Merge branch 'master' of https://github.com/RfidResearchGroup/proxmark3

2025-08-19 21:03:48 -07:00 · 2019-10-10 10:24:21 +02:00 · 2019-10-10 10:24:21 +02:00 · b62e4dfa36
commit b62e4dfa36
parent 69274a1184 762075f34a
31 changed files with 273 additions and 174 deletions
--- a/.coverity.conf.sample
+++ b/.coverity.conf.sample
@ -0,0 +1,36 @@
 COVLOGIN=myemail@corp.com
 COVTOKEN=aAbBcCdDeEfFgGhHiIjJkK
 # Toolchain available at https://scan.coverity.com/download
 COVBINDIR="/opt/cov-analysis-linux64-2019.03/bin"
 # Nickname included in scan description:
 NICKNAME=myself
 COVDIR=cov-int
 COVBUILD="cov-build --dir $COVDIR"
 # Depending if your kernel > 4.8.x, you might need to activate this to run Coverity executables
 # (but latest tools with kernel 5.2 run fine)
 #sysctl vsyscall=emulate
 export PATH="$PATH:$COVBINDIR"
 function pre_build_hook() {
    # tmp dir will be /tmp/cov-$username/
    # It's the good place if you need to redirect to elsewhere with a symlink
    return 0
 }
 function post_build_hook() {
    return 0
 }
 function pre_submit_hook() {
    return 0
 }
 function post_submit_hook() {
    # Clean up build folders?
    rm -rf "$COVDIR"
    echo "Coverity build cleaned"
    return 0
 }
--- a/armsrc/iclass.c
+++ b/armsrc/iclass.c
@ -1765,7 +1765,7 @@ void CodeIClassCommand(const uint8_t *cmd, int len) {
            for (k = 0; k < 4; k++) {
                if (k == (b & 3))
-                    ToSend[++ToSendMax] = 0xf0;
+                    ToSend[++ToSendMax] = 0x0f;
                else
                    ToSend[++ToSendMax] = 0x00;
            }
--- a/armsrc/mifaredesfire.c
+++ b/armsrc/mifaredesfire.c
@ -585,7 +585,9 @@ size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout) {
 void OnSuccess() {
    pcb_blocknum = 0;
    ReaderTransmit(deselect_cmd, 3, NULL);
-    mifare_ultra_halt();
+    if (mifare_ultra_halt()) {
        if (DBGLEVEL >= DBG_ERROR) Dbprintf("Halt error");
    }
    switch_off();
 }
--- a/armsrc/mifaresim.c
+++ b/armsrc/mifaresim.c
@ -588,9 +588,11 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
            case MFEMUL_NOFIELD:
                if (DBGLEVEL >= DBG_EXTENDED)
                    Dbprintf("MFEMUL_NOFIELD");
                break;
            case MFEMUL_HALTED:
                if (DBGLEVEL >= DBG_EXTENDED)
                    Dbprintf("MFEMUL_HALTED");
                break;
            case MFEMUL_IDLE: {
                LogTrace(uart->output, uart->len, uart->startTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->endTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->parity, true);
                if (DBGLEVEL >= DBG_EXTENDED)
--- a/armsrc/spiffs_nucleus.c
+++ b/armsrc/spiffs_nucleus.c
@ -1560,6 +1560,7 @@ s32_t spiffs_object_modify(spiffs_fd *fd, u32_t offset, u8_t *data, u32_t len) {
            res = spiffs_page_allocate_data(fs, fd->obj_id & ~SPIFFS_OBJ_ID_IX_FLAG,
                                            &p_hdr, &data[written], to_write, page_offs, 1, &data_pix);
            SPIFFS_DBG("modify: store new data page, "_SPIPRIpg":"_SPIPRIsp" offset:"_SPIPRIi", len "_SPIPRIi", written "_SPIPRIi"\n", data_pix, data_spix, page_offs, to_write, written);
            if (res != SPIFFS_OK) break;
        } else {
            // write to existing page, allocate new and copy unmodified data
--- a/client/Makefile
+++ b/client/Makefile
@ -77,6 +77,7 @@ else
 endif
 endif
 ifneq ($(SKIPQT),1)
    # Check for correctly configured Qt5
    QTINCLUDES = $(shell pkg-config --cflags Qt5Core Qt5Widgets 2>/dev/null)
    QTLDLIBS = $(shell pkg-config --libs Qt5Core Qt5Widgets 2>/dev/null)
@ -105,7 +106,7 @@ ifeq ($(QTINCLUDES), )
            UIC = $(QTDIR)/bin/uic
        endif
    endif
-
+endif
 ifneq ($(QTLDLIBS),)
    QTGUIOBJS = $(OBJDIR)/proxgui.o $(OBJDIR)/proxguiqt.o $(OBJDIR)/proxguiqt.moc.o
--- a/client/cmdhfepa.c
+++ b/client/cmdhfepa.c
@ -50,7 +50,7 @@ static int CmdHFEPACollectPACENonces(const char *Cmd) {
        // check if command failed
        if (resp.oldarg[0] != 0) {
-            PrintAndLogEx(FAILED, "Error in step %" PRId64 ", Return code: %" PRId64, resp.oldarg[0], (int)resp.oldarg[1]);
+            PrintAndLogEx(FAILED, "Error in step %" PRId64 ", Return code: %" PRId64, resp.oldarg[0], resp.oldarg[1]);
        } else {
            size_t nonce_length = resp.oldarg[1];
            char *nonce = (char *) calloc(2 * nonce_length + 1, sizeof(uint8_t));
--- a/client/cmdhffelica.c
+++ b/client/cmdhffelica.c
@ -408,7 +408,7 @@ static int CmdHFFelicaDumpLite(const char *Cmd) {
        return 0;
    }
-    PrintAndLogEx(SUCCESS, "Recorded Activity (trace len = %"PRIu64" bytes)", tracelen);
+    PrintAndLogEx(SUCCESS, "Recorded Activity (trace len = %"PRIu32" bytes)", tracelen);
    print_hex_break(trace, tracelen, 32);
    printSep();
--- a/client/cmdhficlass.c
+++ b/client/cmdhficlass.c
@ -2487,7 +2487,7 @@ static int CmdHFiClassLookUp(const char *Cmd) {
            case 'u':
                param_gethex_ex(Cmd, cmdp + 1, CSN, &len);
                if (len >> 1 != sizeof(CSN)) {
-                    PrintAndLogEx(WARNING, "Wrong CSN length, expected %d got [%d]", sizeof(CSN), len >> 1);
+                    PrintAndLogEx(WARNING, "Wrong CSN length, expected %zu got [%d]", sizeof(CSN), len >> 1);
                    errors = true;
                }
                cmdp += 2;
@ -2495,7 +2495,7 @@ static int CmdHFiClassLookUp(const char *Cmd) {
            case 'm':
                param_gethex_ex(Cmd, cmdp + 1, MACS, &len);
                if (len >> 1 != sizeof(MACS)) {
-                    PrintAndLogEx(WARNING, "Wrong MACS length, expected %d got [%d]  ", sizeof(MACS), len >> 1);
+                    PrintAndLogEx(WARNING, "Wrong MACS length, expected %zu got [%d]  ", sizeof(MACS), len >> 1);
                    errors = true;
                } else {
                    memcpy(MAC_TAG, MACS + 4, 4);
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@ -2866,18 +2866,21 @@ out:
        PrintAndLogEx(SUCCESS, "Found keys have been transferred to the emulator memory");
    }
    // Disable fast mode and send a dummy command to make it effective
    conn.block_after_ACK = false;
    SendCommandNG(CMD_PING, NULL, 0);
    WaitForResponseTimeout(CMD_PING, NULL, 1000);
    if (createDumpFile) {
        fptr = GenerateFilename("hf-mf-", "-key.bin");
        createMfcKeyDump(SectorsCnt, e_sector, fptr);
    }
    free(keyBlock);
    free(e_sector);
    // Disable fast mode and send a dummy command to make it effective
    conn.block_after_ACK = false;
    SendCommandNG(CMD_PING, NULL, 0);
    if (!WaitForResponseTimeout(CMD_PING, NULL, 1000)) {
        PrintAndLogEx(WARNING, "command execution time out");
        return PM3_ETIMEOUT;
    }
    PrintAndLogEx(NORMAL, "");
    return PM3_SUCCESS;
 }
