From 4d67f56656d5d3268bcd2b15ccaddd59b80c4e78 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 12:12:24 -0800 Subject: [PATCH 01/12] Mismatched format string specifier (need to deref size pointer) --- client/src/cmdlfem410x.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdlfem410x.c b/client/src/cmdlfem410x.c index 5abbbd4d3..ecb252ffc 100644 --- a/client/src/cmdlfem410x.c +++ b/client/src/cmdlfem410x.c @@ -245,7 +245,7 @@ static int ask_em410x_binary_decode(bool verbose, uint32_t *hi, uint64_t *lo, ui else if (ans == -4) PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x preamble not found"); else if (ans == -5) - PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x Size not correct: %zu", size); + PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x Size not correct: %zu", *size); else if (ans == -6) PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x parity failed"); From 20c4756f2a11da98285db26092cf56ae01a111b7 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 12:14:46 -0800 Subject: [PATCH 02/12] no-op --- .github/workflows/codeql-analysis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d9ce0a0de..340b53555 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,6 +13,7 @@ name: "CodeQL" on: workflow_dispatch: + push: branches: [ master ] pull_request: From 91be146ecbe99fe6d508592fada4d8b0ba227758 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 12:33:50 -0800 Subject: [PATCH 03/12] CodeQL fixes for "Comparison between A of type TypeA and B of wider type TypeB" --- armsrc/spiffs.h | 1 + armsrc/spiffs_check.c | 7 +++++++ armsrc/spiffs_hydrogen.c | 7 +++++++ armsrc/spiffs_nucleus.c | 9 +++++++++ armsrc/thinfilm.c | 2 +- client/src/cmdhf14a.c | 13 +++++++++++-- 6 files changed, 36 insertions(+), 3 deletions(-) diff --git a/armsrc/spiffs.h b/armsrc/spiffs.h index 7bbfb794b..e0b5868da 100644 --- a/armsrc/spiffs.h +++ b/armsrc/spiffs.h @@ -296,6 +296,7 @@ typedef struct spiffs_t { // file system configuration spiffs_config cfg; // number of logical blocks + // BUGBUG -- Should this be of type spiffs_block_ix? u32_t block_count; // cursor for free blocks, block index diff --git a/armsrc/spiffs_check.c b/armsrc/spiffs_check.c index c59fcabef..1bd7a2889 100644 --- a/armsrc/spiffs_check.c +++ b/armsrc/spiffs_check.c @@ -536,6 +536,13 @@ static s32_t spiffs_page_consistency_check_i(spiffs *fs) { s32_t res = SPIFFS_OK; spiffs_page_ix pix_offset = 0; + // this _should_ never happen, but prefer to see debug message / error + // rather than silently entering infinite loop. + if (fs->block_count > ((spiffs_block_ix)(-1))) { + SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", fs->block_count); + SPIFFS_API_CHECK_RES(fs, SPIFFS_ERR_INTERNAL); + } + // for each range of pages fitting into work memory while (pix_offset < SPIFFS_PAGES_PER_BLOCK(fs) * fs->block_count) { // set this flag to abort all checks and rescan the page range diff --git a/armsrc/spiffs_hydrogen.c b/armsrc/spiffs_hydrogen.c index 93c7fbe89..83784b36d 100644 --- a/armsrc/spiffs_hydrogen.c +++ b/armsrc/spiffs_hydrogen.c @@ -52,6 +52,13 @@ s32_t SPIFFS_format(spiffs *fs) { SPIFFS_LOCK(fs); + // this _should_ never happen, but prefer to see debug message / error + // rather than silently entering infinite loop. + if (fs->block_count > ((spiffs_block_ix)(-1))) { + SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", fs->block_count); + SPIFFS_API_CHECK_RES_UNLOCK(fs, SPIFFS_ERR_INTERNAL); + } + spiffs_block_ix bix = 0; while (bix < fs->block_count) { fs->max_erase_count = 0; diff --git a/armsrc/spiffs_nucleus.c b/armsrc/spiffs_nucleus.c index 2ebfabe04..0cd63ae76 100644 --- a/armsrc/spiffs_nucleus.c +++ b/armsrc/spiffs_nucleus.c @@ -364,6 +364,7 @@ static s32_t spiffs_obj_lu_scan_v( // Checks magic if enabled s32_t spiffs_obj_lu_scan( spiffs *fs) { + s32_t res; spiffs_block_ix bix; int entry; @@ -371,6 +372,14 @@ s32_t spiffs_obj_lu_scan( spiffs_block_ix unerased_bix = (spiffs_block_ix) - 1; #endif + // this _should_ never happen, but prefer to see debug message / error + // rather than silently entering infinite loop. + if (fs->block_count > ((spiffs_block_ix)(-1))) { + SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", fs->block_count); + SPIFFS_API_CHECK_RES(fs, SPIFFS_ERR_INTERNAL); + } + + // find out erase count // if enabled, check magic bix = 0; diff --git a/armsrc/thinfilm.c b/armsrc/thinfilm.c index c39316be5..8fd1dd8a8 100644 --- a/armsrc/thinfilm.c +++ b/armsrc/thinfilm.c @@ -115,7 +115,7 @@ static int EmSendCmdThinfilmRaw(const uint8_t *resp, uint16_t respLen) { // Ensure that the FPGA Delay Queue is empty uint8_t fpga_queued_bits = FpgaSendQueueDelay >> 3; - for (i = 0; i <= (fpga_queued_bits >> 3) + 1;) { + for (i = 0; i <= fpga_queued_bits / 8u + 1u;) { if (AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) { AT91C_BASE_SSC->SSC_THR = SEC_F; FpgaSendQueueDelay = (uint8_t)AT91C_BASE_SSC->SSC_RHR; diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index f2d573a8c..df3ceda20 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -3226,13 +3226,22 @@ int CmdHF14ANdefRead(const char *Cmd) { return PM3_EOVFLOW; } - for (uint16_t i = offset; i < ndef_size + offset; i += max_rapdu_size) { - uint16_t segment_size = max_rapdu_size < ndef_size + offset - i ? max_rapdu_size : ndef_size + offset - i; + for (size_t i = offset; i < ndef_size + offset; i += max_rapdu_size) { + size_t segment_size = max_rapdu_size < ndef_size + offset - i ? max_rapdu_size : ndef_size + offset - i; + keep_field_on = i < ndef_size + offset - max_rapdu_size; aREAD_NDEF_n = 0; param_gethex_to_eol("00b00000", 0, aREAD_NDEF, sizeof(aREAD_NDEF), &aREAD_NDEF_n); aREAD_NDEF[2] = i >> 8; aREAD_NDEF[3] = i & 0xFF; + + // BUGBUG -- segment_size is stuffed into a single-byte field below? + if (segment_size > 0xFFu) { + PrintAndLogEx(ERR, "Segment size too large (0x%zx > 0xFF)", segment_size); + DropField(); + free(ndef_file); + return PM3_EOVFLOW; + } aREAD_NDEF[4] = segment_size; res = ExchangeAPDU14a(aREAD_NDEF, aREAD_NDEF_n + 1, activate_field, keep_field_on, response, sizeof(response), &resplen); From 1c75690b1a51abe5a1addf5633ffa59557e0416f Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 15:02:19 -0800 Subject: [PATCH 04/12] Various codeQL fixes Code was previously performing arithmetic in various loop check conditions. Integer promotion rules could cause unintended comparisons. `spiffs` defined `fs->block_count` as `uint32_t`, but defined `spiffs_page_ix` as `uint16_t`. Various overflow checks detected by CodeQL and fixed by checking for those conditions before looping. --- armsrc/spiffs_check.c | 44 ++++++++++++++++++++++++++++++++-------- armsrc/spiffs_hydrogen.c | 7 ++++--- armsrc/spiffs_nucleus.c | 7 ++++--- armsrc/thinfilm.c | 8 +++++--- 4 files changed, 49 insertions(+), 17 deletions(-) diff --git a/armsrc/spiffs_check.c b/armsrc/spiffs_check.c index 1bd7a2889..8a190b8ac 100644 --- a/armsrc/spiffs_check.c +++ b/armsrc/spiffs_check.c @@ -535,33 +535,61 @@ static s32_t spiffs_page_consistency_check_i(spiffs *fs) { s32_t res = SPIFFS_OK; spiffs_page_ix pix_offset = 0; + // Avoid arithmetic in loop conditions (integer promotion rules can cause unintended consequences) + uint32_t block_count = fs->block_count; + uint32_t total_blocks = SPIFFS_PAGES_PER_BLOCK(fs) * block_count; + uint32_t total_blocks_plus_one_page = total_blocks + SPIFFS_PAGES_PER_BLOCK(fs); +#pragma region // check for