FIX: bug in nextwatch demod, which if the found psk bits was smaller than the preamble the client crashed.

REM: removed some debugstatements
2025-08-21 05:43:48 -07:00 · 2016-09-01 16:09:31 +02:00 · 2016-09-01 16:09:31 +02:00 · 56d0fb8e4d
commit 56d0fb8e4d
parent 2deea574d3
3 changed files with 14 additions and 9 deletions
--- a/client/cmddata.c
+++ b/client/cmddata.c
@ -258,8 +258,7 @@ void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx)
 	for (; i < size; i++){
 		DemodBuffer[i]=buff[startIdx++];
 	}
-	DemodBufferLen=size;
-	return;
+	DemodBufferLen = size;
 }

 int CmdSetDebugMode(const char *Cmd)
@ -1761,7 +1760,8 @@ int CmdIndalaDecode(const char *Cmd)
 			PrintAndLog("Error1: %d",ans);
 		return 0;
 	}
-	uint8_t invert=0;
+
+	uint8_t invert = 0;
 	size_t size = DemodBufferLen;
 	int startIdx = indala26decode(DemodBuffer, &size, &invert);
 	if (startIdx < 0 || size > 224) {
@ -1800,12 +1800,18 @@ int CmdIndalaDecode(const char *Cmd)
 int CmdPSKNexWatch(const char *Cmd)
 {
 	if (!PSKDemod("", false)) return 0;
+
 	uint8_t preamble[28] = {0,0,0,0,0,1,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
 	size_t startIdx = 0, size = DemodBufferLen; 
+	
+	// sanity check. 
+	if ( size < sizeof(preamble) + 100) return 0;
+	
 	bool invert = false;
 	if (!preambleSearch(DemodBuffer, preamble, sizeof(preamble), &size, &startIdx)){
 		// if didn't find preamble try again inverting
 		if (!PSKDemod("1", false)) return 0; 
+
 		size = DemodBufferLen;
 		if (!preambleSearch(DemodBuffer, preamble, sizeof(preamble), &size, &startIdx)) return 0;
 		invert = true;
@ -1906,7 +1912,6 @@ int CmdPSK1rawDemod(const char *Cmd)
 		if (g_debugMode) PrintAndLog("Error demoding: %d",ans); 
 		return 0;
 	}
- 
 	PrintAndLog("PSK1 demoded bitstream:");
 	// Now output the bitstream to the scrollback by line of 16 bits
 	printDemodBuff();
@ -1917,12 +1922,12 @@ int CmdPSK1rawDemod(const char *Cmd)
 // takes same args as cmdpsk1rawdemod
 int CmdPSK2rawDemod(const char *Cmd)
 {
-	int ans=0;
+	int ans = 0;
 	char cmdp = param_getchar(Cmd, 0);
 	if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H')
 		return usage_data_rawdemod_p2();

-	ans=PSKDemod(Cmd, TRUE);
+	ans = PSKDemod(Cmd, TRUE);
 	if (!ans){
 		if (g_debugMode) PrintAndLog("Error demoding: %d",ans);  
 		return 0;
--- a/client/cmdhfmfhard.c
+++ b/client/cmdhfmfhard.c
@ -1687,7 +1687,7 @@ static void brute_force(void)

        time(&end);		
        double elapsed_time = difftime(end, start);
-		PrintAndLog("ICE %.f seconds", elapsed_time);
+
        if(keys_found){
 			PrintAndLog("Success! Tested %"PRIu32" states, found %u keys after %.f seconds", total_states_tested, keys_found, elapsed_time);
 			PrintAndLog("\nFound key: %012"PRIx64"\n", foundkey);
--- a/common/lfdemod.c
+++ b/common/lfdemod.c
@ -148,8 +148,8 @@ uint32_t bytebits_to_byteLSBF(uint8_t *src, size_t numbits)
 //search for given preamble in given BitStream and return success=1 or fail=0 and startIndex and length
 uint8_t preambleSearch(uint8_t *BitStream, uint8_t *preamble, size_t pLen, size_t *size, size_t *startIdx)
 {
-	uint8_t foundCnt=0;
-	for (int idx=0; idx < *size - pLen; idx++){
+	uint8_t foundCnt = 0;
+	for (int idx = 0; idx < *size - pLen; idx++){
 		if (memcmp(BitStream+idx, preamble, pLen) == 0){
 			//first index found
 			foundCnt++;