--- a/client/cmdhfmfhard.c
+++ b/client/cmdhfmfhard.c
@ -282,7 +282,12 @@ static void init_bitflip_bitarrays(void) {
                fclose(statesfile);
                uint32_t count = 0;
                init_inflate(&compressed_stream, input_buffer, filesize, (uint8_t *)&count, sizeof(count));
-                inflate(&compressed_stream, Z_SYNC_FLUSH);
+                int res = inflate(&compressed_stream, Z_SYNC_FLUSH);
                if (res != Z_OK) {
                    PrintAndLogEx(ERR, "Inflate error. Aborting...\n");
                    inflateEnd(&compressed_stream);
                    exit(4);
                }
                if ((float)count / (1 << 24) < IGNORE_BITFLIP_THRESHOLD) {
                    uint32_t *bitset = (uint32_t *)malloc_bitarray(sizeof(uint32_t) * (1 << 19));
                    if (bitset == NULL) {
@ -292,7 +297,12 @@ static void init_bitflip_bitarrays(void) {
                    }
                    compressed_stream.next_out = (uint8_t *)bitset;
                    compressed_stream.avail_out = sizeof(uint32_t) * (1 << 19);
-                    inflate(&compressed_stream, Z_SYNC_FLUSH);
+                    res = inflate(&compressed_stream, Z_SYNC_FLUSH);
                    if (res != Z_OK && res != Z_STREAM_END) {
                        PrintAndLogEx(ERR, "Inflate error. Aborting...\n");
                        inflateEnd(&compressed_stream);
                        exit(4);
                    }
                    effective_bitflip[odd_even][num_effective_bitflips[odd_even]++] = bitflip;
                    bitflip_bitarrays[odd_even][bitflip] = bitset;
                    count_bitflip_bitarrays[odd_even][bitflip] = count;
--- a/client/cmdhw.c
+++ b/client/cmdhw.c
@ -532,7 +532,7 @@ static int CmdPing(const char *Cmd) {
            error = memcmp(data, resp.data.asBytes, len) != 0;
            PrintAndLogEx((error) ? ERR : SUCCESS, "Ping response " _GREEN_("received") "and content is %s", error ? _RED_("NOT ok") : _GREEN_("ok"));
        } else {
-            PrintAndLogEx((error) ? ERR : SUCCESS, "Ping response " _GREEN_("received"));
+            PrintAndLogEx(SUCCESS, "Ping response " _GREEN_("received"));
        }
    } else
        PrintAndLogEx(WARNING, "Ping response " _RED_("timeout"));
--- a/client/cmdlf.c
+++ b/client/cmdlf.c
@ -1139,18 +1139,17 @@ static bool CheckChipType(bool getDeviceData) {
    //check for em4x05/em4x69 chips first
    uint32_t word = 0;
    if (EM4x05IsBlock0(&word)) {
-        PrintAndLogEx(SUCCESS, "\nChipset detection : " _GREEN_("EM4x05/EM4x69") "found");
+        PrintAndLogEx(SUCCESS, "Chipset detection: " _GREEN_("EM4x05/EM4x69"));
-        PrintAndLogEx(SUCCESS, "Try " _YELLOW_("`lf em 4x05`") " commands");
+        PrintAndLogEx(INFO, "Hint: try " _YELLOW_("`lf em 4x05`") "commands");
        retval = true;
        goto out;
    }
    //check for t55xx chip...
    if (tryDetectP1(true)) {
-        PrintAndLogEx(SUCCESS, "\nChipset detection : " _GREEN_("T55xx") "found");
+        PrintAndLogEx(SUCCESS, "Chipset detection: " _GREEN_("T55xx"));
-        PrintAndLogEx(SUCCESS, "Try " _YELLOW_("`lf t55xx`")"commands");
+        PrintAndLogEx(INFO, "Hint: try " _YELLOW_("`lf t55xx`") "commands");
        retval = true;
        goto out;
    }
 out:
@ -1184,7 +1183,8 @@ int CmdLFfind(const char *Cmd) {
    PrintAndLogEx(INFO, "if it finds something that looks like a tag");
    PrintAndLogEx(INFO, "False Positives " _YELLOW_("ARE") "possible");
    PrintAndLogEx(INFO, "");
-    PrintAndLogEx(INFO, "Checking for known tags...\n");
+    PrintAndLogEx(INFO, "Checking for known tags...");
    PrintAndLogEx(INFO, "");
    // only run these tests if device is online
    if (isOnline) {
@ -1197,7 +1197,8 @@ int CmdLFfind(const char *Cmd) {
            }
            if (readCOTAGUid()) { PrintAndLogEx(SUCCESS, "\nValid " _GREEN_("COTAG ID") "found!"); return PM3_SUCCESS;}
-            PrintAndLogEx(FAILED, "\n" _YELLOW_("No data found!") " - Signal looks like noise. Maybe not an LF tag?");
+            PrintAndLogEx(FAILED, _RED_("No data found!"));
            PrintAndLogEx(INFO, "Signal looks like noise. Maybe not an LF tag?");
            return PM3_ESOFT;
        }
    }
--- a/client/cmdlfem4x.c
+++ b/client/cmdlfem4x.c
@ -401,7 +401,7 @@ int AskEm410xDecode(bool verbose, uint32_t *hi, uint64_t *lo) {
        else if (ans == -4)
            PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x preamble not found");
        else if (ans == -5)
-            PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x Size not correct: %d", size);
+            PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x Size not correct: %zu", size);
        else if (ans == -6)
            PrintAndLogEx(DEBUG, "DEBUG: Error - Em410x parity failed");
@ -692,7 +692,7 @@ static int CmdEM410xWrite(const char *Cmd) {
        //   the clock rate in bits 8-15 of the card value
        card = (card & 0xFF) | ((clock1 << 8) & 0xFF00);
    } else if (card == 0) {
-        PrintAndLogEx(SUCCESS, "Writing %s tag with UID 0x%010" PRIx64, "(clock rate: %d)", "T5555", id, clock1);
+        PrintAndLogEx(SUCCESS, "Writing %s tag with UID 0x%010" PRIx64 "(clock rate: %d)", "T5555", id, clock1);
        card = (card & 0xFF) | ((clock1 << 8) & 0xFF00);
    } else {
        PrintAndLogEx(FAILED, "Error! Bad card type selected.\n");
--- a/client/cmdlffdx.c
+++ b/client/cmdlffdx.c
@ -204,7 +204,7 @@ static int CmdFdxDemod(const char *Cmd) {
        else if (preambleIndex == -2)
            PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B preamble not found");
        else if (preambleIndex == -3)
-            PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B Size not correct: %d", size);
+            PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B Size not correct: %zu", size);
        else
            PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B ans: %d", preambleIndex);
        return PM3_ESOFT;
@ -216,7 +216,7 @@ static int CmdFdxDemod(const char *Cmd) {
    // remove marker bits (1's every 9th digit after preamble) (pType = 2)
    size = removeParity(DemodBuffer, 11, 9, 2, 117);
    if (size != 104) {
-        PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B error removeParity: %d", size);
+        PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B error removeParity: %zu", size);
        return PM3_ESOFT;
    }
--- a/client/cmdlfindala.c
+++ b/client/cmdlfindala.c
@ -109,7 +109,10 @@ static int CmdIndalaDemod(const char *Cmd) {
    //convert UID to HEX
    uint32_t uid1 = bytebits_to_byte(DemodBuffer, 32);
    uint32_t uid2 = bytebits_to_byte(DemodBuffer + 32, 32);
-    uint64_t foo = (((uint64_t)uid1 << 32) & 0x1FFFFFFF) | (uid2 & 0x7FFFFFFF);
+    // To be checked, what's this internal ID ?