overflow once, before looping // this _should_ never happen, but prefer to see debug message / error // rather than silently entering infinite loop. - if (fs->block_count > ((spiffs_block_ix)(-1))) { - SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", fs->block_count); + if (block_count > ((spiffs_block_ix)(-1))) { + SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", block_count); SPIFFS_API_CHECK_RES(fs, SPIFFS_ERR_INTERNAL); } + // this checks for overflow of the multiplication of block_count+1 with SPIFFS_PAGES_PER_BLOCK(fs) + if (((uint32_t)(-1)) / SPIFFS_PAGES_PER_BLOCK(fs) > (block_count+1)) { + // checking with +1 block count to avoid overflow also in inner loop, which adds one page... + // would exceed value storable in uint32_t + SPIFFS_DBG("Overflow: pages per block %04x with block count "_SPIPRIbl" results in overflow\n", SPIFFS_PAGES_PER_BLOCK(fs), block_count); + SPIFFS_API_CHECK_RES(fs, SPIFFS_ERR_INTERNAL); + } + // because loop indices are using spiffs_page_ix type, + // that type can hold a large enough value + if (total_blocks > ((spiffs_page_ix)-1)) { + SPIFFS_DBG("Avoiding infinite loop, total_blocks "_SPIPRIpg" too large for spiffs_page_ix type\n", total_blocks); + SPIFFS_CHECK_RES(SPIFFS_ERR_INTERNAL); + } + // because loop indices are using spiffs_page_ix type, + // that type can hold a large enough value + if (total_blocks_plus_one_page > ((spiffs_page_ix)-1) || total_blocks_plus_one_page < total_blocks) { + SPIFFS_DBG("Avoiding infinite loop, total_blocks_plus_one_page "_SPIPRIpg" too large for spiffs_page_ix type\n", total_blocks_plus_one_page); + SPIFFS_CHECK_RES(SPIFFS_ERR_INTERNAL); + } + // RESULT: spiffs_page_ix can safely be used for loop index vs. each of + // block_count, total_blocks, and total_blocks_plus_one_page +#pragma endregion // check for overflow once, before looping + // for each range of pages fitting into work memory - while (pix_offset < SPIFFS_PAGES_PER_BLOCK(fs) * fs->block_count) { + while (pix_offset < total_blocks) { // set this flag to abort all checks and rescan the page range u8_t restart = 0; memset(fs->work, 0, SPIFFS_CFG_LOG_PAGE_SZ(fs)); spiffs_block_ix cur_block = 0; // build consistency bitmap for id range traversing all blocks - while (!restart && cur_block < fs->block_count) { + while (!restart && cur_block < block_count) { CHECK_CB(fs, SPIFFS_CHECK_PAGE, SPIFFS_CHECK_PROGRESS, - (pix_offset * 256) / (SPIFFS_PAGES_PER_BLOCK(fs) * fs->block_count) + - ((((cur_block * pages_per_scan * 256) / (SPIFFS_PAGES_PER_BLOCK(fs) * fs->block_count))) / fs->block_count), + (pix_offset * 256) / total_blocks + + ((((cur_block * pages_per_scan * 256) / total_blocks)) / block_count), 0); // traverse each page except for lookup pages spiffs_page_ix cur_pix = SPIFFS_OBJ_LOOKUP_PAGES(fs) + SPIFFS_PAGES_PER_BLOCK(fs) * cur_block; - while (!restart && cur_pix < SPIFFS_PAGES_PER_BLOCK(fs) * (cur_block + 1)) { + while (!restart && cur_pix < total_blocks_plus_one_page) { //if ((cur_pix & 0xff) == 0) // SPIFFS_CHECK_DBG("PA: processing pix "_SPIPRIpg", block "_SPIPRIbl" of pix "_SPIPRIpg", block "_SPIPRIbl"\n", - // cur_pix, cur_block, SPIFFS_PAGES_PER_BLOCK(fs) * fs->block_count, fs->block_count); + // cur_pix, cur_block, total_blocks, block_count); // read header spiffs_page_header p_hdr; diff --git a/armsrc/spiffs_hydrogen.c b/armsrc/spiffs_hydrogen.c index 83784b36d..9f44cff13 100644 --- a/armsrc/spiffs_hydrogen.c +++ b/armsrc/spiffs_hydrogen.c @@ -52,15 +52,16 @@ s32_t SPIFFS_format(spiffs *fs) { SPIFFS_LOCK(fs); + uint32_t block_count = fs->block_count; // this _should_ never happen, but prefer to see debug message / error // rather than silently entering infinite loop. - if (fs->block_count > ((spiffs_block_ix)(-1))) { - SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", fs->block_count); + if (block_count > ((spiffs_block_ix)(-1))) { + SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", block_count); SPIFFS_API_CHECK_RES_UNLOCK(fs, SPIFFS_ERR_INTERNAL); } spiffs_block_ix bix = 0; - while (bix < fs->block_count) { + while (bix < block_count) { fs->max_erase_count = 0; s32_t res = spiffs_erase_block(fs, bix); if (res != SPIFFS_OK) { diff --git a/armsrc/spiffs_nucleus.c b/armsrc/spiffs_nucleus.c index 0cd63ae76..cd6c708c4 100644 --- a/armsrc/spiffs_nucleus.c +++ b/armsrc/spiffs_nucleus.c @@ -372,10 +372,11 @@ s32_t spiffs_obj_lu_scan( spiffs_block_ix unerased_bix = (spiffs_block_ix) - 1; #endif + uint32_t block_count = fs->block_count; // this _should_ never happen, but prefer to see debug message / error // rather than silently entering infinite loop. - if (fs->block_count > ((spiffs_block_ix)(-1))) { - SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", fs->block_count); + if (block_count > ((spiffs_block_ix)(-1))) { + SPIFFS_DBG("Avoiding infinite loop, block_count "_SPIPRIbl" too large for spiffs_block_ix type\n", block_count); SPIFFS_API_CHECK_RES(fs, SPIFFS_ERR_INTERNAL); } @@ -386,7 +387,7 @@ s32_t spiffs_obj_lu_scan( spiffs_obj_id erase_count_final; spiffs_obj_id erase_count_min = SPIFFS_OBJ_ID_FREE; spiffs_obj_id erase_count_max = 0; - while (bix < fs->block_count) { + while (bix < block_count) { #if SPIFFS_USE_MAGIC spiffs_obj_id magic; res = _spiffs_rd(fs, diff --git a/armsrc/thinfilm.c b/armsrc/thinfilm.c index 8fd1dd8a8..efea4c899 100644 --- a/armsrc/thinfilm.c +++ b/armsrc/thinfilm.c @@ -105,7 +105,7 @@ static int EmSendCmdThinfilmRaw(const uint8_t *resp, uint16_t respLen) { uint16_t FpgaSendQueueDelay = 0; // send cycle - uint16_t i = 0; + size_t i = 0; for (; i < respLen;) { if (AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) { AT91C_BASE_SSC->SSC_THR = resp[i++]; @@ -114,8 +114,10 @@ static int EmSendCmdThinfilmRaw(const uint8_t *resp, uint16_t respLen) { } // Ensure that the FPGA Delay Queue is empty - uint8_t fpga_queued_bits = FpgaSendQueueDelay >> 3; - for (i = 0; i <= fpga_queued_bits / 8u + 1u;) { + uint16_t fpga_queued_bits = FpgaSendQueueDelay >> 3; + fpga_queued_bits /= 8u; + fpga_queued_bits += 1u; + for (i = 0; i <= fpga_queued_bits;) { if (AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) { AT91C_BASE_SSC->SSC_THR = SEC_F; FpgaSendQueueDelay = (uint8_t)AT91C_BASE_SSC->SSC_RHR; From 18f6604eb0eed809858e40bd9972b29a9eefba1d Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 16:59:49 -0800 Subject: [PATCH 05/12] Prevent potential stack corruption --- client/src/cmdlfem4x50.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/client/src/cmdlfem4x50.c b/client/src/cmdlfem4x50.c index 2b1dd5497..e1ee8181f 100644 --- a/client/src/cmdlfem4x50.c +++ b/client/src/cmdlfem4x50.c @@ -30,10 +30,12 @@ static int CmdHelp(const char *Cmd); -static void em4x50_prepare_result(const uint8_t *data, int fwr, int lwr, em4x50_word_t *words) { +// Each record is 4 bytes long ... a single line in the dump output +// Reads each record from `data`, reverses the four bytes, and writes to `words` +static void em4x50_prepare_result(const uint8_t *data, int first_record_inclusive, int last_record_inclusive, em4x50_word_t *words) { // restructure received result in "em4x50_word_t" structure - for (int i = fwr; i <= lwr; i++) { + for (int i = first_record_inclusive; i <= last_record_inclusive; i++) { for (int j = 0; j < 4; j++) { words[i].byte[j] = data[i * 4 + (3 - j)]; } @@ -779,6 +781,12 @@ static int CmdEM4x50Reader(const char *Cmd) { // iceman, misuse of return status code. int now = resp.status; + // prevent