samples, int
 static int GetIso15693AnswerFromTag(uint8_t *receivedResponse, int maxLen, int *samples, int *elapsed)
 {
 	int c = 0;
-	uint8_t *dest = (uint8_t *)BigBuf;
+	uint8_t *dest = BigBuf_get_addr();
 	int getNext = 0;
 	int8_t prev = 0;
@ -446,7 +446,7 @@ static int GetIso15693AnswerFromTag(uint8_t *receivedResponse, int maxLen, int *
 static int GetIso15693AnswerFromSniff(uint8_t *receivedResponse, int maxLen, int *samples, int *elapsed)
 {
 	int c = 0;
-	uint8_t *dest = (uint8_t *)BigBuf;
+	uint8_t *dest = BigBuf_get_addr();
 	int getNext = 0;
 	int8_t prev = 0;
@ -596,7 +596,7 @@ static void BuildIdentifyRequest(void);
 //-----------------------------------------------------------------------------
 void AcquireRawAdcSamplesIso15693(void)
 {
-	uint8_t *dest = (uint8_t *)BigBuf;
+	uint8_t *dest = BigBuf_get_addr();
 	int c = 0;
 	int getNext = 0;
@ -678,7 +678,7 @@ void AcquireRawAdcSamplesIso15693(void)
 void RecordRawAdcSamplesIso15693(void)
 {
-	uint8_t *dest =  (uint8_t *)BigBuf;
+	uint8_t *dest = BigBuf_get_addr();
 	int c = 0;
 	int getNext = 0;
@ -878,8 +878,8 @@ int SendDataTag(uint8_t *send, int sendlen, int init, int speed, uint8_t **recv)
 	LED_D_OFF();
 	int answerLen=0;
-	uint8_t *answer = (((uint8_t *)BigBuf) + 3660);
+	uint8_t *answer = BigBuf_get_addr() + 3660;
-	if (recv!=NULL) memset(BigBuf + 3660, 0, 100);
+	if (recv != NULL) memset(answer, 0, 100);
 	if (init) Iso15693InitReader();
@ -999,9 +999,9 @@ void ReaderIso15693(uint32_t parameter)
 	LED_C_OFF();
 	LED_D_OFF();
-	uint8_t *answer1 = (((uint8_t *)BigBuf) + 3660); //
+	uint8_t *answer1 = BigBuf_get_addr() + 3660;
-	uint8_t *answer2 = (((uint8_t *)BigBuf) + 3760);
+	uint8_t *answer2 = BigBuf_get_addr() + 3760;
-	uint8_t *answer3 = (((uint8_t *)BigBuf) + 3860);
+	uint8_t *answer3 = BigBuf_get_addr() + 3860;
 	int answerLen1 = 0;
 	int answerLen2 = 0;
@ -1015,7 +1015,7 @@ void ReaderIso15693(uint32_t parameter)
 	// Blank arrays
-	memset(BigBuf + 3660, 0x00, 300);
+	memset(answer1, 0x00, 300);
 	FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
@ -1111,7 +1111,7 @@ void SimTagIso15693(uint32_t parameter, uint8_t *uid)
 	LED_C_OFF();
 	LED_D_OFF();
-	uint8_t *buf = (((uint8_t *)BigBuf) + 3660); //
+	uint8_t *buf = BigBuf_get_addr() + 3660;
 	int answerLen1 = 0;
 	int samples = 0;
@ -1213,7 +1213,7 @@ void BruteforceIso15693Afi(uint32_t speed)
 void DirectTag15693Command(uint32_t datalen,uint32_t speed, uint32_t recv, uint8_t data[]) {
 	int recvlen=0;
-	uint8_t *recvbuf=(uint8_t *)BigBuf;
+	uint8_t *recvbuf = BigBuf_get_addr();
 //	UsbCommand n;
 	if (DEBUG) {
--- a/armsrc/legicrf.c
+++ b/armsrc/legicrf.c
@ -98,13 +98,14 @@ static uint32_t get_key_stream(int skip, int count)
  }
  /* Write Time Data into LOG */
  uint8_t *BigBuf = BigBuf_get_addr();
  if(count == 6) { i = -1; } else { i = legic_read_count; }
-  ((uint8_t*)BigBuf)[OFFSET_LOG+128+i] = legic_prng_count();
+  BigBuf[OFFSET_LOG+128+i] = legic_prng_count();
-  ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4]   = (legic_prng_bc >> 0) & 0xff;
+  BigBuf[OFFSET_LOG+256+i*4]   = (legic_prng_bc >> 0) & 0xff;
-  ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4+1] = (legic_prng_bc >> 8) & 0xff;
+  BigBuf[OFFSET_LOG+256+i*4+1] = (legic_prng_bc >> 8) & 0xff;
-  ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4+2] = (legic_prng_bc >>16) & 0xff;
+  BigBuf[OFFSET_LOG+256+i*4+2] = (legic_prng_bc >>16) & 0xff;
-  ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4+3] = (legic_prng_bc >>24) & 0xff;
+  BigBuf[OFFSET_LOG+256+i*4+3] = (legic_prng_bc >>24) & 0xff;
-  ((uint8_t*)BigBuf)[OFFSET_LOG+384+i] = count;
+  BigBuf[OFFSET_LOG+384+i] = count;
  /* Generate KeyStream */
  for(i=0; i<count; i++) {
@ -426,6 +427,7 @@ int LegicRfReader(int offset, int bytes) {