    // foo is only used for 64b ids and in that case uid1 must be only preamble, plus the following code is wrong as x<<32 & 0x1FFFFFFF is always zero
    //uint64_t foo = (((uint64_t)uid1 << 32) & 0x1FFFFFFF) | (uid2 & 0x7FFFFFFF);
    uint64_t foo = uid2 & 0x7FFFFFFF;
    if (DemodBufferLen == 64) {
        PrintAndLogEx(
--- a/client/cmdlft55xx.c
+++ b/client/cmdlft55xx.c
@ -335,7 +335,7 @@ static int usage_t55xx_deviceconfig() {
    return PM3_SUCCESS;
 }
 static int usage_t55xx_protect() {
-    PrintAndLogEx(NORMAL, "This command set the pwd bit on T5577. ");
+    PrintAndLogEx(NORMAL, "This command sets the pwd bit on T5577.");
    PrintAndLogEx(NORMAL, _RED_("WARNING:") " this locks the tag!");
    PrintAndLogEx(NORMAL, "Usage:  lf t55xx protect [r <mode>] [p <password>] [o] [n <new_password>]");
    PrintAndLogEx(NORMAL, "Options:");
@ -479,7 +479,7 @@ bool t55xxAquireAndCompareBlock0(bool usepwd, uint32_t password, uint32_t known_
        PrintAndLogEx(INFO, "Block0 write detected, running `detect` to see if validation is possible");
    for (uint8_t m = 0; m < 4; m++) {
-        if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false) {
+        if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false) {
            continue;
        }
@ -512,7 +512,7 @@ bool t55xxAquireAndDetect(bool usepwd, uint32_t password, uint32_t known_block0,
        config.pwd = 0x00;
    for (uint8_t m = 0; m < 4; m++) {
-        if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false)
+        if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false)
            continue;
        if (tryDetectModulationEx(m, verbose, known_block0) == false)
@ -776,7 +776,7 @@ int T55xxReadBlockEx(uint8_t block, bool page1, bool usepwd, uint8_t override, u
        // override = 1 (override and display)
        // override = 2 (override and no display)
        if (override == 0) {
-            if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, downlink_mode) == false)
+            if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, downlink_mode) == false)
                return PM3_ERFTRANS;
            if (tryDetectModulation(downlink_mode, false) == false) {
@ -792,7 +792,7 @@ int T55xxReadBlockEx(uint8_t block, bool page1, bool usepwd, uint8_t override, u
        }
    }
-    if (AquireData(page1, block, usepwd, password, downlink_mode) == false)
+    if (AcquireData(page1, block, usepwd, password, downlink_mode) == false)
        return PM3_ERFTRANS;
    if (DecodeT55xxBlock() == false)
@ -1013,7 +1013,7 @@ static int CmdT55xxDetect(const char *Cmd) {
            if (try_all_dl_modes) {
                for (uint8_t m = downlink_mode; m < 4; m++) {
-                    if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, try_with_pwd & usepwd, password, m) == false)
+                    if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, try_with_pwd & usepwd, password, m) == false)
                        continue;
                    // pre fill to save passing in.
@ -1036,7 +1036,7 @@ static int CmdT55xxDetect(const char *Cmd) {
                else    
                    config.pwd = 0x00;
-                if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) {
+                if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) {
                    found = tryDetectModulation(downlink_mode, T55XX_PrintConfig);
                }
            }
@ -1774,7 +1774,7 @@ static int CmdT55xxReadTrace(const char *Cmd) {
        uint32_t password = 0;
        // REGULAR_READ_MODE_BLOCK - yeilds correct Page 1 Block 2 data i.e. + 32 bit offset.
-        if (!AquireData(T55x7_PAGE1, REGULAR_READ_MODE_BLOCK, pwdmode, password, downlink_mode))
+        if (!AcquireData(T55x7_PAGE1, REGULAR_READ_MODE_BLOCK, pwdmode, password, downlink_mode))
            return PM3_ENODATA;
    }
@ -2077,7 +2077,7 @@ static int CmdT55xxInfo(const char *Cmd) {
        // sanity check.
