From bb59250ecaabada8dbf262e971f16ea194c89e54 Mon Sep 17 00:00:00 2001 From: mwalker33 <51802811+mwalker33@users.noreply.github.com> Date: Sat, 17 Oct 2020 09:20:33 +1100 Subject: [PATCH] Cliparser fix Fix CLIGetStrwithRetrun Allows casting and requires the buffer length to be passed in. Existing uses of the function have been updated. --- client/deps/cliparser/cliparser.h | 2 +- client/src/cmdhffido.c | 11 ++++++++++- client/src/cmdlfhid.c | 2 +- client/src/cmdlfkeri.c | 2 +- client/src/emv/cmdemv.c | 2 +- doc/cliparser.md | 4 ++-- 6 files changed, 16 insertions(+), 7 deletions(-) diff --git a/client/deps/cliparser/cliparser.h b/client/deps/cliparser/cliparser.h index 68beca038..89c9e00ca 100644 --- a/client/deps/cliparser/cliparser.h +++ b/client/deps/cliparser/cliparser.h @@ -49,7 +49,7 @@ #define CLIGetHexWithReturn(ctx, paramnum, data, datalen) if (CLIParamHexToBuf(arg_get_str((ctx), (paramnum)), (data), sizeof((data)), (datalen))) {CLIParserFree((ctx)); return PM3_ESOFT;} -#define CLIGetStrWithReturn(ctx, paramnum, data, datalen) if (CLIParamStrToBuf(arg_get_str((ctx), (paramnum)), (data), sizeof((data)), (datalen))) {CLIParserFree((ctx)); return PM3_ESOFT;} +#define CLIGetStrWithReturn(ctx, paramnum, data, datalen) if (CLIParamStrToBuf(arg_get_str((ctx), (paramnum)), (data), (*datalen), (datalen))) {CLIParserFree((ctx)); return PM3_ESOFT;} typedef struct { void **argtable; diff --git a/client/src/cmdhffido.c b/client/src/cmdhffido.c index eac2c71c5..53cb10c98 100644 --- a/client/src/cmdhffido.c +++ b/client/src/cmdhffido.c @@ -209,6 +209,7 @@ static int cmd_hf_fido_register(const char *cmd) { if (paramsPlain) { memset(cdata, 0x00, 32); + chlen = sizeof(cdata); CLIGetStrWithReturn(ctx, 6, cdata, &chlen); if (chlen > 16) { PrintAndLogEx(ERR, "ERROR: challenge parameter length in ASCII mode must be less than 16 chars instead of: %d", chlen); @@ -216,6 +217,7 @@ static int cmd_hf_fido_register(const char *cmd) { return PM3_EINVARG; } } else { + chlen = sizeof(cdata); CLIGetHexWithReturn(ctx, 6, cdata, &chlen); if (chlen && chlen != 32) { PrintAndLogEx(ERR, "ERROR: challenge parameter length must be 32 bytes only."); @@ -229,6 +231,7 @@ static int cmd_hf_fido_register(const char *cmd) { if (paramsPlain) { memset(adata, 0x00, 32); + applen = sizeof(adata); CLIGetStrWithReturn(ctx, 7, adata, &applen); if (applen > 16) { PrintAndLogEx(ERR, "ERROR: application parameter length in ASCII mode must be less than 16 chars instead of: %d", applen); @@ -236,6 +239,7 @@ static int cmd_hf_fido_register(const char *cmd) { return PM3_EINVARG; } } else { + applen = sizeof(adata); CLIGetHexWithReturn(ctx, 7, adata, &applen); if (applen && applen != 32) { PrintAndLogEx(ERR, "ERROR: application parameter length must be 32 bytes only."); @@ -485,6 +489,7 @@ static int cmd_hf_fido_authenticate(const char *cmd) { if (paramsPlain) { memset(hdata, 0x00, 32); + hdatalen = sizeof(hdata); CLIGetStrWithReturn(ctx, 9, hdata, &hdatalen); if (hdatalen > 16) { PrintAndLogEx(ERR, "ERROR: challenge parameter length in ASCII mode must be less than 16 chars instead of: %d", hdatalen); @@ -492,6 +497,7 @@ static int cmd_hf_fido_authenticate(const char *cmd) { return PM3_EINVARG; } } else { + hdatalen = sizeof(hdata); CLIGetHexWithReturn(ctx, 10, hdata, &hdatalen); if (hdatalen && hdatalen != 32) { PrintAndLogEx(ERR, "ERROR: challenge parameter length must be 32 bytes only."); @@ -505,6 +511,7 @@ static int cmd_hf_fido_authenticate(const char *cmd) { if (paramsPlain) { memset(hdata, 0x00, 32); + hdatalen = sizeof(hdata); CLIGetStrWithReturn(ctx, 11, hdata, &hdatalen); if (hdatalen > 16) { PrintAndLogEx(ERR, "ERROR: application parameter length in ASCII mode must be less than 16 chars instead of: %d", hdatalen); @@ -512,6 +519,7 @@ static int cmd_hf_fido_authenticate(const char *cmd) { return PM3_EINVARG; } } else { + hdatalen = sizeof(hdata); CLIGetHexWithReturn(ctx, 10, hdata, &hdatalen); if (hdatalen && hdatalen != 32) { PrintAndLogEx(ERR, "ERROR: application parameter length must be 32 bytes only."); @@ -693,6 +701,7 @@ static int cmd_hf_fido_2make_credential(const char *cmd) { uint8_t jsonname[FILE_PATH_SIZE] = {0}; char *cjsonname = (char *)jsonname; int jsonnamelen = 0; + jsonnamelen = sizeof(jsonname); CLIGetStrWithReturn(ctx, 5, jsonname, &jsonnamelen); if (!jsonnamelen) { @@ -817,7 +826,7 @@ static int cmd_hf_fido_2get_assertion(const char *cmd) { uint8_t jsonname[FILE_PATH_SIZE] = {0}; char *cjsonname = (char *)jsonname; - int jsonnamelen = 0; + int jsonnamelen = sizeof(jsonname); CLIGetStrWithReturn(ctx, 5, jsonname, &jsonnamelen); if (!jsonnamelen) { diff --git a/client/src/cmdlfhid.c b/client/src/cmdlfhid.c index 48dfc9928..7379d882e 100644 --- a/client/src/cmdlfhid.c +++ b/client/src/cmdlfhid.c @@ -417,7 +417,7 @@ static int CmdHIDBrute(const char *Cmd) { CLIExecWithReturn(ctx, Cmd, argtable, false); bool verbose = arg_get_lit(ctx, 1); - + formatLen = sizeof(format); CLIGetStrWithReturn(ctx, 2, format, &formatLen); format_idx = HIDFindCardFormat((char *) format); diff --git a/client/src/cmdlfkeri.c b/client/src/cmdlfkeri.c index 1279c6f8c..396a4a79f 100644 --- a/client/src/cmdlfkeri.c +++ b/client/src/cmdlfkeri.c @@ -225,7 +225,7 @@ static int CmdKeriClone(const char *Cmd) { blocks[0] = T5555_FIXED | T5555_MODULATION_PSK1 | T5555_SET_BITRATE(32) | T5555_PSK_RF_2 | 2 << T5555_MAXBLOCK_SHIFT; q5 = true; } - + typeLen = sizeof(keritype); CLIGetStrWithReturn(ctx, 2, keritype, &typeLen); fc = arg_get_int_def(ctx, 3, 0); diff --git a/client/src/emv/cmdemv.c b/client/src/emv/cmdemv.c index 95134251b..fa1e9618a 100644 --- a/client/src/emv/cmdemv.c +++ b/client/src/emv/cmdemv.c @@ -1435,7 +1435,7 @@ static int CmdEMVScan(const char *Cmd) { uint8_t psenum = (channel == ECC_CONTACT) ? 1 : 2; uint8_t filename[FILE_PATH_SIZE] = {0}; - int filenamelen = 0; + int filenamelen = sizeof(filename); CLIGetStrWithReturn(ctx, 12, filename, &filenamelen); CLIParserFree(ctx); diff --git a/doc/cliparser.md b/doc/cliparser.md index 142f5c37a..9dcab7867 100644 --- a/doc/cliparser.md +++ b/doc/cliparser.md @@ -203,11 +203,11 @@ CLIGetHexWithReturn(\, \, \, \,\, \, \); +CLIGetStrWithReturn(\,\, \, \); If failed to retrieve string, it will exit fct uint8_t buffer[100]; - int slen = 0; + int slen = sizeof(buffer); // <- slen MUST be the maximum number of characters that you want returned. e.g. Buffer Size CLIGetStrWithReturn(ctx, 1, buffer, &slen); **string option**