github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix ATS parsing length checks, forgot CRC...

Browse source
This commit is contained in:
Philippe Teuwen 2022-02-05 11:10:21 +01:00
commit 6b9ecfcb63
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
client/src/cmdhf14a.c
View file

@ -1849,7 +1849,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
PrintAndLogEx(SUCCESS, "ATS: " _YELLOW_("%s")"[ %02x %02x ]", sprint_hex(card.ats, card.ats_len - 2), card.ats[card.ats_len - 1], card.ats[card.ats_len]);
PrintAndLogEx(INFO, " " _YELLOW_("%02x") "............... TL length is " _GREEN_("%d") " bytes", card.ats[0], card.ats[0]);
if ((card.ats[0] > 1) && (card.ats_len > 1)) { // there is a format byte (T0)
if ((card.ats[0] > 1) && (card.ats_len > 3)) { // there is a format byte (T0)
ta1 = (card.ats[1] & 0x10) == 0x10;
tb1 = (card.ats[1] & 0x20) == 0x20;
tc1 = (card.ats[1] & 0x40) == 0x40;
@ -1866,7 +1866,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
);
}
int pos = 2;
if (ta1 && (card.ats_len > pos)) {
if (ta1 && (card.ats_len > pos + 2)) {
char dr[16], ds[16];
dr[0] = ds[0] = '\0';
if (card.ats[pos] & 0x10) strcat(ds, "2, ");
@ -1888,7 +1888,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
pos++;
}
if (tb1 && (card.ats_len > pos)) {
if (tb1 && (card.ats_len > pos + 2)) {
uint32_t sfgi = card.ats[pos] & 0x0F;
uint32_t fwi = card.ats[pos] >> 4;
@ -1903,7 +1903,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
pos++;
}
if (tc1 && (card.ats_len > pos)) {
if (tc1 && (card.ats_len > pos + 2)) {
PrintAndLogEx(INFO, " " _YELLOW_("%02X") "... TC1 NAD is%s supported, CID is%s supported",
card.ats[pos],
(card.ats[pos] & 0x01) ? "" : _RED_(" NOT"),
@ -1913,7 +1913,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
}
// ATS - Historial bytes and identify based on it
if (card.ats[0] > pos && card.ats[0] <= card.ats_len - 2) {
if ((card.ats[0] > pos) && (card.ats_len >= card.ats[0] + 2)) {
char tip[60];
tip[0] = '\0';
if (card.ats[0] - pos >= 7) {