        if (SanityOfflineCheck(false) != PM3_SUCCESS) return PM3_ENODATA;
-        if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode))
+        if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode))
            return PM3_ENODATA;
    }
@ -2275,7 +2275,7 @@ static int CmdT55xxRestore(const char *Cmd) {
    return res;
 }
-bool AquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode) {
+bool AcquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode) {
    // arg0 bitmodes:
    //  b0 = pwdmode
    //  b1 = page to read from
@ -2808,7 +2808,7 @@ static int CmdT55xxChkPwds(const char *Cmd) {
        if (resp.oldarg[0]) {
            PrintAndLogEx(SUCCESS, "\nFound a candidate [ " _YELLOW_("%08"PRIX64) " ]. Trying to validate", resp.oldarg[1]);
-            if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, resp.oldarg[1], downlink_mode)) {
+            if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, resp.oldarg[1], downlink_mode)) {
                found = tryDetectModulation(downlink_mode, T55XX_PrintConfig);
                if (found) {
                    PrintAndLogEx(SUCCESS, "Found valid password: [ " _GREEN_("%08"PRIX64) "]", resp.oldarg[1]);
@ -2857,7 +2857,7 @@ static int CmdT55xxChkPwds(const char *Cmd) {
            PrintAndLogEx(INFO, "Testing %08"PRIX64, curr_password);
            for (dl_mode = downlink_mode; dl_mode <= 3; dl_mode++) {
-                if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, curr_password, dl_mode)) {
+                if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, curr_password, dl_mode)) {
                    continue;
                }
@ -2975,14 +2975,14 @@ uint8_t tryOnePassword(uint32_t password, uint8_t downlink_mode) {
    // check if dl mode 4 and loop if needed
    for (dl_mode = downlink_mode; dl_mode < 4; dl_mode++) {
-        AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, password, dl_mode);
+        if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, password, dl_mode)) {
            //  if (getSignalProperties()->isnoise == false) {
            //  } else {
            if (tryDetectModulation(dl_mode, T55XX_PrintConfig)) {
                return 1 + (dl_mode << 1);
            }
            //  }
        }
        if (!try_all_dl_modes) dl_mode = 4;
    }
    return 0;
@ -3109,7 +3109,7 @@ bool tryDetectP1(bool getData) {
    bool     st         = true;
    if (getData) {
-        if (!AquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, false, 0, 0))
+        if (!AcquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, false, 0, 0))
            return false;
    }
@ -3259,7 +3259,7 @@ static int CmdT55xxDetectPage1(const char *Cmd) {
    if (!useGB) {
        for (dl_mode = downlink_mode; dl_mode < 4; dl_mode++) {
-            found = AquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, usepwd, password, dl_mode);
+            found = AcquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, usepwd, password, dl_mode);
            //return PM3_ENODATA;
            if (tryDetectP1(false)) { //tryDetectModulation())
                found = true;
--- a/client/cmdlft55xx.h
+++ b/client/cmdlft55xx.h
@ -164,7 +164,7 @@ bool testKnownConfigBlock(uint32_t block0);
 bool tryDetectP1(bool getData);
 bool test(uint8_t mode, uint8_t *offset, int *fndBitRate, uint8_t clk, bool *Q5);
 int  special(const char *Cmd);
-bool AquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode);
+bool AcquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode);
 uint8_t  tryOnePassword(uint32_t password, uint8_t downlink_mode);
 void printT55x7Trace(t55x7_tracedata_t data, uint8_t repeat);
--- a/client/cmdtrace.c
+++ b/client/cmdtrace.c
@ -840,8 +840,6 @@ int CmdTraceList(const char *Cmd) {
            PrintAndLogEx(NORMAL, "ISO15693 - Timings are not as accurate");
        if (protocol == ISO_7816_4)
            PrintAndLogEx(NORMAL, "ISO7816-4 / Smartcard - Timings N/A yet");
        if (protocol == FELICA)
            PrintAndLogEx(NORMAL, "Felica"); // Timings ?
        if (protocol == PROTO_HITAG)
            PrintAndLogEx(NORMAL, "Hitag2 / HitagS - Timings in ETU (8us)");
--- a/client/cmdusart.c
+++ b/client/cmdusart.c
@ -373,7 +373,7 @@ static int CmdUsartBtFactory(const char *Cmd) {
        if (strcmp((char *)data, "OKsetname") == 0) {
            PrintAndLogEx(SUCCESS, "Name set to " _GREEN_("PM3_RDV4.0"));
        } else {
-            PrintAndLogEx(WARNING, "Unexpected response to AT+NAME: " _YELLOW_("%.*s"), len, data);
+            PrintAndLogEx(WARNING, "Unexpected response to AT+NAME: " _YELLOW_("%.*s"), (int)len, data);
        }
    } else {
        PrintAndLogEx(WARNING, "Lost contact with add-on, please try again");
@ -409,7 +409,7 @@ static int CmdUsartBtFactory(const char *Cmd) {
        if (strcmp((char *)data, "OKsetPIN") == 0) {
            PrintAndLogEx(SUCCESS, "PIN set to " _GREEN_("1234"));
        } else {
-            PrintAndLogEx(WARNING, "Unexpected response to AT+PIN: " _YELLOW_("%.*s"), len, data);
+            PrintAndLogEx(WARNING, "Unexpected response to AT+PIN: " _YELLOW_("%.*s"), (int)len, data);
        }
    } else {
        PrintAndLogEx(WARNING, "Lost contact with add-on, please try again");
@ -429,7 +429,7 @@ static int CmdUsartBtFactory(const char *Cmd) {
            if (strcmp((char *)data, "OK None") == 0) {
                PrintAndLogEx(SUCCESS, "Parity set to " _GREEN_("None"));
            } else {
-                PrintAndLogEx(WARNING, "Unexpected response to AT+P: " _YELLOW_("%.*s"), len, data);
+                PrintAndLogEx(WARNING, "Unexpected response to AT+P: " _YELLOW_("%.*s"), (int)len, data);
            }
        } else {
            PrintAndLogEx(WARNING, "Lost contact with add-on, please try again");
@ -449,7 +449,7 @@ static int CmdUsartBtFactory(const char *Cmd) {
            if (strcmp((char *)data, "OK" BTADDON_BAUD_NUM) == 0) {
                PrintAndLogEx(SUCCESS, "Baudrate set to " _GREEN_(BTADDON_BAUD_NUM));
            } else {
-                PrintAndLogEx(WARNING, "Unexpected response to AT+BAUD: " _YELLOW_("%.*s"), len, data);
+                PrintAndLogEx(WARNING, "Unexpected response to AT+BAUD: " _YELLOW_("%.*s"), (int)len, data);
            }
        } else {
