From da564aed3c4c8faa0660e7659e2d59afa689f482 Mon Sep 17 00:00:00 2001 From: nvx Date: Wed, 24 Jan 2024 00:03:53 +1000 Subject: [PATCH] Fix hf sniff This was broken in commit 17ab86c52 as the forced rounding up of the size to 4-byte alignment in BigBuf_malloc made the size check possibly larger than the buffer size as the check was always +3 on the requested size rather than the rounded size. This was made worse by BigBuf_max_traceLen not taking into account alignment either and the alignmentn check in hfsnoop.c checking to 2 byte alignment instead of 4 byte alignment. The alignment size check now checks the size after alignment rounding, and BigBuf_max_traceLen takes into account alignment losses too reducing the need for BigBuf consumers to have to care about alignment. --- CHANGELOG.md | 1 + armsrc/BigBuf.c | 13 ++++++++----- armsrc/hfsnoop.c | 2 +- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 40141b62e..0e20a023f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Fixed `hf sniff` broken since 17ab86c52 (@nvx) - Added `--dumpmem` to proxmark3 client for memory dumping to file (@martian01010) - Changed `hw readmem` to allow larger reads, write to file and better hex viewer (@martian01010) - Added `CMD_READ_MEM_DOWNLOAD` and `CMD_READ_MEM_DOWNLOADED` to osimage and bootloader (@martian01010) diff --git a/armsrc/BigBuf.c b/armsrc/BigBuf.c index 0949558f3..3e992e32f 100644 --- a/armsrc/BigBuf.c +++ b/armsrc/BigBuf.c @@ -22,6 +22,9 @@ #include "pm3_cmd.h" #include "util.h" // nbytes +#define BIGBUF_ALIGN_BYTES (4) +#define BIGBUF_ALIGN_MASK (0xFFFF+1-BIGBUF_ALIGN_BYTES) + extern uint32_t _stack_start[], __bss_end__[]; // BigBuf is the large multi-purpose buffer, typically used to hold A/D samples or traces. @@ -132,10 +135,11 @@ void BigBuf_Clear_keep_EM(void) { // allocate a chunk of memory from BigBuf. We allocate high memory first. The unallocated memory // at the beginning of BigBuf is always for traces/samples uint8_t *BigBuf_malloc(uint16_t chunksize) { - if (s_bigbuf_hi < (chunksize + 3)) + chunksize = (chunksize + BIGBUF_ALIGN_BYTES - 1) & BIGBUF_ALIGN_MASK; // round up to next multiple of 4 + + if (s_bigbuf_hi < chunksize) return NULL; // no memory left - chunksize = (chunksize + 3) & 0xfffc; // round to next multiple of 4 s_bigbuf_hi -= chunksize; // aligned to 4 Byte boundary return (uint8_t *)BigBuf + s_bigbuf_hi; } @@ -145,7 +149,7 @@ uint8_t *BigBuf_malloc(uint16_t chunksize) { uint8_t *BigBuf_calloc(uint16_t chunksize) { uint8_t *mem = BigBuf_malloc(chunksize); if (mem != NULL) { - memset(mem, 0x00, ((chunksize + 3) & 0xfffc)); // round to next multiple of 4 + memset(mem, 0x00, ((chunksize + BIGBUF_ALIGN_BYTES - 1) & BIGBUF_ALIGN_MASK)); // round up to next multiple of 4 } return mem; } @@ -203,7 +207,7 @@ void BigBuf_print_status(void) { // return the maximum trace length (i.e. the unallocated size of BigBuf) uint16_t BigBuf_max_traceLen(void) { - return s_bigbuf_hi; + return s_bigbuf_hi & BIGBUF_ALIGN_MASK; } void clear_trace(void) { @@ -379,4 +383,3 @@ dmabuf8_t *get_dma8(void) { return &dma_8; } - diff --git a/armsrc/hfsnoop.c b/armsrc/hfsnoop.c index 59931ea66..5443a617f 100644 --- a/armsrc/hfsnoop.c +++ b/armsrc/hfsnoop.c @@ -106,7 +106,7 @@ int HfSniff(uint32_t samplesToSkip, uint32_t triggersToSkip, uint16_t *len, uint FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SNIFF); SpinDelay(100); - *len = (BigBuf_max_traceLen() & 0xFFFE); + *len = BigBuf_max_traceLen(); uint8_t *mem = BigBuf_malloc(*len); uint32_t trigger_cnt = 0;