github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-07-30 11:39:14 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fix mf file loading error

Browse source 
Code was incorrectly checking if loop variable
`i` was greater than maximum data length,
rather than checking current buffer pointer.
This commit is contained in:
Henry Gabryjelski 2023-10-30 14:24:15 -07:00
parent 5ca29246e9
commit f2ed7d1299
1 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

16
client/src/fileutils.c
View file

@ -1087,6 +1087,7 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz
// Proxmark3 settings file. No
if (!strcmp(ctype, "settings")) {
PrintAndLogEx(ERR, "ERROR: json " _YELLOW_("%s") " appears to be Proxmark3 settings file ... not a valid dump file.", preferredName);
goto out;
}
@ -1102,21 +1103,26 @@ int loadFileJSONex(const char *preferredName, void *data, size_t maxdatalen, siz
// depricated mfcard
if (!strcmp(ctype, "mfcard") || !strcmp(ctype, "mfc v2")) {
size_t sptr = 0;
for (int i = 0; i < maxdatalen; i++) {
// load blocks (i) from 0..N, but check sptr against total data length, not `i`
for (int i = 0; sptr < maxdatalen; i++) {
if (sptr + MFBLOCK_SIZE > maxdatalen) {
PrintAndLogEx(ERR, "loadFileJSONex: maxdatalen=%4d (%04x) block (i)=%4d (%04x) sptr=%4d (%04x) -- exceeded maxdatalen", maxdatalen, maxdatalen, i, i, sptr, sptr);
retval = PM3_EMALLOC;
goto out;
}
snprintf(blocks, sizeof(blocks), "$.blocks.%d", i);
uint8_t block[MFBLOCK_SIZE];
uint8_t block[MFBLOCK_SIZE] = {0}; // ensure zero-filled when partial block of data read
JsonLoadBufAsHex(root, blocks, block, MFBLOCK_SIZE, &len);
if (!len)
if (!len) {
PrintAndLogEx(WARNING, "WARNING: json %s block %d has zero-length data ... file parsing stopped", ctype, i);
break;
} else if (len != MFBLOCK_SIZE) {
PrintAndLogEx(WARNING, "WARNING: json %s block %d only has %d bytes, expected %d (will fill with zero data)", ctype, i, len, MFBLOCK_SIZE);
}
memcpy(&udata.bytes[sptr], block, MFBLOCK_SIZE);
sptr += len;
sptr += MFBLOCK_SIZE; // always increment pointer by the full block size, even if only partial data read from dump file
}
*datalen = sptr;