github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-24 23:25:40 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

input sanitizing

Browse source
This commit is contained in:
iceman1001 2021-06-22 10:52:08 +02:00
commit 4facebb34d
1 changed files with 17 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

26
client/src/cipurse/cipursecore.c
View file

@ -27,14 +27,14 @@ CipurseContext cipurseContext;
static int CIPURSEExchangeEx(bool activate_field, bool leave_field_on, sAPDU apdu, bool include_le, static int CIPURSEExchangeEx(bool activate_field, bool leave_field_on, sAPDU apdu, bool include_le,
uint16_t le, uint8_t *result, size_t max_result_len, size_t *result_len, uint16_t *sw) { uint16_t le, uint8_t *result, size_t max_result_len, size_t *result_len, uint16_t *sw) {
uint8_t data[APDU_RES_LEN] = {0};
uint8_t securedata[APDU_RES_LEN] = {0};
sAPDU secapdu;
if (result_len) { if (result_len == NULL) {
*result_len = 0; PrintAndLogEx(FAILED, "CIPURSEExchangeEx, result_len is NULL");
return PM3_EINVARG;
} }
*result_len = 0;
if (sw) { if (sw) {
*sw = 0; *sw = 0;
} }
@ -53,26 +53,32 @@ static int CIPURSEExchangeEx(bool activate_field, bool leave_field_on, sAPDU apd
// COMPUTE APDU // COMPUTE APDU
int datalen = 0; int datalen = 0;
uint16_t xle = include_le ? 0x100 : 0x00; uint16_t xle = include_le ? 0x100 : 0x00;
if (xle == 0x100 && le != 0) if (xle == 0x100 && le != 0) {
xle = le; xle = le;
}
sAPDU secapdu;
uint8_t securedata[APDU_RES_LEN] = {0};
CipurseCAPDUReqEncode(&cipurseContext, &apdu, &secapdu, securedata, include_le, le); CipurseCAPDUReqEncode(&cipurseContext, &apdu, &secapdu, securedata, include_le, le);
uint8_t data[APDU_RES_LEN] = {0};
if (APDUEncodeS(&secapdu, false, xle, data, &datalen)) { if (APDUEncodeS(&secapdu, false, xle, data, &datalen)) {
PrintAndLogEx(ERR, "APDU encoding error."); PrintAndLogEx(ERR, "APDU encoding error.");
return 201; return 201;
} }
if (GetAPDULogging()) if (GetAPDULogging()) {
PrintAndLogEx(SUCCESS, ">>>> %s", sprint_hex(data, datalen)); PrintAndLogEx(SUCCESS, ">>>> %s", sprint_hex(data, datalen));
}
res = ExchangeAPDU14a(data, datalen, activate_field, leave_field_on, result, (int)max_result_len, (int *)result_len); res = ExchangeAPDU14a(data, datalen, activate_field, leave_field_on, result, (int)max_result_len, (int *)result_len);
if (res) { if (res) {
return res; return res;
} }
if (GetAPDULogging()) if (GetAPDULogging()) {
PrintAndLogEx(SUCCESS, "<<<< %s", sprint_hex(result, *result_len)); PrintAndLogEx(SUCCESS, "<<<< %s", sprint_hex(result, *result_len));
}
if (*result_len < 2) { if (*result_len < 2) {
return 200; return 200;
@ -80,10 +86,12 @@ static int CIPURSEExchangeEx(bool activate_field, bool leave_field_on, sAPDU apd
size_t rlen = 0; size_t rlen = 0;
if (*result_len == 2) { if (*result_len == 2) {
if (cipurseContext.RequestSecurity == CPSMACed || cipurseContext.RequestSecurity == CPSEncrypted) if (cipurseContext.RequestSecurity == CPSMACed || cipurseContext.RequestSecurity == CPSEncrypted) {
CipurseCClearContext(&cipurseContext); CipurseCClearContext(&cipurseContext);
}
isw = result[0] * 0x0100 + result[1]; isw = result[0] * 0x0100 + result[1];
} else { } else {
CipurseCAPDURespDecode(&cipurseContext, result, *result_len, securedata, &rlen, &isw); CipurseCAPDURespDecode(&cipurseContext, result, *result_len, securedata, &rlen, &isw);
memcpy(result, securedata, rlen); memcpy(result, securedata, rlen);