            PrintAndLogEx(WARNING, "Lost contact with add-on, please try again");
--- a/client/emv/emv_pk.c
+++ b/client/emv/emv_pk.c
@ -42,14 +42,14 @@
 #define TOHEX(v) ((v) < 10 ? (v) + '0' : (v) - 10 + 'a')
-static ssize_t emv_pk_read_bin(char *buf, unsigned char *bin, size_t size, size_t *read) {
+static ssize_t emv_pk_read_bin(char *buf, size_t buflen, unsigned char *bin, size_t size, size_t *read) {
    if (buf == NULL)
        return 0;
    size_t left = size;
    char *p = buf;
-    while (*p == ' ')
+    while ((*p == ' ') && (p < (buf + buflen - 1)))
        p++;
    while (left > 0) {
@ -57,15 +57,19 @@ static ssize_t emv_pk_read_bin(char *buf, unsigned char *bin, size_t size, size_
        c1 = HEX(*p);
        if (c1 == -1)
            return -(p - buf);
        if (p == (buf + buflen - 1))
            return -(p - buf);
        p++;
        c2 = HEX(*p);
        if (c2 == -1)
            return -(p - buf);
        if (p == (buf + buflen - 1))
            return -(p - buf);
        p++;
        *bin = (c1 * 16 + c2);
        bin ++;
        left --;
-        if (*p == ':')
+        if ((*p == ':') && (p < (buf + buflen - 1)))
            p++;
        else if (read) {
            *read = (size - left);
@ -76,7 +80,7 @@ static ssize_t emv_pk_read_bin(char *buf, unsigned char *bin, size_t size, size_
            return -(p - buf);
    }
-    while (*p == ' ')
+    while ((*p == ' ') && (p < (buf + buflen - 1)))
        p++;
    p--;
@ -84,7 +88,7 @@ static ssize_t emv_pk_read_bin(char *buf, unsigned char *bin, size_t size, size_
    return (p - buf);
 }
-static ssize_t emv_pk_read_ymv(char *buf, unsigned *ymv) {
+static ssize_t emv_pk_read_ymv(char *buf, size_t buflen, unsigned *ymv) {
    if (buf == NULL)
        return 0;
@ -95,7 +99,7 @@ static ssize_t emv_pk_read_ymv(char *buf, unsigned *ymv) {
    *ymv = 0;
-    while (*p == ' ')
+    while ((*p == ' ') && (p < (buf + buflen - 1)))
        p++;
    for (i = 0; i < 3; i++) {
@ -103,15 +107,19 @@ static ssize_t emv_pk_read_ymv(char *buf, unsigned *ymv) {
        c1 = BCD(*p);
        if (c1 == -1)
            return -(p - buf);
        if (p == (buf + buflen - 1))
            return -(p - buf);
        p++;
        c2 = BCD(*p);
        if (c2 == -1)
            return -(p - buf);
        if (p == (buf + buflen - 1))
            return -(p - buf);
        p++;
        temp[i] = (c1 * 16 + c2);
    }
-    while (*p == ' ')
+    while ((*p == ' ') && (p < (buf + buflen - 1)))
        p++;
    p--;
@ -124,13 +132,13 @@ static ssize_t emv_pk_read_ymv(char *buf, unsigned *ymv) {
    return (p - buf);
 }
-static ssize_t emv_pk_read_string(char *buf, char *str, size_t size) {
+static ssize_t emv_pk_read_string(char *buf, size_t buflen, char *str, size_t size) {
    if (buf == NULL)
        return 0;
    char *p = buf;
-    while (*p == ' ')
+    while ((*p == ' ') && (p < (buf + buflen - 1)))
        p++;
    while (size > 1) {
@ -139,6 +147,8 @@ static ssize_t emv_pk_read_string(char *buf, char *str, size_t size) {
        else if (*p < 0x20 || *p >= 0x7f)
            return -(p - buf);
        *str = *p;
        if (p == (buf + buflen - 1))
            return -(p - buf);
        p++;
        str ++;
        size --;
@ -146,7 +156,7 @@ static ssize_t emv_pk_read_string(char *buf, char *str, size_t size) {
    *str = 0;
-    while (*p == ' ')
+    while ((*p == ' ') && (p < (buf + buflen - 1)))
        p++;
    p--;
@ -155,27 +165,27 @@ static ssize_t emv_pk_read_string(char *buf, char *str, size_t size) {
 }
-struct emv_pk *emv_pk_parse_pk(char *buf) {
+struct emv_pk *emv_pk_parse_pk(char *buf, size_t buflen) {
    struct emv_pk *r = calloc(1, sizeof(*r));
    ssize_t l;
    char temp[10];
-    l = emv_pk_read_bin(buf, r->rid, 5, NULL);
+    l = emv_pk_read_bin(buf, buflen, r->rid, 5, NULL);
    if (l <= 0)
        goto out;
    buf += l;
-    l = emv_pk_read_bin(buf, &r->index, 1, NULL);
+    l = emv_pk_read_bin(buf, buflen, &r->index, 1, NULL);
    if (l <= 0)
        goto out;
    buf += l;
-    l = emv_pk_read_ymv(buf, &r->expire);
+    l = emv_pk_read_ymv(buf, buflen, &r->expire);
    if (l <= 0)
        goto out;
    buf += l;
-    l = emv_pk_read_string(buf, temp, sizeof(temp));
+    l = emv_pk_read_string(buf, buflen, temp, sizeof(temp));
    if (l <= 0)
        goto out;
    buf += l;
@ -185,18 +195,18 @@ struct emv_pk *emv_pk_parse_pk(char *buf) {
    else
        goto out;
-    l = emv_pk_read_bin(buf, r->exp, sizeof(r->exp), &r->elen);
+    l = emv_pk_read_bin(buf, buflen, r->exp, sizeof(r->exp), &r->elen);
    if (l <= 0)
        goto out;
    buf += l;
    r->modulus = malloc(2048 / 8);
-    l = emv_pk_read_bin(buf, r->modulus, 2048 / 8, &r->mlen);
+    l = emv_pk_read_bin(buf, buflen, r->modulus, 2048 / 8, &r->mlen);
    if (l <= 0)
        goto out2;
    buf += l;
-    l = emv_pk_read_string(buf, temp, sizeof(temp));
+    l = emv_pk_read_string(buf, buflen, temp, sizeof(temp));
    if (l <= 0)
        goto out2;
    buf += l;
@ -206,7 +216,7 @@ struct emv_pk *emv_pk_parse_pk(char *buf) {
    else
        goto out2;
-    l = emv_pk_read_bin(buf, r->hash, 20, NULL);
+    l = emv_pk_read_bin(buf, buflen, r->hash, 20, NULL);
    if (l <= 0)
        goto out2;
@ -409,7 +419,7 @@ static struct emv_pk *emv_pk_get_ca_pk_from_file(const char *fname,
        if (fgets(buf, sizeof(buf), f) == NULL)
            break;
-        struct emv_pk *pk = emv_pk_parse_pk(buf);
+        struct emv_pk *pk = emv_pk_parse_pk(buf, sizeof(buf));
        if (!pk)
            continue;
--- a/client/emv/emv_pk.h
+++ b/client/emv/emv_pk.h
@ -35,7 +35,7 @@ struct emv_pk {
 #define EXPIRE(yy, mm, dd) 0x ## yy ## mm ## dd
-struct emv_pk *emv_pk_parse_pk(char *buf);
+struct emv_pk *emv_pk_parse_pk(char *bufm, size_t buflen);
 struct emv_pk *emv_pk_new(size_t modlen, size_t explen);
 void emv_pk_free(struct emv_pk *pk);
 char *emv_pk_dump_pk(const struct emv_pk *pk);
--- a/client/emv/tlv.c
+++ b/client/emv/tlv.c
@ -367,12 +367,14 @@ void tlvdb_change_or_add_node_ex(struct tlvdb *tlvdb, tlv_tag_t tag, size_t len,
        // replace tlv element
        struct tlvdb *tnewelm = tlvdb_fixed(tag, len, value);
        bool tnewelm_linked = false;
        tnewelm->next = telm->next;
        tnewelm->parent = telm->parent;
        // if telm stayed first in children chain
