From 9f36ce1b9d67065150c790e21b37d0df191e2833 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sun, 5 Sep 2021 23:42:14 +0200 Subject: [PATCH] cppcheck reduce variable scopes --- armsrc/Standalone/lf_nexid.c | 3 +- armsrc/Standalone/lf_tharexde.c | 3 +- armsrc/hitag2crack.c | 7 +- armsrc/hitagS.c | 7 +- armsrc/iso14443a.c | 8 +- armsrc/lfops.c | 3 +- client/src/cmdlfem4x05.c | 43 ++++------ client/src/cmdlfnedap.c | 78 +++++++++---------- client/src/cmdlft55xx.c | 5 +- client/src/emv/emvcore.c | 6 +- client/src/loclass/elite_crack.c | 3 +- .../hitag2crack/crack2/ht2crack2buildtable.c | 44 ++++------- tools/hitag2crack/crack3/ht2crack3.c | 9 +-- tools/hitag2crack/crack4/ht2crack4.c | 19 ++--- tools/hitag2crack/crack5/ht2crack5.c | 4 +- 15 files changed, 102 insertions(+), 140 deletions(-) diff --git a/armsrc/Standalone/lf_nexid.c b/armsrc/Standalone/lf_nexid.c index 819811223..d08bdde02 100644 --- a/armsrc/Standalone/lf_nexid.c +++ b/armsrc/Standalone/lf_nexid.c @@ -259,9 +259,8 @@ static int demodNexWatch(void) { // output Dbprintf(" NexWatch raw id : " _YELLOW_("0x%08"PRIx32), rawid); - uint8_t temp_checksum; for (; magic < 255; magic++) { - temp_checksum = nexwatch_checksum(magic, cn, calc_parity); + uint8_t temp_checksum = nexwatch_checksum(magic, cn, calc_parity); if (temp_checksum == chk) { Dbprintf(" Magic number : " _GREEN_("0x%X"), magic); break; diff --git a/armsrc/Standalone/lf_tharexde.c b/armsrc/Standalone/lf_tharexde.c index 5ca69072b..c65b6f07a 100644 --- a/armsrc/Standalone/lf_tharexde.c +++ b/armsrc/Standalone/lf_tharexde.c @@ -126,11 +126,10 @@ static void append(const char *filename, uint8_t *entry, size_t entry_len) { } static void save_pwds(uint32_t *pwdlist, size_t no_pwd) { - uint8_t entry[10] = {0}; - if (no_pwd > 0) { Dbprintf(""); for (int i = 0; i < no_pwd; i++) { + uint8_t entry[10] = {0}; sprintf((char *)entry, "%08"PRIx32"\n", pwdlist[i]); append(LF_EM4X50_LOGFILE_SIM, entry, strlen((char *)entry)); Dbprintf("received password: %08"PRIx32"", pwdlist[i]); diff --git a/armsrc/hitag2crack.c b/armsrc/hitag2crack.c index a79c166d6..97d1888ba 100644 --- a/armsrc/hitag2crack.c +++ b/armsrc/hitag2crack.c @@ -296,8 +296,6 @@ bool hitag2crack_read_page(uint8_t *responsestr, uint8_t pagenum, uint8_t *nrar, uint8_t cmd[10]; uint8_t e_cmd[10]; uint8_t e_responsestr[9]; - uint8_t e_response[32]; - uint8_t response[32]; if (pagenum > 7) { UserMessage("hitag2crack_read_page:\r\n invalid pagenum\r\n"); @@ -326,6 +324,8 @@ bool hitag2crack_read_page(uint8_t *responsestr, uint8_t pagenum, uint8_t *nrar, if (hitag2crack_send_e_cmd(e_responsestr, nrar, e_cmd, 10)) { // check if it is valid if (strcmp(e_responsestr, ERROR_RESPONSE) != 0) { + uint8_t e_response[32]; + uint8_t response[32]; // convert to binarray hextobinarray(e_response, e_responsestr); // decrypt response @@ -792,13 +792,12 @@ bool hitag2crack_extend_keystream(uint8_t *keybits, int *kslen, int ksoffset, ui bool hitag2_reader(uint8_t *response, uint8_t *key, bool interactive) { uint8_t tmp[9]; - int i; response[0] = '\0'; // auth to tag if (hitag2_crypto_auth(tmp, key)) { // read tag, one page at a time - for (i = 0; i <= 7; ++i) { + for (int i = 0; i <= 7; ++i) { if (!read_tag(tmp, i, i)) { // if read fails, it could be because of auth, // so try to reauth diff --git a/armsrc/hitagS.c b/armsrc/hitagS.c index c91499e1e..3297e19bf 100644 --- a/armsrc/hitagS.c +++ b/armsrc/hitagS.c @@ -858,7 +858,6 @@ void SimulateHitagSTag(bool