github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-14 10:37:23 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix potential stack overflow while making it easier to support more ATRs

Browse source
This commit is contained in:
Jean-Michel Picod 2023-10-17 17:47:54 +02:00
commit ce45b3b242
1 changed files with 26 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

44
common/cardhelper.c
View file

@ -73,27 +73,35 @@ bool IsHIDSamPresent(bool verbose) {
}
// SAM identification
uint8_t sam_atr[] = {0x3B, 0x95, 0x96, 0x80, 0xB1, 0xFE, 0x55, 0x1F, 0xC7, 0x47, 0x72, 0x61, 0x63, 0x65, 0x13};
if (memcmp(card.atr, sam_atr, card.atr_len) < 0) {
uint8_t sam_atr2[] = {0x3b, 0x90, 0x96, 0x91, 0x81, 0xb1, 0xfe, 0x55, 0x1f, 0xc7, 0xd4};
if (memcmp(card.atr, sam_atr2, card.atr_len) < 0) {
if (verbose) {
PrintAndLogEx(SUCCESS, "Not detecting a SAM");
}
return false;
smart_card_atr_t supported[] = {
{15, {0x3B, 0x95, 0x96, 0x80, 0xB1, 0xFE, 0x55, 0x1F, 0xC7, 0x47, 0x72, 0x61, 0x63, 0x65, 0x13}},
{11, {0x3b, 0x90, 0x96, 0x91, 0x81, 0xb1, 0xfe, 0x55, 0x1f, 0xc7, 0xd4}},
};
bool found = false;
for (int i = 0; i < sizeof(supported) / sizeof(supported[0]); i++) {
if ((card.atr_len == supported[i].atr_len) &&
(memcmp(card.atr, supported[i].atr, supported[i].atr_len) == 0)) {
found = true;
break;
}
}
// Suspect some SAMs has version name in their ATR
uint8_t T0 = card.atr[1];
uint8_t K = T0 & 0x0F;
if (K > 4 && verbose) {
if (byte_strstr(card.atr, card.atr_len, (const uint8_t *)"Grace", 5) > -1) {
PrintAndLogEx(SUCCESS, "SAM (Grace) detected");
} else if (byte_strstr(card.atr, card.atr_len, (const uint8_t *)"Hopper", 6) > -1) {
PrintAndLogEx(SUCCESS, "SAM (Hopper) detected");
if (found == false) {
if (verbose) {
PrintAndLogEx(SUCCESS, "Not detecting a SAM");
}
return false;
}
// Suspect some SAMs has version name in the historical bytes
uint8_t T0 = card.atr[1];
uint8_t K = T0 & 0x0F; // Number of historical bytes
if (K > 0 && (K < (card.atr_len - 3)) && verbose) {
// Last byte of ATR is CRC and before that we have K bytes of
// "historical bytes".
// By construction K can't go above 15
char sam_name[16] = {0};
memcpy(sam_name, &card.atr[card.atr_len - 1 - K], K);
PrintAndLogEx(SUCCESS, "SAM (%s) detected", sam_name);
}
return true;
}