        if (telm->parent && telm->parent->children == telm) {
            telm->parent->children = tnewelm;
            tnewelm_linked = true;
        }
        // if telm have previous element
@ -387,6 +389,7 @@ void tlvdb_change_or_add_node_ex(struct tlvdb *tlvdb, tlv_tag_t tag, size_t len,
            for (; celm; celm = celm->next) {
                if (celm->next == telm) {
                    celm->next = tnewelm;
                    tnewelm_linked = true;
                    break;
                }
            }
@ -396,8 +399,13 @@ void tlvdb_change_or_add_node_ex(struct tlvdb *tlvdb, tlv_tag_t tag, size_t len,
        telm->next = NULL;
        tlvdb_free(telm);
-        if (tlvdb_elm)
+        if (tlvdb_elm) {
            *tlvdb_elm = tnewelm;
            tnewelm_linked = true;
        }
        if (! tnewelm_linked) {
            tlvdb_free(tnewelm);
        }
    }
    return;
--- a/client/fileutils.c
+++ b/client/fileutils.c
@ -487,7 +487,7 @@ int loadFile_safe(const char *preferredName, const char *suffix, void **pdata, s
    }
    *pdata = calloc(fsize, sizeof(uint8_t));
-    if (!pdata) {
+    if (!*pdata) {
        PrintAndLogEx(FAILED, "error, cannot allocate memory");
        fclose(f);
        return PM3_EMALLOC;
@ -820,7 +820,7 @@ int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t key
    while (fgets(line, sizeof(line), f)) {
        // check if we have enough space (if not allocate more)
-        if ((*keycnt * (keylen >> 1)) >= mem_size) {
+        if ((((size_t)(*keycnt)) * (keylen >> 1)) >= mem_size) {
            mem_size += block_size;
            *pdata = realloc(*pdata, mem_size);
@ -1064,7 +1064,7 @@ static int searchFinalFile(char **foundpath, const char *pm3dir, const char *sea
        }
    }
    // try pm3 dirs in pm3 installation dir (install mode)
-    {
+    if (exec_path != NULL) {
        char *path = calloc(strlen(exec_path) + strlen(PM3_SHARE_RELPATH) + strlen(pm3dir) + strlen(filename) + 1, sizeof(char));
        if (path == NULL)
            goto out;
--- a/client/mifare/ndef.c
+++ b/client/mifare/ndef.c
@ -211,7 +211,7 @@ static int ndefDecodeSig(uint8_t *sig, size_t siglen) {
    if ((indx <= siglen) && certURI) {
        size_t inturilen = (sig[indx] << 8) + sig[indx + 1];
        indx += 2;
-        PrintAndLogEx(NORMAL, "\tcertificate uri [%zu]: %.*s", inturilen, inturilen, &sig[indx]);
+        PrintAndLogEx(NORMAL, "\tcertificate uri [%zu]: %.*s", inturilen, (int)inturilen, &sig[indx]);
    }
    return 0;
--- a/client/scripting.c
+++ b/client/scripting.c
@ -69,7 +69,10 @@ static int l_fast_push_mode(lua_State *L) {
    // Disable fast mode and send a dummy command to make it effective
    if (enable == false) {
        SendCommandNG(CMD_PING, NULL, 0);
-        WaitForResponseTimeout(CMD_PING, NULL, 1000);
+        if (!WaitForResponseTimeout(CMD_PING, NULL, 1000)) {
            PrintAndLogEx(WARNING, "command execution time out");
            return returnToLuaWithError(L, "command execution time out");
        }
    }
    //Push the retval on the stack
@ -926,7 +929,7 @@ static int l_T55xx_readblock(lua_State *L) {
        // try reading the config block and verify that PWD bit is set before doing this!
        if (!override) {
-            if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, 0)) {
+            if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, 0)) {
                return returnToLuaWithError(L, "Failed to read config block");
            }
@ -943,7 +946,7 @@ static int l_T55xx_readblock(lua_State *L) {
        }
    }
-    if (!AquireData(usepage1, block, usepwd, password, 0)) {
+    if (!AcquireData(usepage1, block, usepwd, password, 0)) {
        return returnToLuaWithError(L, "Failed to acquire data from card");
    }
@ -1000,7 +1003,7 @@ static int l_T55xx_detect(lua_State *L) {
    if (!useGB) {
-        isok = AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, 0);
+        isok = AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, 0);
        if (isok == false) {
            return returnToLuaWithError(L, "Failed to acquire LF signal data");
        }
--- a/common/lfdemod.c
+++ b/common/lfdemod.c
@ -118,7 +118,10 @@ void computeSignalProperties(uint8_t *samples, uint32_t size) {
        sum += samples[i];
        cnt++;
    }
    if (cnt > 0)
        signalprop.mean = sum / cnt;
    else
        signalprop.mean = 0;
 #else
   for (uint32_t i =  SIGNAL_IGNORE_FIRST_SAMPLES; i < size; i++) {
        if (samples[i] < signalprop.low) signalprop.low = samples[i];
@ -161,7 +164,10 @@ void removeSignalOffset(uint8_t *samples, uint32_t size) {
        acc_off += samples[i] - 128;
        cnt++;
    }
    if (cnt > 0)
        acc_off /= cnt;
    else
        acc_off = 0;
 #else
    for (uint32_t i = SIGNAL_IGNORE_FIRST_SAMPLES; i < size; i++)
        acc_off += samples[i] - 128;
@ -324,13 +330,13 @@ bool preambleSearchEx(uint8_t *bits, uint8_t *preamble, size_t pLen, size_t *siz
            //first index found
            foundCnt++;
            if (foundCnt == 1) {
-                if (g_debugMode >= 1) prnt("DEBUG: (preambleSearchEx) preamble found at %i", idx);
+                if (g_debugMode >= 1) prnt("DEBUG: (preambleSearchEx) preamble found at %zu", idx);
                *startIdx = idx;
                if (findone)
                    return true;
            }
            if (foundCnt == 2) {
-                if (g_debugMode >= 1) prnt("DEBUG: (preambleSearchEx) preamble 2 found at %i", idx);
+                if (g_debugMode >= 1) prnt("DEBUG: (preambleSearchEx) preamble 2 found at %zu", idx);
                *size = idx - *startIdx;
                return true;
            }
@ -361,7 +367,7 @@ static size_t findModStart(uint8_t *src, size_t size, uint8_t expWaveSize) {
        }
        if (thresholdCnt > 10) break;
    }
-    if (g_debugMode == 2) prnt("DEBUG: threshold Count reached at index %u, count: %u", i, thresholdCnt);
+    if (g_debugMode == 2) prnt("DEBUG: threshold Count reached at index %zu, count: %u", i, thresholdCnt);
    return i;
 }
@ -436,7 +442,7 @@ size_t pskFindFirstPhaseShift(uint8_t *samples, size_t size, uint8_t *curPhase,
        // find peak // was "samples[i] + fc" but why?  must have been used to weed out some wave error... removed..