 	LegicCommonInit();
 	uint8_t *BigBuf = BigBuf_get_addr();
 	memset(BigBuf, 0, 1024);
 	DbpString("setting up legic card");
@ -465,7 +467,7 @@ int LegicRfReader(int offset, int bytes) {
       		LED_C_OFF();
 	        return -1;
 		}
-		((uint8_t*)BigBuf)[byte_index] = r;
+		BigBuf[byte_index] = r;
        WDT_HIT();
 		byte_index++;
 		if(byte_index & 0x10) LED_C_ON(); else LED_C_OFF();
@ -480,6 +482,7 @@ int LegicRfReader(int offset, int bytes) {
 void LegicRfWriter(int bytes, int offset) {
 	int byte_index=0, addr_sz=0;
 	uint8_t *BigBuf = BigBuf_get_addr();
 	LegicCommonInit();
@ -512,7 +515,7 @@ void LegicRfWriter(int bytes, int offset) {
 	perform_setup_phase_rwd(SESSION_IV);
    legic_prng_forward(2);
 	while(byte_index < bytes) {
-		int r = legic_write_byte(((uint8_t*)BigBuf)[byte_index+offset], byte_index+offset, addr_sz);
+		int r = legic_write_byte(BigBuf[byte_index+offset], byte_index+offset, addr_sz);
 		if((r != 0) || BUTTON_PRESS()) {
 			Dbprintf("operation aborted @ 0x%03.3x", byte_index);
 			switch_off_tag_rwd();
@ -534,6 +537,8 @@ int timestamp;
 /* Handle (whether to respond) a frame in tag mode */
 static void frame_handle_tag(struct legic_frame const * const f)
 {
 	uint8_t *BigBuf = BigBuf_get_addr();
   /* First Part of Handshake (IV) */
   if(f->bits == 7) {
     if(f->data == SESSION_IV) {
@ -582,9 +587,9 @@ static void frame_handle_tag(struct legic_frame const * const f)
      if(legic_state == STATE_CON) {
         int key   = get_key_stream(-1, 11); //legic_phase_drift, 11);
         int addr  = f->data ^ key; addr = addr >> 1;
-         int data = ((uint8_t*)BigBuf)[addr];
+         int data = BigBuf[addr];
         int hash = LegicCRC(addr, data, 11) << 8;
-         ((uint8_t*)BigBuf)[OFFSET_LOG+legic_read_count] = (uint8_t)addr;
+         BigBuf[OFFSET_LOG+legic_read_count] = (uint8_t)addr;
         legic_read_count++;
         //Dbprintf("Data:%03.3x, key:%03.3x, addr: %03.3x, read_c:%u", f->data, key, addr, read_c);
@ -619,19 +624,19 @@ static void frame_handle_tag(struct legic_frame const * const f)
      int i;
      Dbprintf("IV: %03.3x", legic_prng_iv);
      for(i = 0; i<legic_read_count; i++) {
-         Dbprintf("Read Nb: %u, Addr: %u", i, ((uint8_t*)BigBuf)[OFFSET_LOG+i]);
+         Dbprintf("Read Nb: %u, Addr: %u", i, BigBuf[OFFSET_LOG+i]);
      }
      for(i = -1; i<legic_read_count; i++) {
         uint32_t t;
-         t  = ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4];
+         t  = BigBuf[OFFSET_LOG+256+i*4];
-         t |= ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4+1] << 8;
+         t |= BigBuf[OFFSET_LOG+256+i*4+1] << 8;
-         t |= ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4+2] <<16;
+         t |= BigBuf[OFFSET_LOG+256+i*4+2] <<16;
-         t |= ((uint8_t*)BigBuf)[OFFSET_LOG+256+i*4+3] <<24;
+         t |= BigBuf[OFFSET_LOG+256+i*4+3] <<24;
         Dbprintf("Cycles: %u, Frame Length: %u, Time: %u", 
-            ((uint8_t*)BigBuf)[OFFSET_LOG+128+i],
+            BigBuf[OFFSET_LOG+128+i],
-            ((uint8_t*)BigBuf)[OFFSET_LOG+384+i],
+            BigBuf[OFFSET_LOG+384+i],
            t);
      }
   }
--- a/armsrc/lfops.c
+++ b/armsrc/lfops.c
@ -25,8 +25,8 @@
 */
 void DoAcquisition125k_internal(int trigger_threshold,bool silent)
 {
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
-    int n = sizeof(BigBuf);
+    int n = BigBuf_max_trace_len();
    int i;
    memset(dest, 0, n);
@ -177,8 +177,8 @@ void ReadTItag(void)
 #define FREQLO 123200
 #define FREQHI 134200
-    signed char *dest = (signed char *)BigBuf;
+    signed char *dest = (signed char *)BigBuf_get_addr();
-    int n = sizeof(BigBuf);
+    uint16_t n = BigBuf_max_trace_len();
