From 7e3112242ec3dd66568a73cf5a1a509541965049 Mon Sep 17 00:00:00 2001 From: Yann GASCUEL <34003959+lnv42@users.noreply.github.com> Date: Thu, 25 Jan 2024 11:35:14 +0100 Subject: [PATCH 1/5] iso15 dump file handling: set old format as obsolete in saver --- client/src/fileutils.c | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/client/src/fileutils.c b/client/src/fileutils.c index 1f413c2d8..5bd8a570d 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -501,24 +501,6 @@ int saveFileJSONex(const char *preferredName, JSONFileType ftype, uint8_t *data, } break; } - // handles ISO15693 w blocksize of 4 bytes - case jsf15_v2: { - JsonSaveStr(root, "FileType", "15693 v2"); - for (size_t i = 0; i < datalen / 4; i++) { - snprintf(path, sizeof(path), "$.blocks.%zu", i); - JsonSaveBufAsHexCompact(root, path, &data[i * 4], 4); - } - break; - } - // handles ISO15693 w blocksize of 8 bytes - case jsf15_v3: { - JsonSaveStr(root, "FileType", "15693 v3"); - for (size_t i = 0; i < datalen / 8; i++) { - snprintf(path, sizeof(path), "$.blocks.%zu", i); - JsonSaveBufAsHexCompact(root, path, &data[i * 8], 8); - } - break; - } // handles ISO15693 in iso15_tag_t format case jsf15_v4: { JsonSaveStr(root, "FileType", "15693 v4"); @@ -734,6 +716,8 @@ int saveFileJSONex(const char *preferredName, JSONFileType ftype, uint8_t *data, case jsfCardMemory: case jsf14b: case jsf15: + case jsf15_v2: + case jsf15_v3: case jsfLegic: default: break; From fdb9bbd714bb05fdfa8c02ac6f7d0e6c4f9c2fe7 Mon Sep 17 00:00:00 2001 From: Yann GASCUEL <34003959+lnv42@users.noreply.github.com> Date: Thu, 25 Jan 2024 11:36:21 +0100 Subject: [PATCH 2/5] iso15 dump file handling: support loading old JSON in iso15_tag_t --- client/src/fileutils.c | 148 ++++++++++++++++++++++++++++++++--------- 1 file changed, 118 insertions(+), 30 deletions(-) diff --git a/client/src/fileutils.c b/client/src/fileutils.c index 5bd8a570d..d3dbc5eb7 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -1642,38 +1642,52 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz // depricated if (!strcmp(ctype, "15693")) { - JsonLoadBufAsHex(root, "$.raw", udata.bytes, maxdatalen, datalen); - goto out; - } + PrintAndLogEx(WARNING, "loadFileJSONex: loading deprecated 15693 format"); + // will set every metadata to 0 except 1st UID byte to E0 and memory layout + iso15_tag_t *tag = (iso15_tag_t *)udata.bytes; + tag->uid[7] = 0xE0; + tag->bytesPerPage = 4; + JsonLoadBufAsHex(root, "$.raw", tag->data + , MIN(maxdatalen, ISO15693_TAG_MAX_SIZE) + , datalen + ); - // handles ISO15693 w blocksize of 4 bytes. - if (!strcmp(ctype, "15693 v2")) { - size_t sptr = 0; - for (int i = 0; i < (maxdatalen / 4); i++) { - if (sptr + 4 > maxdatalen) { - PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen", maxdatalen, maxdatalen, i, i, sptr, sptr); - retval = PM3_EMALLOC; - goto out; - } - - snprintf(blocks, sizeof(blocks), "$.blocks.%d", i); - JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 4, &len); - if (load_file_sanity(ctype, 4, i, len) == false) { - break; - } - - sptr += len; + if (*datalen > ISO15693_TAG_MAX_SIZE) { + PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) sptr=%zu (%04zx) -- exceeded maxdatalen" + , ISO15693_TAG_MAX_SIZE + , ISO15693_TAG_MAX_SIZE + , *datalen + , *datalen + ); + retval = PM3_EMALLOC; + goto out; } - - *datalen = sptr; + tag->pagesCount = *datalen / 4; + if (tag->pagesCount > ISO15693_TAG_MAX_PAGES) { + PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%zu (%04zx) -- exceeded maxpagecount" + , ISO15693_TAG_MAX_PAGES + , ISO15693_TAG_MAX_PAGES + , tag->pagesCount + , tag->pagesCount + ); + retval = PM3_EMALLOC; + goto out; + } + *datalen = sizeof(iso15_tag_t); goto out; } - // handles ISO15693 w blocksize of 8 bytes. - if (!strcmp(ctype, "15693 v3")) { - size_t sptr = 0; - for (int i = 0; i < (maxdatalen / 8); i++) { - if (sptr + 8 > maxdatalen) { + // depricated: handles ISO15693 w blocksize of 4 bytes. + if (!strcmp(ctype, "15693 v2")) { + PrintAndLogEx(WARNING, "loadFileJSONex: loading deprecated 15693 v2 format"); + // will set every metadata to 0 except 1st UID byte to E0 and memory layout + iso15_tag_t *tag = (iso15_tag_t *)udata.bytes; + tag->uid[7] = 0xE0; + tag->bytesPerPage = 4; + size_t sptr = 0; + + for (uint8_t i = 0; i < (maxdatalen / 4) ; i++) { + if (((i + 1) * 4) > ISO15693_TAG_MAX_SIZE) { PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen" , maxdatalen , maxdatalen @@ -1688,14 +1702,73 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz } snprintf(blocks, sizeof(blocks), "$.blocks.%d", i); - JsonLoadBufAsHex(root, blocks, &udata.bytes[sptr], 8, &len); - if (load_file_sanity(ctype, 8, i, len) == false) { + JsonLoadBufAsHex(root, blocks, &tag->data[sptr], 4, &len); + if (load_file_sanity(ctype, tag->bytesPerPage, i, len) == false) { break; } sptr += len; } - *datalen = sptr; + tag->pagesCount = sptr / 4; + if (tag->pagesCount > ISO15693_TAG_MAX_PAGES) { + PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%zu (%04zx) -- exceeded maxpagecount" + , ISO15693_TAG_MAX_PAGES + , ISO15693_TAG_MAX_PAGES + , tag->pagesCount + , tag->pagesCount + ); + retval = PM3_EMALLOC; + goto out; + } + + *datalen = sizeof(iso15_tag_t); + goto out; + } + // depricated: handles ISO15693 w blocksize of 8 bytes. + if (!strcmp(ctype, "15693 v3")) { + PrintAndLogEx(WARNING, "loadFileJSONex: loading deprecated 15693 v3 format"); + // will set every metadata to 0 except 1st UID byte to E0 and memory layout + iso15_tag_t *tag = (iso15_tag_t *)udata.bytes; + tag->uid[7] = 0xE0; + tag->bytesPerPage = 8; + size_t sptr = 0; + + for (uint8_t i = 0; i < (maxdatalen / 8) ; i++) { + if (((i + 1) * 8) > ISO15693_TAG_MAX_SIZE) { + PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen" + , maxdatalen + , maxdatalen + , i + , i + , sptr + , sptr + ); + + retval = PM3_EMALLOC; + goto out; + } + + snprintf(blocks, sizeof(blocks), "$.blocks.%d", i); + JsonLoadBufAsHex(root, blocks, &tag->data[sptr], 8, &len); + if (load_file_sanity(ctype, tag->bytesPerPage, i, len) == false) { + break; + } + sptr += len; + } + + tag->pagesCount = sptr / 8; + if (tag->pagesCount > ISO15693_TAG_MAX_PAGES) { + PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%zu (%04zx) -- exceeded maxpagecount" + , ISO15693_TAG_MAX_PAGES + , ISO15693_TAG_MAX_PAGES + , tag->pagesCount + , tag->pagesCount + ); + retval = PM3_EMALLOC; + goto out; + } + + *datalen = sizeof(iso15_tag_t); goto out; } @@ -1708,6 +1781,21 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz JsonLoadBufAsHex(root, "$.Card.afilock", (uint8_t *)&tag->afiLock, 1, datalen); JsonLoadBufAsHex(root, "$.Card.bytesperpage", &tag->bytesPerPage, 1, datalen); JsonLoadBufAsHex(root, "$.Card.pagescount", &tag->pagesCount, 1, datalen); + + if ((tag->pagesCount > ISO15693_TAG_MAX_PAGES) || + ((tag->pagesCount * tag->bytesPerPage) > ISO15693_TAG_MAX_SIZE) || + (tag->pagesCount == 0) || + (tag->bytesPerPage == 0)) { + PrintAndLogEx(ERR, "loadFileJSONex: pagesCount=%zu (%04zx) bytesPerPage=%zu (%04zx) -- invalid tag memory layout" + , tag->pagesCount + , tag->pagesCount + , tag->bytesPerPage + , tag->bytesPerPage + ); + retval = PM3_EMALLOC; + goto out; + } + JsonLoadBufAsHex(root, "$.Card.ic", &tag->ic, 1, datalen); JsonLoadBufAsHex(root, "$.Card.locks", tag->locks, tag->pagesCount, datalen); JsonLoadBufAsHex(root, "$.Card.random", tag->random, 2, datalen); From f91e65dce5a230373bdea55fbab7b1091f4a1a92 Mon Sep 17 00:00:00 2001 From: Yann GASCUEL <34003959+lnv42@users.noreply.github.com> Date: Thu, 25 Jan 2024 12:10:13 +0100 Subject: [PATCH 3/5] iso15: try to fix codeQL errors --- client/src/fileutils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/src/fileutils.c b/client/src/fileutils.c index d3dbc5eb7..ac928ec9a 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -1686,7 +1686,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz tag->bytesPerPage = 