        if (samples[i] < samples[i + 1] && samples[i + 1] >= samples[i + 2]) {
            waveEnd = i + 1;
-            if (g_debugMode == 2) prnt("DEBUG PSK: waveEnd: %u, waveStart: %u", waveEnd, waveStart);
+            if (g_debugMode == 2) prnt("DEBUG PSK: waveEnd: %zu, waveStart: %zu", waveEnd, waveStart);
            waveLenCnt = waveEnd - waveStart;
            if (waveLenCnt > fc && waveStart > fc && !(waveLenCnt > fc + 8)) { //not first peak and is a large wave but not out of whack
                lastAvgWaveVal = avgWaveVal / (waveLenCnt);
@ -1021,7 +1027,7 @@ uint16_t countFC(uint8_t *bits, size_t size, bool fskAdj) {
        fcL = fcLens[best1];
    }
    if ((size - 180) / fcH / 3 > fcCnts[best1] + fcCnts[best2]) {
-        if (g_debugMode == 2) prnt("DEBUG countfc: fc is too large: %u > %u. Not psk or fsk", (size - 180) / fcH / 3, fcCnts[best1] + fcCnts[best2]);
+        if (g_debugMode == 2) prnt("DEBUG countfc: fc is too large: %zu > %u. Not psk or fsk", (size - 180) / fcH / 3, fcCnts[best1] + fcCnts[best2]);
        return 0; //lots of waves not psk or fsk
    }
    // TODO: take top 3 answers and compare to known Field clocks to get top 2
@ -1072,7 +1078,7 @@ int DetectPSKClock(uint8_t *dest, size_t size, int clock, size_t *firstPhaseShif
    }
    *firstPhaseShift = firstFullWave;
-    if (g_debugMode == 2) prnt("DEBUG PSK: firstFullWave: %d, waveLen: %d", firstFullWave, fullWaveLen);
+    if (g_debugMode == 2) prnt("DEBUG PSK: firstFullWave: %zu, waveLen: %d", firstFullWave, fullWaveLen);
    //test each valid clock from greatest to smallest to see which lines up
    for (clkCnt = 7; clkCnt >= 1 ; clkCnt--) {
@ -1081,7 +1087,7 @@ int DetectPSKClock(uint8_t *dest, size_t size, int clock, size_t *firstPhaseShif
        size_t waveStart = 0;
        uint16_t errCnt = 0;
        uint16_t peakcnt = 0;
-        if (g_debugMode == 2) prnt("DEBUG PSK: clk: %d, lastClkBit: %d", clk[clkCnt], lastClkBit);
+        if (g_debugMode == 2) prnt("DEBUG PSK: clk: %d, lastClkBit: %zu", clk[clkCnt], lastClkBit);
        for (i = firstFullWave + fullWaveLen - 1; i < loopCnt - 2; i++) {
            //top edge of wave = start of new wave
@ -1093,7 +1099,7 @@ int DetectPSKClock(uint8_t *dest, size_t size, int clock, size_t *firstPhaseShif
                    waveLenCnt = waveEnd - waveStart;
                    if (waveLenCnt > *fc) {
                        //if this wave is a phase shift
-                        if (g_debugMode == 2) prnt("DEBUG PSK: phase shift at: %d, len: %d, nextClk: %d, i: %d, fc: %d", waveStart, waveLenCnt, lastClkBit + clk[clkCnt] - tol, i + 1, *fc);
+                        if (g_debugMode == 2) prnt("DEBUG PSK: phase shift at: %zu, len: %d, nextClk: %zu, i: %zu, fc: %d", waveStart, waveLenCnt, lastClkBit + clk[clkCnt] - tol, i + 1, *fc);
                        if (i + 1 >= lastClkBit + clk[clkCnt] - tol) { //should be a clock bit
                            peakcnt++;
                            lastClkBit += clk[clkCnt];
@ -1325,7 +1331,7 @@ bool DetectST(uint8_t *buffer, size_t *size, int *foundclock, size_t *ststart, s
        // padd the amount off - could be problematic...  but shouldn't happen often
        datalen -= datalen % clk;
    } else {
-        if (g_debugMode == 2) prnt("DEBUG STT: datalen not divisible by clk: %u %% %d = %d - quitting", datalen, clk, datalen % clk);
+        if (g_debugMode == 2) prnt("DEBUG STT: datalen not divisible by clk: %zu %% %d = %zu - quitting", datalen, clk, datalen % clk);
        return false;
    }
    // if datalen is less than one t55xx block - ERROR
@ -1346,7 +1352,7 @@ bool DetectST(uint8_t *buffer, size_t *size, int *foundclock, size_t *ststart, s
    size_t newloc = 0;
    i = 0;
-    if (g_debugMode == 2) prnt("DEBUG STT: Starting STT trim - start: %d, datalen: %d ", dataloc, datalen);
+    if (g_debugMode == 2) prnt("DEBUG STT: Starting STT trim - start: %zu, datalen: %zu ", dataloc, datalen);
    bool firstrun = true;
    // warning - overwriting buffer given with raw wave data with ST removed...
    while (dataloc < bufsize - (clk / 2)) {
@ -1376,7 +1382,7 @@ bool DetectST(uint8_t *buffer, size_t *size, int *foundclock, size_t *ststart, s
        }
        newloc += i;
        //skip next ST  -  we just assume it will be there from now on...
-        if (g_debugMode == 2) prnt("DEBUG STT: skipping STT at %d to %d", dataloc, dataloc + (clk * 4));
+        if (g_debugMode == 2) prnt("DEBUG STT: skipping STT at %zu to %zu", dataloc, dataloc + (clk * 4));
        dataloc += clk * 4;
    }
    *size = newloc;
@ -1549,7 +1555,7 @@ static uint16_t cleanAskRawDemod(uint8_t *bits, size_t *size, int clk, int inver
                    if (smplCnt > clk + cl_4 + 1) {
                        //too many samples
                        errCnt++;
-                        if (g_debugMode == 2) prnt("DEBUG ASK: cleanAskRawDemod ASK Modulation Error FULL at: %u  [%u > %u]", i, smplCnt, clk + cl_4 + 1);
+                        if (g_debugMode == 2) prnt("DEBUG ASK: cleanAskRawDemod ASK Modulation Error FULL at: %zu  [%zu > %u]", i, smplCnt, clk + cl_4 + 1);
                        bits[bitCnt++] = 7;
                    } else if (waveHigh) {
                        bits[bitCnt++] = invert;
@ -1570,7 +1576,7 @@ static uint16_t cleanAskRawDemod(uint8_t *bits, size_t *size, int clk, int inver
                    if (smplCnt > cl_2 + cl_4 + 1) { //too many samples
                        errCnt++;
-                        if (g_debugMode == 2) prnt("DEBUG ASK: cleanAskRawDemod ASK Modulation Error HALF at: %u  [%u]", i, smplCnt);
+                        if (g_debugMode == 2) prnt("DEBUG ASK: cleanAskRawDemod ASK Modulation Error HALF at: %zu  [%zu]", i, smplCnt);
                        bits[bitCnt++] = 7;
                    }