tag_mem_supplied, uint8_t *data) { // int frame_count = 0; int response = 0, overflow = 0; - int i, j; uint8_t rx[HITAG_FRAME_LEN]; size_t rxlen = 0; bQuiet = false; @@ -885,8 +884,8 @@ void SimulateHitagSTag(bool tag_mem_supplied, uint8_t *data) { // read tag data into memory if (tag_mem_supplied) { - for (i = 0; i < 16; i++) - for (j = 0; j < 4; j++) + for (int i = 0; i < 16; i++) + for (int j = 0; j < 4; j++) tag.pages[i][j] = 0x0; DbpString("Loading hitagS memory..."); @@ -912,7 +911,7 @@ void SimulateHitagSTag(bool tag_mem_supplied, uint8_t *data) { if ((tag.pages[1][0] & 0x2) == 0 && (tag.pages[1][0] & 0x1) == 0) tag.max_page = 0; if (g_dbglevel >= DBG_EXTENDED) - for (i = 0; i < tag.max_page; i++) + for (int i = 0; i < tag.max_page; i++) Dbprintf("Page[%2d]: %02X %02X %02X %02X", i, (tag.pages[i][3]) & 0xff, (tag.pages[i][2]) & 0xff, diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index 337d5b106..a2efa4881 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -1329,8 +1329,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data, uint8_t int retval = PM3_SUCCESS; // Just to allow some checks - int happened = 0; - int happened2 = 0; +// int happened = 0; +// int happened2 = 0; int cmdsRecvd = 0; uint32_t numReads = 0; //Counts numer of times reader reads a block @@ -1781,8 +1781,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data, uint8_t BigBuf_free_keep_EM(); if (g_dbglevel >= DBG_EXTENDED) { - Dbprintf("-[ Wake ups after halt [%d]", happened); - Dbprintf("-[ Messages after halt [%d]", happened2); +// Dbprintf("-[ Wake ups after halt [%d]", happened); +// Dbprintf("-[ Messages after halt [%d]", happened2); Dbprintf("-[ Num of received cmd [%d]", cmdsRecvd); Dbprintf("-[ Num of moebius tries [%d]", moebius_count); } diff --git a/armsrc/lfops.c b/armsrc/lfops.c index b0dc52479..156a6e5b8 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -1871,9 +1871,8 @@ void T55xxDangerousRawTest(uint8_t *data) { // Trigger T55x7 in mode. FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); WaitUS(T55xx_Timing.m[0].start_gap); - uint8_t sendbits; for (uint8_t i = 0; i < len; i++) { - sendbits = (bs[BITSTREAM_BYTE(i)] >> BITSTREAM_BIT(i)); + uint8_t sendbits = (bs[BITSTREAM_BYTE(i)] >> BITSTREAM_BIT(i)); T55xxWriteBit(sendbits & 1, 0); } TurnReadLFOn(c->time); diff --git a/client/src/cmdlfem4x05.c b/client/src/cmdlfem4x05.c index 68a7ec208..c02c24396 100644 --- a/client/src/cmdlfem4x05.c +++ b/client/src/cmdlfem4x05.c @@ -539,10 +539,8 @@ int CmdEM4x05Dump(const char *Cmd) { uint32_t data[16]; int success = PM3_SUCCESS; - int status, status14, status15; uint32_t lock_bits = 0x00; // no blocks locked bool gotLockBits = false; - bool lockInPW2 = false; uint32_t word = 0; const char *info[] = {"Info/User", "UID", "Password", "User", "Config", "User", "User", "User", "User", "User", "User", "User", "User", "User", "Lock", "Lock"}; @@ -555,7 +553,7 @@ int CmdEM4x05Dump(const char *Cmd) { if (usePwd) { // Test first if the password is correct - status = em4x05_login_ext(pwd); + int status = em4x05_login_ext(pwd); if (status == PM3_SUCCESS) { PrintAndLogEx(INFO, "password is " _GREEN_("correct")); } else if (status == PM3_EFAILED) { @@ -572,11 +570,10 @@ int CmdEM4x05Dump(const char *Cmd) { PrintAndLogEx(INFO, "-----+----------+-------+---+-----"); if (card_type == EM_4205 || card_type == EM_4305 || card_type == EM_UNKNOWN) { - - + bool lockInPW2 = false; // To flag any blocks locked we need to