4; size_t sptr = 0; - for (uint8_t i = 0; i < (maxdatalen / 4) ; i++) { + for (uint32_t i = 0; i < (maxdatalen / 4) ; i++) { if (((i + 1) * 4) > ISO15693_TAG_MAX_SIZE) { PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen" , maxdatalen @@ -1733,7 +1733,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz tag->bytesPerPage = 8; size_t sptr = 0; - for (uint8_t i = 0; i < (maxdatalen / 8) ; i++) { + for (uint32_t i = 0; i < (maxdatalen / 8) ; i++) { if (((i + 1) * 8) > ISO15693_TAG_MAX_SIZE) { PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen" , maxdatalen From c97b3b7b634c2818e0a817c86d8981f2daeb8cf9 Mon Sep 17 00:00:00 2001 From: Yann GASCUEL <34003959+lnv42@users.noreply.github.com> Date: Thu, 25 Jan 2024 13:40:36 +0100 Subject: [PATCH 4/5] iso15: fix formater issue codeQL reported --- client/src/fileutils.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/client/src/fileutils.c b/client/src/fileutils.c index ac928ec9a..64a6cf91c 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -1664,7 +1664,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz } tag->pagesCount = *datalen / 4; if (tag->pagesCount > ISO15693_TAG_MAX_PAGES) { - PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%zu (%04zx) -- exceeded maxpagecount" + PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%u (%04x) -- exceeded maxpagecount" , ISO15693_TAG_MAX_PAGES , ISO15693_TAG_MAX_PAGES , tag->pagesCount @@ -1688,7 +1688,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz for (uint32_t i = 0; i < (maxdatalen / 4) ; i++) { if (((i + 1) * 4) > ISO15693_TAG_MAX_SIZE) { - PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen" + PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%u (%04x) -- exceeded maxdatalen" , maxdatalen , maxdatalen , i @@ -1711,7 +1711,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz tag->pagesCount = sptr / 4; if (tag->pagesCount > ISO15693_TAG_MAX_PAGES) { - PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%zu (%04zx) -- exceeded maxpagecount" + PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%u (%04x) -- exceeded maxpagecount" , ISO15693_TAG_MAX_PAGES , ISO15693_TAG_MAX_PAGES , tag->pagesCount @@ -1758,7 +1758,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz tag->pagesCount = sptr / 8; if (tag->pagesCount > ISO15693_TAG_MAX_PAGES) { - PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%zu (%04zx) -- exceeded maxpagecount" + PrintAndLogEx(ERR, "loadFileJSONex: maxpagecount=%zu (%04zx) pagecount=%u (%04x) -- exceeded maxpagecount" , ISO15693_TAG_MAX_PAGES , ISO15693_TAG_MAX_PAGES , tag->pagesCount @@ -1786,7 +1786,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz ((tag->pagesCount * tag->bytesPerPage) > ISO15693_TAG_MAX_SIZE) || (tag->pagesCount == 0) || (tag->bytesPerPage == 0)) { - PrintAndLogEx(ERR, "loadFileJSONex: pagesCount=%zu (%04zx) bytesPerPage=%zu (%04zx) -- invalid tag memory layout" + PrintAndLogEx(ERR, "loadFileJSONex: pagesCount=%u (%04x) bytesPerPage=%u (%04x) -- invalid tag memory layout" , tag->pagesCount , tag->pagesCount , tag->bytesPerPage From 6d931778a4bce2664c21b848c95de54f1d1c7ecd Mon Sep 17 00:00:00 2001 From: Yann GASCUEL <34003959+lnv42@users.noreply.github.com> Date: Thu, 25 Jan 2024 14:08:40 +0100 Subject: [PATCH 5/5] iso15 json parsing fix codeQL issue (hope it's the last...) --- client/src/fileutils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/fileutils.c b/client/src/fileutils.c index 64a6cf91c..8ce9abbb6 100644 --- a/client/src/fileutils.c +++ b/client/src/fileutils.c @@ -1688,7 +1688,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz for (uint32_t i = 0; i < (maxdatalen / 4) ; i++) { if (((i + 1) * 4) > ISO15693_TAG_MAX_SIZE) { - PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%u (%04x) -- exceeded maxdatalen" + PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%zu (%04zx) block (i)=%4d (%04x) sptr=%zu (%04zx) -- exceeded maxdatalen" , maxdatalen , maxdatalen , i