From 28af1a870d36ab83e1d8904610bca46024f3a507 Mon Sep 17 00:00:00 2001
From: Henry Gabryjelski <henrygab@users.noreply.github.com>
Date: Sat, 18 Feb 2023 12:50:05 -0800
Subject: [PATCH 1/5] Prevent buffer overflow in `AppendGraph()`

---
 client/src/graph.c | 28 +++++++++++++++++++++++-----
 1 file changed, 23 insertions(+), 5 deletions(-)

diff --git a/client/src/graph.c b/client/src/graph.c
index 5914c8585..851e49d5a 100644
--- a/client/src/graph.c
+++ b/client/src/graph.c
@@ -29,21 +29,39 @@ int g_GraphBuffer[MAX_GRAPH_TRACE_LEN];
 size_t g_GraphTraceLen;
 
 /* write a manchester bit to the graph
-TODO,  verfy that this doesn't overflow buffer  (iceman)
 */
 void AppendGraph(bool redraw, uint16_t clock, int bit) {
-    uint8_t half = clock / 2;
+    uint16_t half = clock / 2;
+    uint16_t end = clock;
     uint16_t i;
+
+    // overflow/underflow safe checks ... Assumptions:
+    //     _Assert(g_GraphTraceLen >= 0);
+    //     _Assert(g_GraphTraceLen <= MAX_GRAPH_TRACE_LEN);
+    // If this occurs, allow partial rendering, up to the last sample...
+    if ((MAX_GRAPH_TRACE_LEN - g_GraphTraceLen) < half) {
+        PrintAndLogEx(DEBUG, "WARNING: AppendGraph() - Request exceeds max graph length");
+        end = MAX_GRAPH_TRACE_LEN - g_GraphTraceLen;
+        half = end;
+    }
+    if ((MAX_GRAPH_TRACE_LEN - g_GraphTraceLen) < end) {
+        PrintAndLogEx(DEBUG, "WARNING: AppendGraph() - Request exceeds max graph length");
+        end = MAX_GRAPH_TRACE_LEN - g_GraphTraceLen;
+    }
+
     //set first half the clock bit (all 1's or 0's for a 0 or 1 bit)
-    for (i = 0; i < half; ++i)
+    for (i = 0; i < half; ++i) {
         g_GraphBuffer[g_GraphTraceLen++] = bit;
+    }
 
     //set second half of the clock bit (all 0's or 1's for a 0 or 1 bit)
-    for (; i < clock; ++i)
+    for (; i < end; ++i) {
         g_GraphBuffer[g_GraphTraceLen++] = bit ^ 1;
+    }
 
-    if (redraw)
+    if (redraw) {
         RepaintGraphWindow();
+    }
 }
 
 // clear out our graph window

From cf6b2d95971de1894c6d116000c0441fdfc8a618 Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Sun, 19 Feb 2023 08:07:32 +0100
Subject: [PATCH 2/5] fix WSL2 detection route.  some linux distro spells with
 small letters

---
 pm3 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pm3 b/pm3
index f92ce9bd7..79ea38768 100755
--- a/pm3
+++ b/pm3
@@ -474,7 +474,7 @@ fi
 
 HOSTOS=$(uname | awk '{print toupper($0)}')
 if [ "$HOSTOS" = "LINUX" ]; then
-    if uname -a|grep -q Microsoft; then
+    if uname -a|grep -qi Microsoft; then
         # First try finding it using the PATH environment variable
         PSHEXE=$(command -v powershell.exe 2>/dev/null)
 

From e5adfb0b29d9149bb3173441f81346c196480464 Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Sun, 19 Feb 2023 08:17:05 +0100
Subject: [PATCH 3/5] text