    // 128 bit shift register [shift3:shift2:shift1:shift0]
    uint32_t shift3 = 0, shift2 = 0, shift1 = 0, shift0 = 0;
@ -330,7 +330,8 @@ void AcquireTiType(void)
 #define TIBUFLEN 1250
    // clear buffer
-    memset(BigBuf,0,sizeof(BigBuf));
+	uint32_t *BigBuf = (uint32_t *)BigBuf_get_addr();
    memset(BigBuf,0,BigBuf_max_trace_len()/sizeof(uint32_t));
    // Set up the synchronous serial port
    AT91C_BASE_PIOA->PIO_PDR = GPIO_SSC_DIN;
@ -378,7 +379,7 @@ void AcquireTiType(void)
    AT91C_BASE_PIOA->PIO_PDR = GPIO_SSC_DOUT;
    AT91C_BASE_PIOA->PIO_ASR = GPIO_SSC_DIN | GPIO_SSC_DOUT;
-    char *dest = (char *)BigBuf;
+    char *dest = (char *)BigBuf_get_addr();
    n = TIBUFLEN*32;
    // unpack buffer
    for (i=TIBUFLEN-1; i>=0; i--) {
@ -467,7 +468,7 @@ void WriteTItag(uint32_t idhi, uint32_t idlo, uint16_t crc)
 void SimulateTagLowFrequency(int period, int gap, int ledcontrol)
 {
    int i;
-    uint8_t *tab = (uint8_t *)BigBuf;
+    uint8_t *tab = BigBuf_get_addr();
    FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
    FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_EDGE_DETECT);
@ -527,7 +528,7 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0)
 // compose fc/8 fc/10 waveform
 static void fc(int c, int *n) {
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
    int idx;
    // for when we want an fc8 pattern every 4 logical bits
@ -631,7 +632,7 @@ void CmdHIDsimTAG(int hi, int lo, int ledcontrol)
 // loop to get raw HID waveform then FSK demodulate the TAG ID from it
 void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
 {
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
    size_t size=sizeof(BigBuf); 
    uint32_t hi2=0, hi=0, lo=0;
@ -646,6 +647,7 @@ void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
        DoAcquisition125k_internal(-1,true);
        // FSK demodulator
 		idx = HIDdemodFSK(dest, BigBuf_max_trace_len(), &hi2, &hi, &lo);
        WDT_HIT();
        size = sizeof(BigBuf);
@ -720,7 +722,7 @@ void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
 void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol)
 {
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
 	size_t size=0, idx=0;
    int clk=0, invert=0, errCnt=0;
@ -734,7 +736,7 @@ void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol)
        if (ledcontrol) LED_A_ON();
        DoAcquisition125k_internal(-1,true);
-        size  = sizeof(BigBuf);
+        size  = BigBuf_max_trace_len();
        //Dbprintf("DEBUG: Buffer got");
 		//askdemod and manchester decode
 		errCnt = askmandemod(dest, &size, &clk, &invert);
@ -772,7 +774,7 @@ void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol)
 void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol)
 {
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
    int idx=0;
    uint32_t code=0, code2=0;
    uint8_t version=0;
@ -787,7 +789,7 @@ void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol)
        DoAcquisition125k_internal(-1,true);
        //fskdemod and get start index
        WDT_HIT();
-        idx = IOdemodFSK(dest,sizeof(BigBuf));
+        idx = IOdemodFSK(dest, BigBuf_max_trace_len());
        if (idx>0){
            //valid tag found
@ -959,11 +961,11 @@ void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMod
 // Read one card block in page 0
 void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode)
 {
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
    //int m=0, i=0; //enio adjustment 12/10/14
    uint32_t m=0, i=0;
    FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
-    m = sizeof(BigBuf);
+    m = BigBuf_max_trace_len();
    // Clear destination buffer before sending the command
    memset(dest, 128, m);
    // Connect the A/D to the peak-detected low-frequency path.
