github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-20 21:33:47 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Prevent potential stack corruption

Browse source
This commit is contained in:
Henry Gabryjelski 2025-01-10 16:59:49 -08:00
commit 18f6604eb0
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
client/src/cmdlfem4x50.c
View file

@ -30,10 +30,12 @@
static int CmdHelp(const char *Cmd); static int CmdHelp(const char *Cmd);
static void em4x50_prepare_result(const uint8_t *data, int fwr, int lwr, em4x50_word_t *words) { // Each record is 4 bytes long ... a single line in the dump output
// Reads each record from `data`, reverses the four bytes, and writes to `words`
static void em4x50_prepare_result(const uint8_t *data, int first_record_inclusive, int last_record_inclusive, em4x50_word_t *words) {
// restructure received result in "em4x50_word_t" structure // restructure received result in "em4x50_word_t" structure
for (int i = fwr; i <= lwr; i++) { for (int i = first_record_inclusive; i <= last_record_inclusive; i++) {
for (int j = 0; j < 4; j++) { for (int j = 0; j < 4; j++) {
words[i].byte[j] = data[i * 4 + (3 - j)]; words[i].byte[j] = data[i * 4 + (3 - j)];
} }
@ -779,6 +781,12 @@ static int CmdEM4x50Reader(const char *Cmd) {
// iceman, misuse of return status code. // iceman, misuse of return status code.
int now = resp.status; int now = resp.status;
// prevent massive stack corruption if unexpected results from device.
if (now > EM4X50_NO_WORDS) {
PrintAndLogEx(WARNING, "word count was: %d, limiting to %d", now, EM4X50_NO_WORDS);
now = EM4X50_NO_WORDS;
}
if (now > 0) { if (now > 0) {
em4x50_word_t words[EM4X50_NO_WORDS]; em4x50_word_t words[EM4X50_NO_WORDS];