FIX: Some Coverity Scan warnings. fread, not initialised etc etc

2025-08-20 05:13:46 -07:00 · 2016-04-23 18:23:46 +02:00 · 2016-04-23 18:23:46 +02:00 · cd777a0545
commit cd777a0545
parent 5bb6228386
7 changed files with 81 additions and 88 deletions
--- a/armsrc/hitagS.c
+++ b/armsrc/hitagS.c
@ -10,8 +10,6 @@
 //-----------------------------------------------------------------------------
 // Some code was copied from Hitag2.c
 //-----------------------------------------------------------------------------
 #include <stdio.h>
 #include <stdlib.h>
 #include "proxmark3.h"
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@ -94,12 +94,14 @@ int usage_hf14_hardnested(void){
 	PrintAndLog("      w    acquire nonces and write them to binary file nonces.bin");
 	PrintAndLog("      s    slower acquisition (required by some non standard cards)");
 	PrintAndLog("      r    read nonces.bin and start attack");
 	PrintAndLog("      t    tests?");
 	PrintAndLog(" ");
 	PrintAndLog("samples:");
 	PrintAndLog("      hf mf hardnested 0 A FFFFFFFFFFFF 4 A");
 	PrintAndLog("      hf mf hardnested 0 A FFFFFFFFFFFF 4 A w");
 	PrintAndLog("      hf mf hardnested 0 A FFFFFFFFFFFF 4 A w s");
 	PrintAndLog("      hf mf hardnested r");
 	PrintAndLog("      hf mf hardnested r a0a1a2a3a4a5");
 	PrintAndLog(" ");
 	PrintAndLog("Add the known target key to check if it is present in the remaining key space:");
 	PrintAndLog("      sample5: hf mf hardnested 0 A A0A1A2A3A4A5 4 A FFFFFFFFFFFF");
@ -937,7 +939,7 @@ int CmdHF14AMfNestedHard(const char *Cmd) {
 	char ctmp;
 	ctmp = param_getchar(Cmd, 0);
-	if (ctmp != 'H' && ctmp != 'h' ) return usage_hf14_hardnested();
+	if (ctmp == 'H' || ctmp == 'h' ) return usage_hf14_hardnested();
 	if (ctmp != 'R' && ctmp != 'r' && ctmp != 'T' && ctmp != 't' && strlen(Cmd) < 20) return usage_hf14_hardnested();
 	bool know_target_key = false;
--- a/client/cmdhfmfhard.c
+++ b/client/cmdhfmfhard.c
@ -74,7 +74,6 @@ static const float p_K[257] = {		// the probability that a random nonce has a Su
 	0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000,
 	0.0290 };
 typedef struct noncelistentry {
 	uint32_t nonce_enc;
 	uint8_t par_enc;
@ -92,7 +91,6 @@ typedef struct noncelist {
 	float score1, score2;
 } noncelist_t;
 static size_t nonces_to_bruteforce = 0;
 static noncelistentry_t *brute_force_nonces[256];
 static uint32_t cuid = 0;
@ -130,10 +128,8 @@ typedef struct {
 static partial_indexed_statelist_t partial_statelist[17];
 static partial_indexed_statelist_t statelist_bitflip;
 static statelist_t *candidates = NULL;
 static int add_nonce(uint32_t nonce_enc, uint8_t par_enc) 
 {
 	uint8_t first_byte = nonce_enc >> 24;
@ -448,32 +444,31 @@ static void Tests()
 	// crypto1_destroy(pcs);
 	// printf("\nTests: number of states with BitFlipProperty: %d, (= %1.3f%% of total states)\n", statelist_bitflip.len[0], 100.0 * statelist_bitflip.len[0] / (1<<20));
-	printf("\nTests: Actual BitFlipProperties odd/even:\n");
+	// printf("\nTests: Actual BitFlipProperties odd/even:\n");
-	for (uint16_t i = 0; i < 256; i++) {
+	// for (uint16_t i = 0; i < 256; i++) {
-		printf("[%02x]:%c  ", i, nonces[i].BitFlip[ODD_STATE]?'o':nonces[i].BitFlip[EVEN_STATE]?'e':' ');
+		// printf("[%02x]:%c  ", i, nonces[i].BitFlip[ODD_STATE]?'o':nonces[i].BitFlip[EVEN_STATE]?'e':' ');
-		if (i % 8 == 7) {
+		// if (i % 8 == 7) {