@ -1645,7 +1651,7 @@ int askdemod_ext(uint8_t *bits, size_t *size, int *clk, int *invert, int maxErr,
            errCnt = manrawdecode(bits, size, 0, &alignPos);
            *startIdx += ((*clk / 2) * alignPos);
-            prnt("DEBUG: (askdemod_ext) CLEAN: startIdx %i, alignPos %u , bestError %u", *startIdx, alignPos, errCnt);
+            prnt("DEBUG: (askdemod_ext) CLEAN: startIdx %i, alignPos %u , bestError %zu", *startIdx, alignPos, errCnt);
        }
        return errCnt;
    }
@ -1870,10 +1876,10 @@ static size_t aggregate_bits(uint8_t *dest, size_t size, uint8_t clk, uint8_t in
        if (numBits == 0) {
            if (lastval == 1) {  //high to low
                *startIdx += (fclow * i) - (n * clk);
-                if (g_debugMode == 2) prnt("DEBUG (aggregate_bits) FSK startIdx %i, fclow*idx %i, n*clk %u", *startIdx, fclow * i, n * clk);
+                if (g_debugMode == 2) prnt("DEBUG (aggregate_bits) FSK startIdx %i, fclow*idx %zu, n*clk %u", *startIdx, fclow * i, n * clk);
            } else {
                *startIdx += (fchigh * i) - (n * clk);
-                if (g_debugMode == 2) prnt("DEBUG (aggregate_bits) FSK startIdx %i, fchigh*idx %i, n*clk %u", *startIdx, fchigh * i, n * clk);
+                if (g_debugMode == 2) prnt("DEBUG (aggregate_bits) FSK startIdx %i, fchigh*idx %zu, n*clk %u", *startIdx, fchigh * i, n * clk);
            }
        }
@ -1984,8 +1990,8 @@ int pskRawDemod_ext(uint8_t *dest, size_t *size, int *clock, int *invert, int *s
    //set start of wave as clock align
    lastClkBit = firstFullWave;
    if (g_debugMode == 2) {
-        prnt("DEBUG PSK: firstFullWave: %u, waveLen: %u, startIdx %i", firstFullWave, fullWaveLen, *startIdx);
+        prnt("DEBUG PSK: firstFullWave: %zu, waveLen: %u, startIdx %i", firstFullWave, fullWaveLen, *startIdx);
-        prnt("DEBUG PSK: clk: %d, lastClkBit: %u, fc: %u", *clock, lastClkBit, fc);
+        prnt("DEBUG PSK: clk: %d, lastClkBit: %zu, fc: %u", *clock, lastClkBit, fc);
    }
    waveStart = 0;
--- a/covbuild.sh
+++ b/covbuild.sh
@ -1,36 +1,20 @@
 #!/bin/bash
-## 2016-01-16,  Iceman
+set -e
-## build script for Coverity Scan of the proxmark3 source code
+. .coverity.conf || exit 1
-## clean up pre-compiled objects.
+pre_build_hook
 rm -rf "$COVDIR"
 mkdir "$COVDIR"
 make clean
 $COVBUILD make -j 4 bootrom
 $COVBUILD make -j 4 fullimage
 $COVBUILD make -j 4 mfkey
 $COVBUILD make -j 4 nonce2key
 $COVBUILD make -j 4 fpga_compress
 # make sure to do client after ARM because Coverity retains one build info per file
 # and we want the client-side of the common/ analysis
 $COVBUILD make -j 4 client
-## coverity build
+post_build_hook
 /home/user/cov-analysis-linux-2017.07/bin/cov-build --dir cov-int make all
 ## delete all previous tarballs
 rm proxmark3.all.*.tgz
 ##
 VERSION="0.1.`date --date now +%H%M`"
 TODAY="`date --date now +%Y%m%d.%H%M`"
 DESCNAME="autoMango.$TODAY"
 FILENAME=proxmark3.all.$TODAY.tgz
 ## create tarball
 tar cfz $FILENAME cov-int
 echo "Coverity build file is ready"
 ## clean up build folders
 rm -rf cov-int
 echo "Coverity build cleaned"
 ## upload tarball to Coverity.com
 curl --form token=dY262wIFmfkcRkA5Pyw0eA \
 --form email=herrmann1001@gmail.com \
  --form file=@$FILENAME \
  --form version="$VERSION" \
  --form description="$DESCNAME" \
  https://scan.coverity.com/builds?project=proxmark3_iceman_fork
 echo "tarball uploaded to Coverity for analyse"
--- a/covconfig.sh
+++ b/covconfig.sh
@ -1,13 +1,6 @@
 #!/bin/bash
-## 20160116, iceman
+set -e
-## remove old
+. .coverity.conf || exit 1
 rm /home/user/cov-analysis-linux-2017.07/config/coverity_config.xml
 rm -rf /home/user/cov-analysis-linux-2017.07/config/gcc-config-?
 rm -rf /home/user/cov-analysis-linux-2017.07/config/g++-config-?
- ## Configure ARM ,  make sure you have the arm gcc in your $PATH variable.
+cov-configure --template --compiler arm-none-eabi-gcc --comptype gcc
 #/home/user/cov-analysis-linux-2017.07/bin/cov-configure -co arm-none-eabi-gcc -- -mthumb-interwork
 /home/user/cov-analysis-linux-2017.07/bin/cov-configure -co arm-none-eabi-gcc -- -std=c99 -mthumb -mthumb-interwork
 echo "Done."
--- a/covsubmit.sh
+++ b/covsubmit.sh
@ -0,0 +1,31 @@
 #!/bin/bash
 set -e
 . .coverity.conf || exit 1
 pre_submit_hook
 ## delete all previous tarballs
 rm proxmark3.all.*.tgz proxmark3.all.*.log
 TODAY="$(date --date now +%Y%m%d.%H%M)"
 VERSION="0.1.$TODAY"
 DESCNAME="manual_by_$NICKNAME.$TODAY.$(git describe --dirty --always)"
 FILENAME="proxmark3.all.$TODAY.tgz"
 LOGFILENAME="${FILENAME/.tgz/.log}"
 ## create tarball
 tar cfz "$FILENAME" "$COVDIR" || exit $?
 echo "Coverity build file is ready"
 ## upload tarball to Coverity.com
 curl --progress-bar --fail \
  --form token="$COVTOKEN" \
  --form email="$COVLOGIN" \
  --form file="@$FILENAME" \
  --form version="$VERSION" \
  --form description="$DESCNAME" \
  https://scan.coverity.com/builds?project=Proxmark3+RRG+Iceman+repo | tee -a "${LOGFILENAME}" ; test "${PIPESTATUS[0]}" -eq 0  || exit $?
 echo "tarball uploaded to Coverity for analyse"
 post_submit_hook
--- a/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md
+++ b/doc/md/Use_of_Proxmark/4_Advanced-compilation-parameters.md
@ -12,6 +12,13 @@ Via some definitions, you can adjust the firmware for a given platform, but also
 The client doesn't depend on the capabilities of the Proxmark3 it's connected to.
 So you can use the same client for different Proxmark3 platforms, given that everything is running the same version.
 It's possible to explicitly skip the Qt support in the compilation even if Qt is present on the host, with:
 ```
 make clean
 make SKIPQT=1
 ```
 ## Firmware
 By default, the firmware is of course tuned for the Proxmark3 Rdv4.0 device, which has built-in support for 256kb onboard flash SPI memory, Sim module (smart card support), FPC connector.