read blocks 14 and 15 first // dont swap endian until we get block lock flags. - status14 = em4x05_read_word_ext(EM4305_PROT1_BLOCK, pwd, usePwd, &word); + int status14 = em4x05_read_word_ext(EM4305_PROT1_BLOCK, pwd, usePwd, &word); if (status14 == PM3_SUCCESS) { if ((word & 0x00008000) != 0x00) { lock_bits = word; @@ -586,7 +583,7 @@ int CmdEM4x05Dump(const char *Cmd) { } else { success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data } - status15 = em4x05_read_word_ext(EM4305_PROT2_BLOCK, pwd, usePwd, &word); + int status15 = em4x05_read_word_ext(EM4305_PROT2_BLOCK, pwd, usePwd, &word); if (status15 == PM3_SUCCESS) { if ((word & 0x00008000) != 0x00) { // assume block 15 is the current lock block lock_bits = word; @@ -612,7 +609,7 @@ int CmdEM4x05Dump(const char *Cmd) { } } else { // success &= em4x05_read_word_ext(addr, pwd, usePwd, &word); - status = em4x05_read_word_ext(addr, pwd, usePwd, &word); // Get status for single read + int status = em4x05_read_word_ext(addr, pwd, usePwd, &word); // Get status for single read if (status != PM3_SUCCESS) success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data data[addr] = BSWAP_32(word); @@ -647,7 +644,7 @@ int CmdEM4x05Dump(const char *Cmd) { // To flag any blocks locked we need to read block 3 first // dont swap endian until we get block lock flags. - status14 = em4x05_read_word_ext(EM4469_PROT_BLOCK, pwd, usePwd, &word); + int status14 = em4x05_read_word_ext(EM4469_PROT_BLOCK, pwd, usePwd, &word); if (status14 == PM3_SUCCESS) { lock_bits = word; gotLockBits = true; @@ -656,10 +653,8 @@ int CmdEM4x05Dump(const char *Cmd) { success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data } - uint32_t lockbit; - for (; addr < 16; addr++) { - lockbit = (lock_bits >> (addr * 2)) & 3; + uint32_t lockbit = (lock_bits >> (addr * 2)) & 3; if (addr == 2) { if (usePwd) { data[addr] = BSWAP_32(pwd); @@ -671,7 +666,7 @@ int CmdEM4x05Dump(const char *Cmd) { } } else { - status = em4x05_read_word_ext(addr, pwd, usePwd, &word); + int status = em4x05_read_word_ext(addr, pwd, usePwd, &word); if (status != PM3_SUCCESS) { success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data } @@ -1970,9 +1965,6 @@ uint32_t static em4x05_Sniff_GetBlock(char *bits, bool fwd) { int CmdEM4x05Sniff(const char *Cmd) { - bool pwd = false, fwd = false; - bool haveData, sampleData = true; - CLIParserContext *ctx; CLIParserInit(&ctx, "lf em 4x05 sniff", "Sniff EM4x05 commands sent from a programmer", @@ -1988,8 +1980,8 @@ int CmdEM4x05Sniff(const char *Cmd) { arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); - sampleData = (arg_get_lit(ctx, 1) == false); - fwd = arg_get_lit(ctx, 2); + bool sampleData = (arg_get_lit(ctx, 1) == false); + bool fwd = arg_get_lit(ctx, 2); CLIParserFree(ctx); char cmdText[100]; @@ -1999,9 +1991,7 @@ int CmdEM4x05Sniff(const char *Cmd) { int i, bitidx; int ZeroWidth; // 32-42 "1" is 32 int CycleWidth; - size_t idx = 0, pulseSamples, pktOffset; - uint32_t tmpValue; - bool eop = false; + size_t pulseSamples; // setup and sample data from Proxmark // if not directed to existing sample/graphbuffer @@ -2019,15 +2009,16 @@ int CmdEM4x05Sniff(const char *Cmd) { PrintAndLogEx(SUCCESS, "offset | Command | Data | blk | raw"); PrintAndLogEx(SUCCESS, "-------+-------------+----------+-----+------------------------------------------------------------"); - idx = 0; + size_t idx = 0; // loop though sample buffer while (idx < g_GraphTraceLen) { - eop = false; - haveData = false; - pwd = false; + bool eop = false; + bool haveData = false; + bool pwd = false; + uint32_t tmpValue; idx = em4x05_Sniff_GetNextBitStart(idx, g_GraphTraceLen, g_GraphBuffer, &pulseSamples); - pktOffset = idx; + size_t pktOffset = idx; if (pulseSamples >= 10) { // Should be 18 so a bit less to allow for processing // Use first bit to get "0" bit samples as a reference diff --git a/client/src/cmdlfnedap.c b/client/src/cmdlfnedap.c index 41f9f3bbf..26bf6f9ac 100644 --- a/client/src/cmdlfnedap.c +++ b/client/src/cmdlfnedap.c @@ -46,7 +46,7 @@ static uint8_t isEven_64_63(const uint8_t *data) { // 8 //NEDAP demod - ASK/Biphase (or Diphase), RF/64 with preamble of 1111111110 (always a 128 bit data stream) int demodNedap(bool verbose) { (void) verbose; // unused so far - uint8_t data[16], buffer[7], r0, r1, r2, r3, r4, r5, idxC1, idxC2, idxC3, idxC4, idxC5, fixed0, fixed1, unk1, unk2, subtype; // 4 bits + uint8_t data[16], buffer[7], subtype; // 4 bits size_t size, offset = 0; uint16_t checksum, customerCode; // 12 bits uint32_t badgeId; // max 99999 @@ -118,19 +118,19 @@ int demodNedap(bool verbose) { ret = PM3_ESOFT; } - idxC1 = invTranslateTable[(data[3] & 0x1e) >> 1]; - idxC2 = invTranslateTable[(data[4] & 0x1e) >> 1]; - idxC3 = invTranslateTable[(data[5] & 0x1e) >> 1]; - idxC4 = invTranslateTable[(data[6] & 0x1e) >> 1]; - idxC5 = invTranslateTable[(data[7] & 0x1e) >> 1]; + uint8_t idxC1 = invTranslateTable[(data[3] & 0x1e) >> 1]; + uint8_t idxC2 = invTranslateTable[(data[4] & 0x1e) >> 1]; + uint8_t idxC3 = invTranslateTable[(data[5] & 0x1e) >> 1]; + uint8_t idxC4 = invTranslateTable[(data[6] & 0x1e) >> 1]; + uint8_t idxC5 = invTranslateTable[(data[7] & 0x1e) >> 1]; // validation if ((idxC1 != 0xFF) && (idxC2 != 0xFF) && (idxC3 != 0xFF) && (idxC4 != 0xFF) && (idxC5 != 0xFF)) { - r1 = idxC1; - r2 = ((10 + idxC2) - (idxC1 + 1)) % 10; - r3 = ((10 + idxC3) - (idxC2 + 1)) % 10; - r4 = ((10 + idxC4) - (idxC3 + 1)) % 10; - r5 = ((10 + idxC5) - (idxC4 + 1)) % 10; + uint8_t r1 = idxC1; + uint8_t r2 = ((10 + idxC2) - (idxC1 + 1)) % 10; + uint8_t r3 = ((10 + idxC3) - (idxC2 + 1)) % 10; + uint8_t r4 = ((10 + idxC4) - (idxC3 + 1)) % 10; + uint8_t r5 = ((10 + idxC5) - (idxC4 + 1)) % 10; badgeId = r1 * 10000 + r2 * 1000 + r3 * 100 + r4 * 10 + r5; @@ -171,18 +171,18 @@ int demodNedap(bool verbose) { } // - r4 = (data[8] >> 3) & 0x0F; - r5 = ((data[8] << 1) & 0x0F) | (data[9] >> 7); - r2 = (data[9] >> 2) & 0x0F; - r3 = ((data[9] << 2) & 0x0F) | (data[10] >> 6); - r0 = ((data[10] >> 1) & 0x0F); - r1 = ((data[10] << 3) & 0x0F) | (data[11] >> 5); + uint8_t r4 = (data[8] >> 3) & 0x0F; + uint8_t r5 = ((data[8] << 1) & 0x0F) | (data[9] >> 7); + uint8_t r2 = (data[9] >> 2) & 0x0F; + uint8_t r3 = ((data[9] << 2) & 0x0F) | (data[10] >> 6); + uint8_t r0 = ((data[10] >> 1) & 0x0F); + uint8_t r1 = ((data[10] << 3) & 0x0F) | (data[11] >> 5); - fixed0 = ((data[11] << 4) & 0xF0) | (data[12] >> 4); - fixed1 = ((data[12] << 5) & 0xE0) | (data[13] >> 3); + uint8_t fixed0 = ((data[11] << 4) & 0xF0) | (data[12] >> 4); + uint8_t fixed1 = ((data[12] << 5) & 0xE0) | (data[13] >> 3); - unk1 = ((data[13] << 6) & 0xC0) | (data[14] >> 2); - unk2 = ((data[14] << 7) & 0xC0) | (data[15] >> 1); + uint8_t unk1 = ((data[13] << 6) & 0xC0) | (data[14] >> 2); + uint8_t unk2 = ((data[14] << 7) & 0xC0) | (data[15] >> 1); // validation 2 if (!r0 && (r1 < 10) && (r2 < 10) && (r3 < 10) && (r4 < 10) && (r5 < 10)) { @@ -293,21 +293,20 @@ static int CmdLFNedapReader(const char *Cmd) { } static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool isLong, uint8_t *data) { // 8 or 16 - uint8_t buffer[7], r1, r2, r3, r4, r5, idxC1, idxC2, idxC3, idxC4, idxC5, i, tmp, carry, id2, id1, id0; - uint16_t checksum; + uint8_t buffer[7]; - r1 = (uint8_t)(id / 10000); - r2 = (uint8_t)((id % 10000) / 1000); - r3 = (uint8_t)((id % 1000) / 100); - r4 = (uint8_t)((id % 100) / 10); - r5 = (uint8_t)(id % 10); + uint8_t r1 = (uint8_t)(id / 10000); + uint8_t r2 = (uint8_t)((id % 10000) / 1000); + uint8_t r3 = (uint8_t)((id % 1000) / 100); + uint8_t r4 = (uint8_t)((id % 100) / 10); + uint8_t r5 = (uint8_t)(id % 10); // first part - idxC1 = r1; - idxC2 = (idxC1 + 1 + r2) % 10; - idxC3 = (idxC2 + 1 + r3) % 10; - idxC4 = (idxC3 + 1 + r4) % 10; - idxC5 = (idxC4 + 1 + r5) % 10; + uint8_t idxC1 = r1; + uint8_t idxC2 = (idxC1 + 1 + r2) % 10; + uint8_t idxC3 = (idxC2 + 1 + r3) % 10; + uint8_t idxC4 = (idxC3 + 1 + r4) % 10; + uint8_t idxC5 = (idxC4 + 1 + r5) % 10; buffer[0] = 0xc0 | (subType & 0x0F); buffer[1] = (customerCode & 0x0FF0) >> 4; @@ -317,7 +316,7 @@ static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool i // checksum init_table(CRC_XMODEM); - checksum = crc16_xmodem(buffer, 5); + uint16_t checksum = crc16_xmodem(buffer, 5); buffer[6] = ((checksum & 0x000F) << 4) | (buffer[4] & 0x0F); buffer[5] = (checksum & 0x00F0) | ((buffer[4] & 0xF0) >> 4); @@ -325,8 +324,9 @@ static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool i buffer[3] = ((checksum & 0xF000) >> 8) | ((buffer[3] & 0xF0) >> 4); // carry calc - for (i = 0, carry = 0; i < sizeof(buffer); i++) { - tmp = buffer[sizeof(buffer) - 1 - i]; + uint8_t carry = 0; + for (uint8_t i = 0; i < sizeof(buffer); i++) { + uint8_t tmp = buffer[sizeof(buffer) - 1 - i]; data[7 - i] = ((tmp & 0x7F) << 1) | carry; carry = (tmp & 0x80) >> 7; } @@ -335,9 +335,9 @@ static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool i // second part if (isLong) { - id0 = r1; - id1 = (r2 << 4) | r3; - id2 = (r4 << 4) | r5; + uint8_t id0 = r1; + uint8_t id1 = (r2 << 4) | r3; + uint8_t id2 = (r4 << 4) | r5; data[8] = (id2 >> 1); data[9] = ((id2 & 0x01) << 7) | (id1 >> 2); diff --git a/client/src/cmdlft55xx.c b/client/src/cmdlft55xx.c index 677907e2f..9ff933785 100644 --- a/client/src/cmdlft55xx.c +++ b/client/src/cmdlft55xx.c @@ -4047,7 +4047,6 @@ static int CmdT55xxSniff(const char *Cmd) { int minWidth = 1000; int maxWidth = 0; - uint16_t dataLen = 0; data[0] = 0; bool have_data = false; sprintf(modeText, "Default"); @@ -4125,7 +4124,7 @@ static int CmdT55xxSniff(const char *Cmd) { // Fixed bit - Default if (have_data == false && (APPROX_EQ(pulseBuffer[0], maxWidth, tolerance))) { - dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance); + uint16_t dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance); // if ((dataLen == 39) ) // printf ("Fixed | Data end of 80 samples | offset : %llu - datalen %-2d - data : %s --- - Bit 0 width : %d\n",idx,dataLen,data,pulseBuffer[0]); @@ -4209,7 +4208,7 @@ static int CmdT55xxSniff(const char *Cmd) { if (have_data == false && (APPROX_EQ(pulseBuffer[0], minWidth, tolerance))) { // leading 0 (should = 0 width) // 1 of 4 (leads with 00) - dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance); + uint16_t dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance); // **** Should check to 0 to be actual 0 as well i.e. 01 .... data .... if ((data[0] == '0') && (data[1] == '1')) { if (dataLen == 73) { diff --git a/client/src/emv/emvcore.c b/client/src/emv/emvcore.c index ec954806b..3dccf4d47 100644 --- a/client/src/emv/emvcore.c +++ b/client/src/emv/emvcore.c @@ -389,10 +389,9 @@ int EMVSearchPSE(Iso7816CommandChannel channel, bool ActivateField, bool LeaveFi return 1; } - bool fileFound = false; - struct tlvdb *t = tlvdb_parse_multi(data, datalen); if (t) { + bool fileFound = false; // PSE/PPSE with SFI struct tlvdb *tsfi = tlvdb_find_path(t, (tlv_tag_t[]) {0x6f, 0xa5, 0x88, 0x00}); if (tsfi) { @@ -473,7 +472,6 @@ int EMVSearch(Iso7816CommandChannel channel, bool ActivateField, bool LeaveField size_t datalen = 0; uint16_t sw = 0; - int res = 0; int retrycnt = 0; for (int i = 0; i < ARRAYLEN(AIDlist); i ++) { @@ -483,7 +481,7 @@ int EMVSearch(Iso7816CommandChannel channel, bool ActivateField, bool LeaveField } param_gethex_to_eol(AIDlist[i].aid, 0, aidbuf, sizeof(aidbuf), &aidlen); - res = EMVSelect(channel, (i == 0) ? ActivateField : false, true, aidbuf, aidlen, data, sizeof(data), &datalen, &sw, tlv); + int res = EMVSelect(channel, (i == 0) ? ActivateField : false, true, aidbuf, aidlen, data, sizeof(data), &datalen, &sw, tlv); // retry if error and not returned sw error if (res && res != 5) { if (++retrycnt < 3) { diff --git a/client/src/loclass/elite_crack.c b/client/src/loclass/elite_crack.c index 2d1650d0d..766cc40dd 100644 --- a/client/src/loclass/elite_crack.c +++ b/client/src/loclass/elite_crack.c @@ -329,10 +329,9 @@ static void *bf_thread(void *thread_arg) { memcpy(bytes_to_recover, targ->bytes_to_recover, sizeof(bytes_to_recover)); memcpy(keytable, targ->keytable, sizeof(keytable)); - int found; while (!(brute & endmask)) { - found = __atomic_load_n(&loclass_found, __ATOMIC_SEQ_CST); + int found = __atomic_load_n(&loclass_found, __ATOMIC_SEQ_CST); if (found != 0xFF) return NULL; diff --git a/tools/hitag2crack/crack2/ht2crack2buildtable.c b/tools/hitag2crack/crack2/ht2crack2buildtable.c index 8ea3186bb..306cb5b72 100644 --- a/tools/hitag2crack/crack2/ht2crack2buildtable.c +++ b/tools/hitag2crack/crack2/ht2crack2buildtable.c @@ -100,16 +100,13 @@ static void create_tables(struct table *tt) { // free the table memory static void free_tables(struct table *tt) { - int i; - struct table *ttmp; - if (!tt) { - printf("free_tables: t is NULL\n"); + printf("free_tables: tt is NULL\n"); exit(1); } - for (i = 0; i < 0x10000; i++) { - ttmp = tt + i; + for (int i = 0; i < 0x10000; i++) { + struct table *ttmp = tt + i; free(ttmp->data); } } @@ -279,10 +276,7 @@ static void jumpnsteps(Hitag_State *hstate, int table) { static void *buildtable(void *dd) { Hitag_State hstate; Hitag_State hstate2; - unsigned long i; unsigned long maxentries = 1; - uint32_t ks1; - uint32_t ks2; int index = (int)(long)dd; int tnum = NUM_BUILD_THREADS; @@ -291,7 +285,7 @@ static void *buildtable(void *dd) { buildlfsr(&hstate); /* jump to offset using jump table 2 (2048) */ - for (i = 0; i < index; i++) { + for (unsigned long i = 0; i < index; i++) { jumpnsteps(&hstate, 2); } @@ -309,7 +303,7 @@ static void *buildtable(void *dd) { } /* make the entries */ - for (i = 0; i < maxentries; i++) { + for (unsigned long i = 0; i < maxentries; i++) { // copy the current state hstate2.shiftreg = hstate.shiftreg; @@ -317,8 +311,8 @@ static void *buildtable(void *dd) { // get 48 bits of keystream from hstate2 // this is split into 2 x 24 bit - ks1 = hitag2_nstep(&hstate2, 24); - ks2 = hitag2_nstep(&hstate2, 