massive stack corruption if unexpected results from device. + if (now > EM4X50_NO_WORDS) { + PrintAndLogEx(WARNING, "word count was: %d, limiting to %d", now, EM4X50_NO_WORDS); + now = EM4X50_NO_WORDS; + } + if (now > 0) { em4x50_word_t words[EM4X50_NO_WORDS]; From 1c3f84503a29dcfc332f913f7be03d1dad2cbc86 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 17:01:14 -0800 Subject: [PATCH 06/12] Quiet a spurious warning The compiler warning is incorrect. Since `calloc()` zero's memory, can remove redundant line setting value to zero, giving quieter builds. --- client/src/cmdhfmf.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 63cefc9ee..57e764d6a 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -117,17 +117,31 @@ static char *GenerateFilename(const char *prefix, const char *suffix) { return fptr; } +// allocates `items` table entries, storing pointer to `*src` +// Each entry stores two keys (A and B), initialized to six-byte value 0xFFFFFFFFFFFF +// Each entry also stores whether the key was "found", defaults to false (0) static int initSectorTable(sector_t **src, size_t items) { + + // typedef struct { + // uint64_t Key[2]; + // uint8_t foundKey[2]; + // } sector_t; + + // This allocates based on the size of a single item + _Static_assert(sizeof(sector_t) >= 18); // if packed, would be 18 + _Static_assert(sizeof(sector_t) == 24); // not packed, so each entry must be 24 bytes + (*src) = calloc(items, sizeof(sector_t)); - if (*src == NULL) + if (*src == NULL) { return PM3_EMALLOC; + } // empty e_sector for (size_t i = 0; i < items; i++) { for (uint8_t j = 0; j < 2; j++) { (*src)[i].Key[j] = 0xffffffffffff; - (*src)[i].foundKey[j] = 0; + // (*src)[i].foundKey[j] = 0; // calloc zero's these already } } return PM3_SUCCESS; From 05319463fb037b0b3dc2a5abfd24c7a9894c82ff Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 17:07:17 -0800 Subject: [PATCH 07/12] improve comment --- client/src/cmdhf14a.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdhf14a.c b/client/src/cmdhf14a.c index df3ceda20..e5207978f 100644 --- a/client/src/cmdhf14a.c +++ b/client/src/cmdhf14a.c @@ -3235,7 +3235,7 @@ int CmdHF14ANdefRead(const char *Cmd) { aREAD_NDEF[2] = i >> 8; aREAD_NDEF[3] = i & 0xFF; - // BUGBUG -- segment_size is stuffed into a single-byte field below? + // Segment_size is stuffed into a single-byte field below ... so error out if overflows if (segment_size > 0xFFu) { PrintAndLogEx(ERR, "Segment size too large (0x%zx > 0xFF)", segment_size); DropField(); From 99e8de3687b97a219cb898623e9eccfe9d21083d Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Fri, 10 Jan 2025 17:10:25 -0800 Subject: [PATCH 08/12] fix build break on some compilers --- client/src/cmdhfmf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index 57e764d6a..a5b2d6509 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -129,8 +129,8 @@ static int initSectorTable(sector_t **src, size_t items) { // } sector_t; // This allocates based on the size of a single item - _Static_assert(sizeof(sector_t) >= 18); // if packed, would be 18 - _Static_assert(sizeof(sector_t) == 24); // not packed, so each entry must be 24 bytes + _Static_assert(sizeof(sector_t) >= 18, "Unexpectedly small sector_t"); // if packed, would be 18 + _Static_assert(sizeof(sector_t) == 24, "Sector_t used to be padded to 24 bytes?"); // not packed, so each entry must be 24 bytes (*src) = calloc(items, sizeof(sector_t)); if (*src == NULL) { From 6613ff73343f87661c0a52aba17febf7f1ecd5c5 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Tue, 14 Jan 2025 20:35:45 -0800 Subject: [PATCH 09/12] Workaround old GCC on Windows builds This is supported for GCC >= version 13 See GCC bug 85487: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85487 --- armsrc/spiffs_check.