From 1c7de4a8c3310a6f1d3ec92d9f90bc09b519c86b Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Tue, 23 Jun 2020 11:13:49 +0200 Subject: [PATCH] fix: "lf search" / "lf hitag" - no more stack overflow in hitag reader --- armsrc/hitag2.c | 52 +++++++++++++++++++++++++++-------------- armsrc/lfadc.c | 50 +++++++++++++++------------------------ client/src/cmdlfhitag.c | 2 +- 3 files changed, 55 insertions(+), 49 deletions(-) diff --git a/armsrc/hitag2.c b/armsrc/hitag2.c index cf1aa46c1..79b09395f 100644 --- a/armsrc/hitag2.c +++ b/armsrc/hitag2.c @@ -36,7 +36,7 @@ #include "lfsampling.h" #include "lfdemod.h" #include "commonutil.h" - +#include "appmain.h" #define test_bit(data, i) (*(data + (i/8)) >> (7-(i % 8))) & 1 #define set_bit(data, i) *(data + (i/8)) |= (1 << (7-(i % 8))) @@ -1002,15 +1002,20 @@ void SniffHitag2(void) { size_t periods = 0; uint8_t periods_bytes[4]; - int16_t checked = 0; + // int16_t checked = 0; /*bool waiting_for_first_edge = true;*/ LED_C_ON(); + uint32_t signal_size = 10000; while (!BUTTON_PRESS()) { + // use malloc + initSampleBufferEx(&signal_size, false); + WDT_HIT(); +/* // only every 1000th times, in order to save time when collecting samples. if (checked == 1000) { if (data_available()) { @@ -1021,13 +1026,14 @@ void SniffHitag2(void) { } } ++checked; + */ // Receive frame, watch for at most T0*EOF periods // lf_reset_counter(); // Wait "infinite" for reader modulation - periods = lf_detect_gap(20000); + periods = lf_detect_gap(10000); // Test if we detected the first reader modulation edge if (periods != 0) { @@ -1042,7 +1048,6 @@ void SniffHitag2(void) { num_to_bytes(periods, 4, periods_bytes); LogTrace(periods_bytes, 4, 0, 0, NULL, true); } - } lf_finalize(); @@ -1064,7 +1069,7 @@ void SimulateHitag2(bool tag_mem_supplied, uint8_t *data) { int response = 0; uint8_t rx[HITAG_FRAME_LEN] = {0}; size_t rxlen = 0; - uint8_t tx[HITAG_FRAME_LEN]; + uint8_t tx[HITAG_FRAME_LEN] = {0}; size_t txlen = 0; auth_table_len = 0; @@ -1108,8 +1113,11 @@ void SimulateHitag2(bool tag_mem_supplied, uint8_t *data) { // int16_t checked = 0; // SIMULATE + uint32_t signal_size = 10000; + while (BUTTON_PRESS() == false) { - while (!BUTTON_PRESS()) { + // use malloc + initSampleBufferEx(&signal_size, true); LED_D_ON(); @@ -1283,9 +1291,9 @@ void ReaderHitag(hitag_function htf, hitag_data *htd) { uint32_t command_start = 0, command_duration = 0; uint32_t response_start = 0, response_duration = 0; - uint8_t rx[HITAG_FRAME_LEN]; + uint8_t rx[HITAG_FRAME_LEN] = {0}; size_t rxlen = 0; - uint8_t txbuf[HITAG_FRAME_LEN]; + uint8_t txbuf[HITAG_FRAME_LEN] = {0}; uint8_t *tx = txbuf; size_t txlen = 0; @@ -1430,12 +1438,17 @@ void ReaderHitag(hitag_function htf, hitag_data *htd) { size_t nrzs = 0; int16_t checked = 0; - while (!bStop && !BUTTON_PRESS()) { + uint32_t signal_size = 10000; + + while (bStop == false && BUTTON_PRESS() == false) { + + // use malloc + initSampleBufferEx(&signal_size, true); WDT_HIT(); // only every 1000th times, in order to save time when collecting samples. - if (checked == 1000) { + if (checked == 4000) { if (data_available()) { checked = -1; break; @@ -1615,13 +1628,13 @@ void ReaderHitag(hitag_function htf, hitag_data *htd) { } // Pack the response into a byte array - for (size_t i = 5; i < nrzs; i++) { + for (size_t i = 5; i < nrzs && rxlen < (sizeof(rx) << 3); i++) { uint8_t bit = nrz_samples[i]; if (bit > 1) { // When Manchester detects impossible symbol it writes "7" DBG Dbprintf("Error in Manchester decoding, abort"); break; } - rx[rxlen / 8] |= bit << (7 - (rxlen % 8)); + rx[rxlen >> 3] |= bit << (7 - (rxlen % 8)); rxlen++; } @@ -1756,10 +1769,14 @@ void WriterHitag(hitag_function htf, hitag_data *htd, int page) { size_t nrzs = 0; int16_t checked = 0; - while (!bStop && !BUTTON_PRESS()) { + uint32_t signal_size = 10000; + while (bStop == false && BUTTON_PRESS() == false) { - // only every 1000th times, in order to save time when collecting samples. - if (checked == 1000) { + // use malloc + initSampleBufferEx(&signal_size, true); + + // only every 4000th times, in order to save time when collecting samples. + if (checked == 4000) { if (data_available()) { checked = -1; break; @@ -1920,12 +1937,13 @@ void WriterHitag(hitag_function htf, hitag_data *htd, int page) { } // Pack the response into a byte array - for (size_t i = 5; i < nrzs; i++) { + for (size_t i = 5; i < nrzs && rxlen < (sizeof(rx) << 3); i++) { uint8_t bit = nrz_samples[i]; if (bit > 1) { // When Manchester detects impossible symbol it writes "7" break; } - rx[rxlen / 8] |= bit << (7 - (rxlen % 8)); + // >> 3 instead of div by 8 + rx[rxlen >> 3] |= bit << (7 - (rxlen % 8)); rxlen++; } diff --git a/armsrc/lfadc.c b/armsrc/lfadc.c index cec945b20..8c453bdc9 100644 --- a/armsrc/lfadc.c +++ b/armsrc/lfadc.c @@ -11,6 +11,7 @@ #include "fpgaloader.h" #include "ticks.h" #include "dbprint.h" +#include "appmain.h" // Sam7s has several timers, we will use the source TIMER_CLOCK1 (aka AT91C_TC_CLKS_TIMER_DIV1_CLOCK) // TIMER_CLOCK1 = MCK/2, MCK is running at 48 MHz, Timer is running at 48/2 = 24 MHz @@ -72,27 +73,11 @@ void lf_sample_mean(void) { static size_t lf_count_edge_periods_ex(size_t max, bool wait, bool detect_gap) { size_t periods = 0; - volatile uint8_t adc_val; uint8_t avg_peak = adc_avg + 3, avg_through = adc_avg - 3; -// int16_t checked = 0; - - while (!BUTTON_PRESS()) { - - // only every 100th times, in order to save time when collecting samples. - /* - if (checked == 1000) { - if (data_available()) { - break; - } else { - checked = 0; - } - } - ++checked; - */ - WDT_HIT(); + while (BUTTON_PRESS() == false) { if (AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) { - adc_val = AT91C_BASE_SSC->SSC_RHR; + volatile uint8_t adc_val = AT91C_BASE_SSC->SSC_RHR; periods++; if (g_logging) logSampleSimple(adc_val); @@ -105,6 +90,7 @@ static size_t lf_count_edge_periods_ex(size_t max, bool wait, bool detect_gap) { if (adc_val == 0) { return periods; } + } else { // Trigger on a modulation swap by observing an edge change if (rising_edge) { @@ -125,6 +111,7 @@ static size_t lf_count_edge_periods_ex(size_t max, bool wait, bool detect_gap) { if (periods >= max) return 0; } } + if (g_logging) logSampleSimple(0xFF); return 0; } @@ -161,6 +148,7 @@ bool lf_get_reader_modulation(void) { } void lf_wait_periods(size_t periods) { + // wait detect gap lf_count_edge_periods_ex(periods, true, false); } @@ -250,23 +238,22 @@ void lf_finalize(void) { } size_t lf_detect_field_drop(size_t max) { +/* size_t periods = 0; // int16_t checked = 0; - while (!BUTTON_PRESS()) { + while (BUTTON_PRESS() == false) { - /* - // only every 1000th times, in order to save time when collecting samples. - if (checked == 1000) { - if (data_available()) { - checked = -1; - break; - } else { - checked = 0; - } - } - ++checked; - */ + // // only every 1000th times, in order to save time when collecting samples. + // if (checked == 4000) { + // if (data_available()) { + // checked = -1; + // break; + // } else { + // checked = 0; + // } + // } + // ++checked; WDT_HIT(); @@ -284,6 +271,7 @@ size_t lf_detect_field_drop(size_t max) { if (periods == max) return 0; } } +*/ return 0; } diff --git a/client/src/cmdlfhitag.c b/client/src/cmdlfhitag.c index b05405465..bce0e83a6 100644 --- a/client/src/cmdlfhitag.c +++ b/client/src/cmdlfhitag.c @@ -584,7 +584,7 @@ static int CmdLFHitagReader(const char *Cmd) { clearCommandBuffer(); SendCommandMIX(cmd, htf, 0, 0, &htd, sizeof(htd)); PacketResponseNG resp; - if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) { + if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) { PrintAndLogEx(WARNING, "timeout while waiting for reply."); return PM3_ETIMEOUT; }