24); + uint32_t ks1 = hitag2_nstep(&hstate2, 24); + uint32_t ks2 = hitag2_nstep(&hstate2, 24); write_ks_s(ks1, ks2, hstate.shiftreg); @@ -457,10 +451,6 @@ static void *sorttable(void *dd) { int main(int argc, char *argv[]) { pthread_t threads[NUM_BUILD_THREADS]; void *status; - long i; - int ret; - struct table *t1; - // make the table of tables t = (struct table *)malloc(sizeof(struct table) * 65536); @@ -482,8 +472,8 @@ int main(int argc, char *argv[]) { builddi(2048, 2); // start the threads - for (i = 0; i < NUM_BUILD_THREADS; i++) { - ret = pthread_create(&(threads[i]), NULL, buildtable, (void *)(i)); + for (long i = 0; i < NUM_BUILD_THREADS; i++) { + int ret = pthread_create(&(threads[i]), NULL, buildtable, (void *)(i)); if (ret) { printf("cannot start buildtable thread %ld\n", i); exit(1); @@ -493,8 +483,8 @@ int main(int argc, char *argv[]) { if (debug) printf("main, started buildtable threads\n"); // wait for threads to finish - for (i = 0; i < NUM_BUILD_THREADS; i++) { - ret = pthread_join(threads[i], &status); + for (long i = 0; i < NUM_BUILD_THREADS; i++) { + int ret = pthread_join(threads[i], &status); if (ret) { printf("cannot join buildtable thread %ld\n", i); exit(1); @@ -503,8 +493,8 @@ int main(int argc, char *argv[]) { } // write all remaining files - for (i = 0; i < 0x10000; i++) { - t1 = t + i; + for (long i = 0; i < 0x10000; i++) { + struct table *t1 = t + i; if (t1->ptr > t1->data) { writetable(t1); } @@ -520,8 +510,8 @@ int main(int argc, char *argv[]) { // start the threads - for (i = 0; i < NUM_SORT_THREADS; i++) { - ret = pthread_create(&(threads[i]), NULL, sorttable, (void *)(i)); + for (long i = 0; i < NUM_SORT_THREADS; i++) { + int ret = pthread_create(&(threads[i]), NULL, sorttable, (void *)(i)); if (ret) { printf("cannot start sorttable thread %ld\n", i); exit(1); @@ -531,8 +521,8 @@ int main(int argc, char *argv[]) { if (debug) printf("main, started sorttable threads\n"); // wait for threads to finish - for (i = 0; i < NUM_SORT_THREADS; i++) { - ret = pthread_join(threads[i], &status); + for (long i = 0; i < NUM_SORT_THREADS; i++) { + int ret = pthread_join(threads[i], &status); if (ret) { printf("cannot join sorttable thread %ld\n", i); exit(1); diff --git a/tools/hitag2crack/crack3/ht2crack3.c b/tools/hitag2crack/crack3/ht2crack3.c index fba050d67..13e41dc8a 100644 --- a/tools/hitag2crack/crack3/ht2crack3.c +++ b/tools/hitag2crack/crack3/ht2crack3.c @@ -124,9 +124,7 @@ static int is_kmiddle_badguess(uint64_t z, struct Tklower *Tk, int max, int aR0) // function to test if a partial key is valid static int testkey(uint64_t *out, uint64_t uid, uint64_t pkey, uint64_t nR, uint64_t aR) { uint64_t kupper; - uint64_t key; Hitag_State hstate; - uint64_t b; uint32_t revaR; uint32_t normaR; @@ -136,9 +134,9 @@ static int testkey(uint64_t *out, uint64_t uid, uint64_t pkey, uint64_t nR, uint // search for remaining 14 bits for (kupper = 0; kupper < 0x3fff; kupper++) { - key = (kupper << 34) | pkey; + uint64_t key = (kupper << 34) | pkey; hitag2_init(&hstate, key, uid, nR); - b = hitag2_nstep(&hstate, 32); + uint64_t b = hitag2_nstep(&hstate, 32); if ((normaR ^ b) == 0xffffffff) { *out = key; return 1; @@ -183,7 +181,6 @@ static void *crack(void *d) { uint64_t klower, kmiddle, klowery; uint64_t y, b, z, bit; uint64_t ytmp; - unsigned int count; uint64_t foundkey, revkey; int ret; unsigned int found; @@ -210,7 +207,7 @@ static void *crack(void *d) { for (klower = data->klowerstart; klower < (data->klowerstart + data->klowerrange); klower++) { printf("trying klower = 0x%05"PRIx64"\n", klower); // build table - count = 0; + unsigned int count = 0; for (y = 0; y < 0x40000; y++) { // create klowery klowery = (y << 16) | klower; diff --git a/tools/hitag2crack/crack4/ht2crack4.c b/tools/hitag2crack/crack4/ht2crack4.c index 26460a112..d10199167 100644 --- a/tools/hitag2crack/crack4/ht2crack4.c +++ b/tools/hitag2crack/crack4/ht2crack4.c @@ -429,9 +429,6 @@ static double score(uint64_t s, unsigned int size, uint64_t ks, unsigned int kss /* score_traces runs score for each encrypted nonce */ static void score_traces(struct guess *g, unsigned int size) { - uint64_t lfsr; - unsigned int i; - double sc; double total_score = 0.0; // don't bother scoring traces that are already losers @@ -439,12 +436,12 @@ static void score_traces(struct guess *g, unsigned int size) { return; } - for (i = 0; i < num_nRaR; i++) { + for (unsigned int i = 0; i < num_nRaR; i++) { // calc next b // create lfsr - lower 32 bits is uid, upper 16 bits are lower 16 bits of key // then shift by size - 16, insert upper key XOR enc_nonce XOR bitstream, // and calc new bit b - lfsr = (uid >> (size - 16)) | ((g->key << (48 - size)) ^ + uint64_t lfsr = (uid >> (size - 16)) | ((g->key << (48 - size)) ^ ((nonces[i].enc_nR ^ g->b0to31[i]) << (64 - size))); g->b0to31[i] = g->b0to31[i] | (ht2crypt(lfsr) << (size - 16)); @@ -452,7 +449,7 @@ static void score_traces(struct guess *g, unsigned int size) { // bits 16-47 are upper bits of key XOR enc_nonce XOR bitstream lfsr = g->key ^ ((nonces[i].enc_nR ^ g->b0to31[i]) << 16); - sc = score(lfsr, size, nonces[i].ks, 32); + double sc = score(lfsr, size, nonces[i].ks, 32); // look out for losers if (sc == 0.0) { @@ -616,17 +613,13 @@ static void execute_round(unsigned int size) { /* crack is the main cracking algo; it executes the rounds */ static void crack(void) { - unsigned int i; - uint64_t revkey; - uint64_t foundkey; - - for (i = 16; i <= 48; i++) { + for (unsigned int i = 16; i <= 48; i++) { fprintf(stderr, "round %2u, size=%2u\n", i - 16, i); execute_round(i); // print some metrics - revkey = rev64(guesses[0].key); - foundkey = ((revkey >> 40) & 0xff) | ((revkey >> 24) & 0xff00) | ((revkey >> 8) & 0xff0000) | ((revkey << 8) & 0xff000000) | ((revkey << 24) & 0xff00000000) | ((revkey << 40) & 0xff0000000000); + uint64_t revkey = rev64(guesses[0].key); + uint64_t foundkey = ((revkey >> 40) & 0xff) | ((revkey >> 24) & 0xff00) | ((revkey >> 8) & 0xff0000) | ((revkey << 8) & 0xff000000) | ((revkey << 24) & 0xff00000000) | ((revkey << 40) & 0xff0000000000); fprintf(stderr, " guess=%012" PRIx64 ", num_guesses = %u, top score=%1.10f, min score=%1.10f\n", foundkey, num_guesses, guesses[0].score, guesses[num_guesses - 1].score); } } diff --git a/tools/hitag2crack/crack5/ht2crack5.c b/tools/hitag2crack/crack5/ht2crack5.c index 196f16420..ec9ed45a4 100644 --- a/tools/hitag2crack/crack5/ht2crack5.c +++ b/tools/hitag2crack/crack5/ht2crack5.c @@ -802,7 +802,7 @@ static void *find_state(void *thread_d) { static void try_state(uint64_t s) { Hitag_State hstate; - uint64_t keyrev, key, nR1xk; + uint64_t keyrev, nR1xk; uint32_t b = 0; hstate.shiftreg = s; @@ -820,7 +820,7 @@ static void try_state(uint64_t s) { hitag2_init(&hstate, keyrev, uid, nR2); if ((aR2 ^ hitag2_nstep(&hstate, 32)) == 0xffffffff) { - key = rev64(keyrev); + uint64_t key = rev64(keyrev); printf("Key: "); for (int i = 0; i < 6; i++) {