@ -1024,11 +1026,11 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode)
 // Read card traceability data (page 1)
 void T55xxReadTrace(void){
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
    int m=0, i=0;
    FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
-    m = sizeof(BigBuf);
+    m = BigBuf_max_trace_len();
    // Clear destination buffer before sending the command
    memset(dest, 128, m);
    // Connect the A/D to the peak-detected low-frequency path.
@ -1378,8 +1380,8 @@ void CopyIndala224toT55x7(int uid1, int uid2, int uid3, int uid4, int uid5, int
 int DemodPCF7931(uint8_t **outBlocks) {
    uint8_t BitStream[256];
    uint8_t Blocks[8][16];
-    uint8_t *GraphBuffer = (uint8_t *)BigBuf;
+    uint8_t *GraphBuffer = BigBuf_get_addr();
-    int GraphTraceLen = sizeof(BigBuf);
+    int GraphTraceLen = BigBuf_max_trace_len();
    int i, j, lastval, bitidx, half_switch;
    int clock = 64;
    int tolerance = clock / 8;
@ -1796,7 +1798,7 @@ void EM4xLogin(uint32_t Password) {
 void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode) {
    uint8_t fwd_bit_count;
-    uint8_t *dest = (uint8_t *)BigBuf;
+    uint8_t *dest = BigBuf_get_addr();
    int m=0, i=0;
    //If password mode do login
@ -1806,7 +1808,7 @@ void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode) {
    fwd_bit_count = Prepare_Cmd( FWD_CMD_READ );
    fwd_bit_count += Prepare_Addr( Address );
-    m = sizeof(BigBuf);
+    m = BigBuf_max_trace_len();
    // Clear destination buffer before sending the command
    memset(dest, 128, m);
    // Connect the A/D to the peak-detected low-frequency path.
--- a/armsrc/mifaresniff.c
+++ b/armsrc/mifaresniff.c
@ -151,6 +151,7 @@ bool intMfSniffSend() {
 	int pckSize = 0;
 	int pckLen = traceLen;
 	int pckNum = 0;
 	uint8_t *trace = BigBuf_get_addr();
 	FpgaDisableSscDma();
 	while (pckLen > 0) {
--- a/armsrc/mifareutil.c
+++ b/armsrc/mifareutil.c
@ -23,13 +23,13 @@ int MF_DBGLEVEL = MF_DBG_ALL;
 // memory management
 uint8_t* get_bigbufptr_recvrespbuf(void) {
-	return (((uint8_t *)BigBuf) + RECV_RESP_OFFSET);	
+	return BigBuf_get_addr() + RECV_RESP_OFFSET;	
 }
 uint8_t* get_bigbufptr_recvcmdbuf(void) {
-	return (((uint8_t *)BigBuf) + RECV_CMD_OFFSET);	
+	return BigBuf_get_addr() + RECV_CMD_OFFSET;	
 }
 uint8_t* get_bigbufptr_emlcardmem(void) {
-	return (((uint8_t *)BigBuf) + CARD_MEMORY_OFFSET);
+	return BigBuf_get_addr() + CARD_MEMORY_OFFSET;
 }
 // crypto1 helpers