github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-20 05:13:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

FIX: coverty scan reveals some resourceleaks and overruns, which is supposed to be fixed now.

Browse source 
/armsrc/des.c   overflow 7 instead of 6
/client/cmdlfhitag.c  overflows traclen
/client/util.c   sprint_bin_break  overflows.
/client/cmdhficlass.c   need to free memory after malloc.

ADD:  RotateRight macro in util.h
This commit is contained in:
iceman1001 2016-01-08 14:25:10 +01:00
commit ab7bb49475
5 changed files with 10 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
armsrc/des.c
View file

@ -274,7 +274,7 @@ uint32_t des_f(uint32_t r, uint8_t* kr){
uint64_t data; uint64_t data;
uint8_t *sbp; /* sboxpointer */ uint8_t *sbp; /* sboxpointer */
permute((uint8_t*)e_permtab, (uint8_t*)&r, (uint8_t*)&data); permute((uint8_t*)e_permtab, (uint8_t*)&r, (uint8_t*)&data);
for(i=0; i<7; ++i) for(i=0; i<6; ++i)
((uint8_t*)&data)[i] ^= kr[i]; ((uint8_t*)&data)[i] ^= kr[i];
/* Sbox substitution */ /* Sbox substitution */

1
client/cmdhficlass.c
View file

@ -409,6 +409,7 @@ int CmdHFiClassDecrypt(const char *Cmd) {
saveFile(outfilename,"bin", decrypted, blocknum*8); saveFile(outfilename,"bin", decrypted, blocknum*8);
free(decrypted);
return 0; return 0;
} }

2
client/cmdlfhitag.c
View file

@ -71,7 +71,7 @@ int CmdLFHitagList(const char *Cmd)
for (;;) { for (;;) {
if(i > traceLen) { break; } if(i >= traceLen) { break; }
bool isResponse; bool isResponse;
int timestamp = *((uint32_t *)(got+i)); int timestamp = *((uint32_t *)(got+i));

9
client/util.c
View file

@ -137,7 +137,7 @@ char *sprint_bin_break(const uint8_t *data, const size_t len, const uint8_t brea
size_t in_index = 0; size_t in_index = 0;
// loop through the out_index to make sure we don't go too far // loop through the out_index to make sure we don't go too far
for (size_t out_index=0; out_index < max_len; out_index++) { for (size_t out_index=0; out_index < max_len-2; out_index++) {
// set character // set character
sprintf(tmp++, "%u", data[in_index]); sprintf(tmp++, "%u", data[in_index]);
// check if a line break is needed and we have room to print it in our array // check if a line break is needed and we have room to print it in our array
@ -463,11 +463,9 @@ void binarraytobinstring(char *target, char *source, int length)
uint8_t GetParity( uint8_t *bits, uint8_t type, int length) uint8_t GetParity( uint8_t *bits, uint8_t type, int length)
{ {
int x; int x;
for( x = 0 ; length > 0 ; --length)
for(x= 0 ; length > 0 ; --length)
x += bits[length - 1]; x += bits[length - 1];
x %= 2; x %= 2;
return x ^ type; return x ^ type;
} }
@ -503,7 +501,8 @@ uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits) {
return tmp; return tmp;
} }
// RotateLeft - Ultralight, Desfire // RotateLeft - Ultralight, Desfire, works on byte level
// 00-01-02 >> 01-02-00
void rol(uint8_t *data, const size_t len){ void rol(uint8_t *data, const size_t len){
uint8_t first = data[0]; uint8_t first = data[0];
for (size_t i = 0; i < len-1; i++) { for (size_t i = 0; i < len-1; i++) {

3
client/util.h
View file

@ -17,6 +17,9 @@
#include <time.h> #include <time.h>
#include "data.h" #include "data.h"
#ifndef ROTR
# define ROTR(x,n) (((uintmax_t)(x) >> (n)) | ((uintmax_t)(x) << ((sizeof(x) * 8) - (n))))
#endif
#ifndef MIN #ifndef MIN
# define MIN(a, b) (((a) < (b)) ? (a) : (b)) # define MIN(a, b) (((a) < (b)) ? (a) : (b))
#endif #endif