---
 CHANGELOG.md | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e865190c1..d2f5c1dc4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,10 +3,15 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
- - Enable unique USB serial numbers when built with `FLASH` -- **_UPDATES BOOTROM ALSO_**
+ - Fixed `pm3` script to correctly identify WSL enabled distros (@henrygab)
+ - Changed device enumeration with "unique USB serial numbers when built with `FLASH` -- **_UPDATES BOOTROM ALSO_**" (@henrygab)
  - Changed the readline package to v8.2 in the CMAKE files for the client (@iceman1001)
+ - Fixed `pm3` script for passing arguments (@doegox)
+ - Fixed python paths to include current directory (@jmichelp)
+ - Fixed infinite loops in spindelayus (@lnv42)
  - Add ICECLASS standalone read/sim mode (@natesales)
- - Added verbose flag to `hf iclass encode` (@natesales)
+ - Changed `hf iclass encode` - added verbose flag (@natesales)
+ - Changed `hf waveshare` - now identify 1.54 nfc epaper correct (@ah01)
  - Fixed `Makefile` regression that broke `make install` (@henrygab)
  - Fixed `lf em 4x70 brute` - now works as expected (@adite)
  - Fixed the lf sampling when bits_per_sample is less than 8 (@wh201906)
@@ -14,8 +19,8 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
  - Added documentation for usage of Proxmark3 under WSL2 (@henrygab)
  - Fixed device permissions via updated `udev` rules (@henrygab)
  - Added `--back` option to `clear` command to clear the scrollback buffer (@wh201906)
- - Mark credentials as decrypted in the dump generated by `hf iclass decrypt`
- - Show credentials when using `hf iclass view` on a decrypted dump
+ - Changed `hf iclass decrypt` - mark credentials as decrypted in the dump (@natesales)
+ - Changed `hf iclass view` - show credentials on a decrypted dump (@natesales)
 
 ## [Nitride.4.16191][2023-01-29]
  - Changed `build_all_firmwares.sh` to fit GENERIC 256kb firmware images (@doegox)

From fe98b3821fe2df28ae0081df05041cb59e9cd14c Mon Sep 17 00:00:00 2001
From: Henry Gabryjelski <henrygab@users.noreply.github.com>
Date: Sat, 18 Feb 2023 23:48:08 -0800
Subject: [PATCH 4/5] Prevent double-enumeration under WSL2

---
 pm3 | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/pm3 b/pm3
index 79ea38768..a3df5717b 100755
--- a/pm3
+++ b/pm3
@@ -68,11 +68,12 @@ function get_pm3_list_Linux {
             fi
         fi
         # WSL2 with usbipd detection - doesn't report same things as WSL1
-
         if grep -q "proxmark.org" "/sys/class/tty/${DEV#/dev/}/../../../manufacturer" 2>/dev/null; then
-            PM3LIST+=("$DEV")
-            if [ ${#PM3LIST[*]} -ge "$N" ]; then
-                return
+            if !( echo "${PM3LIST[*]}" | grep -q "${DEV}" ); then
+                PM3LIST+=("$DEV")
+                if [ ${#PM3LIST[*]} -ge "$N" ]; then
+                    return
+                fi
             fi
         fi
     done
@@ -474,7 +475,7 @@ fi
 
 HOSTOS=$(uname | awk '{print toupper($0)}')
 if [ "$HOSTOS" = "LINUX" ]; then
-    if uname -a|grep -qi Microsoft; then
+    if uname -a|grep -q Microsoft; then
         # First try finding it using the PATH environment variable
         PSHEXE=$(command -v powershell.exe 2>/dev/null)
 

From ce85fe0099ef2e1b72e236de8761a44b3d813b60 Mon Sep 17 00:00:00 2001
From: Henry Gabryjelski <henrygab@users.noreply.github.com>
Date: Sun, 19 Feb 2023 01:44:15 -0800
Subject: [PATCH 5/5] allow case-insensitive match of WSL strings

---
 pm3 | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pm3 b/pm3
index a3df5717b..7c1d0e289 100755
--- a/pm3
+++ b/pm3
@@ -69,7 +69,7 @@ function get_pm3_list_Linux {
         fi
         # WSL2 with usbipd detection - doesn't report same things as WSL1
         if grep -q "proxmark.org" "/sys/class/tty/${DEV#/dev/}/../../../manufacturer" 2>/dev/null; then
-            if !( echo "${PM3LIST[*]}" | grep -q "${DEV}" ); then
+            if echo "${PM3LIST[*]}" | grep -qv "${DEV}"; then
                 PM3LIST+=("$DEV")
                 if [ ${#PM3LIST[*]} -ge "$N" ]; then
                     return
@@ -475,7 +475,8 @@ fi
 
 HOSTOS=$(uname | awk '{print toupper($0)}')
 if [ "$HOSTOS" = "LINUX" ]; then
-    if uname -a|grep -q Microsoft; then
+    # Detect when running under WSL1 (but exclude WSL2)
+    if uname -a | grep -qi Microsoft && uname -a | grep -qvi WSL2; then
         # First try finding it using the PATH environment variable
         PSHEXE=$(command -v powershell.exe 2>/dev/null)