-			printf("\n");
+			// printf("\n");
-		}
+		// }
-	}
+	// }
-	printf("\nTests: Sorted First Bytes:\n");
+	// printf("\nTests: Sorted First Bytes:\n");
-	for (uint16_t i = 0; i < 256; i++) {
+	// for (uint16_t i = 0; i < 256; i++) {
-		uint8_t best_byte = best_first_bytes[i];
+		// uint8_t best_byte = best_first_bytes[i];
-		printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c\n", 
+		// printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c\n", 
-		//printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c, score1: %1.5f, score2: %1.0f\n", 
+		// //printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c, score1: %1.5f, score2: %1.0f\n", 
-			i, best_byte, 
+			// i, best_byte, 
-			nonces[best_byte].num,
+			// nonces[best_byte].num,
-			nonces[best_byte].Sum,
+			// nonces[best_byte].Sum,
-			nonces[best_byte].Sum8_guess,
+			// nonces[best_byte].Sum8_guess,
-			nonces[best_byte].Sum8_prob * 100,
+			// nonces[best_byte].Sum8_prob * 100,
-			nonces[best_byte].BitFlip[ODD_STATE]?'o':nonces[best_byte].BitFlip[EVEN_STATE]?'e':' '
+			// nonces[best_byte].BitFlip[ODD_STATE]?'o':nonces[best_byte].BitFlip[EVEN_STATE]?'e':' '
-			//nonces[best_byte].score1,
+			// //nonces[best_byte].score1,
-			//nonces[best_byte].score2
+			// //nonces[best_byte].score2
-			);
+			// );
-	}
+	// }
 	// printf("\nTests: parity performance\n");
 	// time_t time1p = clock();
@ -1628,7 +1623,7 @@ static void* crack_states_thread(void* x){
    }
    return NULL;
 }
-#define _USE_32BIT_TIME_T
+
 static void brute_force(void)
 {
 	if (known_target_key != -1) {
@ -1667,6 +1662,8 @@ static void brute_force(void)
 #ifndef __WIN32
        thread_count = sysconf(_SC_NPROCESSORS_CONF);
 		if ( thread_count < 1)
 			thread_count = 1;
 #endif  /* _WIN32 */
        pthread_t threads[thread_count];
--- a/client/cmdlfhitag.c
+++ b/client/cmdlfhitag.c
@ -28,8 +28,7 @@ size_t nbytes(size_t nbits) {
 	return (nbits/8)+((nbits%8)>0);
 }
-int CmdLFHitagList(const char *Cmd)
+int CmdLFHitagList(const char *Cmd) {
 {
 	uint8_t *got = malloc(USB_CMD_DATA_SIZE);
 	// Query for the actual size of the trace
@ -58,13 +57,14 @@ int CmdLFHitagList(const char *Cmd)
 	int len = strlen(Cmd);
 	char filename[FILE_PATH_SIZE]  = { 0x00 };
-	FILE* pf = NULL;
+	FILE* f = NULL;
 	if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
 	memcpy(filename, Cmd, len);
 	if (strlen(filename) > 0) {
-		if ((pf = fopen(filename,"wb")) == NULL) {
+		f = fopen(filename,"wb");
 		if (!f) {
 			PrintAndLog("Error: Could not open file [%s]",filename);
 			return 1;
 		}
@ -129,8 +129,8 @@ int CmdLFHitagList(const char *Cmd)
 			(isResponse ? "TAG" : "   "),
 			line);
-		if (pf) {
+		if (f) {
-			fprintf(pf," +%7d:  %3d: %s %s\n",
+			fprintf(f," +%7d:  %3d: %s %s\n",
 				(prev < 0 ? 0 : (timestamp - prev)),
 				bits,
 				(isResponse ? "TAG" : "   "),
@ -141,8 +141,8 @@ int CmdLFHitagList(const char *Cmd)
 		i += (len + 9);
 	}
-	if (pf) {
+	if (f) {
-		fclose(pf);
+		fclose(f);
 		PrintAndLog("Recorded activity succesfully written to file: %s", filename);
 	}
@ -161,7 +161,7 @@ int CmdLFHitagSim(const char *Cmd) {
 	UsbCommand c = {CMD_SIMULATE_HITAG};
 	char filename[FILE_PATH_SIZE] = { 0x00 };
-	FILE* pf;
+	FILE* f;
 	bool tag_mem_supplied;
 	int len = strlen(Cmd);
@ -169,25 +169,25 @@ int CmdLFHitagSim(const char *Cmd) {
 	memcpy(filename, Cmd, len);