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/armsrc/spiffs_check.c b/armsrc/spiffs_check.c index 8a190b8ac..c35bc3e1f 100644 --- a/armsrc/spiffs_check.c +++ b/armsrc/spiffs_check.c @@ -540,7 +540,7 @@ static s32_t spiffs_page_consistency_check_i(spiffs *fs) { uint32_t total_blocks = SPIFFS_PAGES_PER_BLOCK(fs) * block_count; uint32_t total_blocks_plus_one_page = total_blocks + SPIFFS_PAGES_PER_BLOCK(fs); -#pragma region // check for overflow once, before looping +//#pragma region // check for overflow once, before looping // this _should_ never happen, but prefer to see debug message / error // rather than silently entering infinite loop. if (block_count > ((spiffs_block_ix)(-1))) { @@ -568,7 +568,7 @@ static s32_t spiffs_page_consistency_check_i(spiffs *fs) { } // RESULT: spiffs_page_ix can safely be used for loop index vs. each of // block_count, total_blocks, and total_blocks_plus_one_page -#pragma endregion // check for overflow once, before looping +//#pragma endregion // check for overflow once, before looping // for each range of pages fitting into work memory From dc0e6f4f919ee781443fddbd9792f1d405c4bbae Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Wed, 15 Jan 2025 09:18:39 -0800 Subject: [PATCH 10/12] Fix regression Found by iceman1001's code review ... THANK YOU! --- armsrc/spiffs_check.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/armsrc/spiffs_check.c b/armsrc/spiffs_check.c index c35bc3e1f..636feb769 100644 --- a/armsrc/spiffs_check.c +++ b/armsrc/spiffs_check.c @@ -586,7 +586,7 @@ static s32_t spiffs_page_consistency_check_i(spiffs *fs) { 0); // traverse each page except for lookup pages spiffs_page_ix cur_pix = SPIFFS_OBJ_LOOKUP_PAGES(fs) + SPIFFS_PAGES_PER_BLOCK(fs) * cur_block; - while (!restart && cur_pix < total_blocks_plus_one_page) { + while (!restart && cur_pix < SPIFFS_PAGES_PER_BLOCK(fs) * (cur_block+1)) { //if ((cur_pix & 0xff) == 0) // SPIFFS_CHECK_DBG("PA: processing pix "_SPIPRIpg", block "_SPIPRIbl" of pix "_SPIPRIpg", block "_SPIPRIbl"\n", // cur_pix, cur_block, total_blocks, block_count); From 715e876c62ab06ee5fba16f68cd8d2d74c9b07e4 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Wed, 15 Jan 2025 09:22:18 -0800 Subject: [PATCH 11/12] Per explicit request of iceman1001 --- armsrc/thinfilm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/armsrc/thinfilm.c b/armsrc/thinfilm.c index efea4c899..8603ec506 100644 --- a/armsrc/thinfilm.c +++ b/armsrc/thinfilm.c @@ -115,7 +115,7 @@ static int EmSendCmdThinfilmRaw(const uint8_t *resp, uint16_t respLen) { // Ensure that the FPGA Delay Queue is empty uint16_t fpga_queued_bits = FpgaSendQueueDelay >> 3; - fpga_queued_bits /= 8u; + fpga_queued_bits >>= 3; // divide by 8 (again?) fpga_queued_bits += 1u; for (i = 0; i <= fpga_queued_bits;) { if (AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) { From 1e95dadde99e5b8d270d38a3d33e0a1ffdc59af6 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Wed, 15 Jan 2025 09:25:21 -0800 Subject: [PATCH 12/12] Remove static assertions --- client/src/cmdhfmf.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index a5b2d6509..09b87bdfc 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -129,9 +129,6 @@ static int initSectorTable(sector_t **src, size_t items) { // } sector_t; // This allocates based on the size of a single item - _Static_assert(sizeof(sector_t) >= 18, "Unexpectedly small sector_t"); // if packed, would be 18 - _Static_assert(sizeof(sector_t) == 24, "Sector_t used to be padded to 24 bytes?"); // not packed, so each entry must be 24 bytes - (*src) = calloc(items, sizeof(sector_t)); if (*src == NULL) { return PM3_EMALLOC;