 	if (strlen(filename) > 0) {
-		if ((pf = fopen(filename,"rb+")) == NULL) {
+		f = fopen(filename,"rb+");
 		if (!f) {
 			PrintAndLog("Error: Could not open file [%s]",filename);
 			return 1;
 		}
 		tag_mem_supplied = true;
-		size_t bytes_read = fread(c.d.asBytes, 48, 1, pf);
+		size_t bytes_read = fread(c.d.asBytes, 48, 1, f);
 		if ( bytes_read == 0) {
 			PrintAndLog("Error: File reading error");
-			fclose(pf);
+			fclose(f);
 			return 1;
 		}
-		fclose(pf);
+		fclose(f);
 	} else {
 		tag_mem_supplied = false;
 	}
 	// Does the tag comes with memory
 	c.arg[0] = (uint32_t)tag_mem_supplied;
 	clearCommandBuffer();
 	SendCommand(&c);
 	return 0;
@ -195,7 +195,6 @@ int CmdLFHitagSim(const char *Cmd) {
 int CmdLFHitagReader(const char *Cmd) {
 	UsbCommand c = {CMD_READER_HITAG};//, {param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),param_get32ex(Cmd,3,0,16)}};
 	hitag_data* htd = (hitag_data*)c.d.asBytes;
 	hitag_function htf = param_get32ex(Cmd,0,0,10);
@ -241,11 +240,8 @@ int CmdLFHitagReader(const char *Cmd) {
 	// Copy the hitag2 function into the first argument
 	c.arg[0] = htf;
 	clearCommandBuffer();
 	// Send the command to the proxmark
 	SendCommand(&c);
 	UsbCommand resp;
 	WaitForResponse(CMD_ACK,&resp);
@ -253,28 +249,27 @@ int CmdLFHitagReader(const char *Cmd) {
 	if (resp.arg[0] == false) return 1;
 	uint32_t id = bytes_to_num(resp.d.asBytes,4);
 	char filename[FILE_PATH_SIZE];
 	FILE* pf = NULL;
 	char filename[FILE_PATH_SIZE];
 	FILE* f = NULL;
 	sprintf(filename,"%08x_%04x.ht2",id,(rand() & 0xffff));
-	if ((pf = fopen(filename,"wb")) == NULL) {
+	f = fopen(filename,"wb");
 	if (!f) {
 		PrintAndLog("Error: Could not open file [%s]",filename);
 		return 1;
 	}
 	// Write the 48 tag memory bytes to file and finalize
-	fwrite(resp.d.asBytes,1,48,pf);
+	fwrite(resp.d.asBytes, 1, 48, f);
-	fclose(pf);
+	fclose(f);
 	PrintAndLog("Succesfully saved tag memory to [%s]",filename);
 	return 0;
 }
 int CmdLFHitagSimS(const char *Cmd) {
 	UsbCommand c = { CMD_SIMULATE_HITAG_S };
 	char filename[FILE_PATH_SIZE] = { 0x00 };
-	FILE* pf;
+	FILE* f;
 	bool tag_mem_supplied;
 	int len = strlen(Cmd);
 	if (len > FILE_PATH_SIZE)
@ -282,24 +277,26 @@ int CmdLFHitagSimS(const char *Cmd) {
 	memcpy(filename, Cmd, len);
 	if (strlen(filename) > 0) {
-		if ((pf = fopen(filename, "rb+")) == NULL) {
+		f = fopen(filename, "rb+");
 		if (!f) {
 			PrintAndLog("Error: Could not open file [%s]", filename);
 			return 1;
 		}
 		tag_mem_supplied = true;
-		if (fread(c.d.asBytes, 4*64, 1, pf) == 0) {
+		size_t bytes_read = fread(c.d.asBytes, 4*64, 1, f);
 		if ( bytes_read == 0) {
 			PrintAndLog("Error: File reading error");
-			fclose(pf);
+			fclose(f);
 			return 1;
 		}
-		fclose(pf);
+		fclose(f);
 	} else {
 		tag_mem_supplied = false;
 	}
 	// Does the tag comes with memory
 	c.arg[0] = (uint32_t) tag_mem_supplied;
-
+	clearCommandBuffer();
 	SendCommand(&c);
 	return 0;
 }
@ -307,36 +304,37 @@ int CmdLFHitagSimS(const char *Cmd) {
 int CmdLFHitagCheckChallenges(const char *Cmd) {
 	UsbCommand c = { CMD_TEST_HITAGS_TRACES };
 	char filename[FILE_PATH_SIZE] = { 0x00 };
-	FILE* pf;
+	FILE* f;
 	bool file_given;
 	int len = strlen(Cmd);
 	if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
 	memcpy(filename, Cmd, len);
 	if (strlen(filename) > 0) {
-		if ((pf = fopen(filename,"rb+")) == NULL) {
+		f = fopen(filename,"rb+");
-			PrintAndLog("Error: Could not open file [%s]",filename);
+		if( !f ) {
 			PrintAndLog("Error: Could not open file [%s]", filename);
 			return 1;
 		}
 		file_given = true;
-		if (fread(c.d.asBytes,8*60,1,pf) == 0) {
+		size_t bytes_read = fread(c.d.asBytes, 8*60, 1, f);
 		if ( bytes_read == 0) {
 			PrintAndLog("Error: File reading error");
-      fclose(pf);
+			fclose(f);
 			return 1;
        }
-		fclose(pf);
+		fclose(f);
 	} else {
 		file_given = false;
 	}
 	//file with all the challenges to try
 	c.arg[0] = (uint32_t)file_given;
-
+	clearCommandBuffer();
 	SendCommand(&c);
 	return 0;
 }
 int CmdLFHitagWP(const char *Cmd) {
 	UsbCommand c = { CMD_WR_HITAG_S };
 	hitag_data* htd = (hitag_data*)c.d.asBytes;
@ -367,9 +365,8 @@ int CmdLFHitagWP(const char *Cmd) {
 	// Copy the hitag function into the first argument
 	c.arg[0] = htf;
-  // Send the command to the proxmark
+	clearCommandBuffer();
 	SendCommand(&c);
 	UsbCommand resp;
 	WaitForResponse(CMD_ACK,&resp);
@ -378,7 +375,6 @@ int CmdLFHitagWP(const char *Cmd) {
 	return 0;
 }
 static command_t CommandTable[] = 
 {
 	{"help",    CmdHelp,           1, "This help"},
--- a/client/nonce2key/crapto1.c
+++ b/client/nonce2key/crapto1.c
@ -383,7 +383,7 @@ uint32_t lfsr_rollback_word(struct Crypto1State *s, uint32_t in, int fb)
 /** nonce_distance
 * x,y valid tag nonces, then prng_successor(x, nonce_distance(x, y)) = y
 */
-static uint16_t *dist = 0;
+static uint16_t *dist;
 int nonce_distance(uint32_t from, uint32_t to)
 {
 	uint16_t x, i;
@ -391,7 +391,7 @@ int nonce_distance(uint32_t from, uint32_t to)
 		dist = malloc(2 << 16);
 		if(!dist)
 			return -1;
-		for (x = i = 1; i; ++i) {
+		for (x = 1, i = 1; i; ++i) {
 			dist[(x & 0xff) << 8 | x >> 8] = i;
 			x = x >> 1 | (x ^ x >> 2 ^ x >> 3 ^ x >> 5) << 15;
 		}
--- a/client/nonce2key/crypto1_bs.c
+++ b/client/nonce2key/crypto1_bs.c
@ -80,7 +80,7 @@ inline const bitslice_value_t crypto1_bs_lfsr_rollback(const bitslice_value_t in
 // note that bytes are sliced and unsliced with reversed endianness
 inline void crypto1_bs_convert_states(bitslice_t bitsliced_states[], state_t regular_states[]){
    size_t bit_idx = 0, slice_idx = 0;
-    state_t values[MAX_BITSLICES];
+    state_t values[MAX_BITSLICES] = {{0x00}};
    for(slice_idx = 0; slice_idx < MAX_BITSLICES; slice_idx++){
        for(bit_idx = 0; bit_idx < STATE_SIZE; bit_idx++){
            bool bit = get_vector_bit(slice_idx, bitsliced_states[bit_idx]);
@ -111,7 +111,7 @@ void crypto1_bs_bitslice_value32(uint32_t value, bitslice_t bitsliced_value[], s
 void crypto1_bs_print_states(bitslice_t bitsliced_states[]){
    size_t slice_idx = 0;
-    state_t values[MAX_BITSLICES];
+    state_t values[MAX_BITSLICES]  = {{0x00}};
    crypto1_bs_convert_states(bitsliced_states, values);
    for(slice_idx = 0; slice_idx < MAX_BITSLICES; slice_idx++){
        printf("State %03zu: %012"llx"\n", slice_idx, values[slice_idx].value);
--- a/client/nonce2key/crypto1_bs.h
+++ b/client/nonce2key/crypto1_bs.h
@ -58,7 +58,7 @@ bitslice_t bs_zeroes;
 #define ROLLBACK_SIZE 8
 // number of nonces required to test to cover entire 48-bit state
 // I would have said it's 12... but bla goes with 100, so I do too
-#define NONCE_TESTS 100
+#define NONCE_TESTS 12
 // state pointer management
 extern __thread bitslice_t states[KEYSTREAM_SIZE+STATE_SIZE];