char result[30];
int dataLen;
char endian = 0;
- dataLen = param_getstr(Cmd, cmdp++, inModel);
+ dataLen = param_getstr(Cmd, cmdp++, inModel, sizeof(inModel));
if (dataLen < 4) return 0;
- dataLen = param_getstr(Cmd, cmdp++, inHexStr);
+ dataLen = param_getstr(Cmd, cmdp++, inHexStr, sizeof(inHexStr));
if (dataLen < 4) return 0;
bool reverse = (param_get8(Cmd, cmdp++)) ? true : false;
endian = param_getchar(Cmd, cmdp++);
// takes hex string in and searches for a matching result (hex string must include checksum)
int CmdrevengSearch(const char *Cmd){
char inHexStr[50] = {0x00};
- int dataLen = param_getstr(Cmd, 0, inHexStr);
+ int dataLen = param_getstr(Cmd, 0, inHexStr, sizeof(inHexStr));
if (dataLen < 4) return 0;
char *Models[80];
bool showWaitCycles = false;
bool markCRCBytes = false;
char type[40] = {0};
- int tlen = param_getstr(Cmd,0,type);
+ int tlen = param_getstr(Cmd,0,type, sizeof(type));
char param1 = param_getchar(Cmd, 1);
char param2 = param_getchar(Cmd, 2);
bool errors = false;
//File handling and reading
FILE *f;
char filename[FILE_PATH_SIZE];
- if(opt == 'f' && param_getstr(Cmd, 1, filename) > 0)
+ if(opt == 'f' && param_getstr(Cmd, 1, filename, sizeof(filename)) > 0)
{
f = fopen(filename, "rb");
}else{
//Open the tagdump-file
FILE *f;
char filename[FILE_PATH_SIZE];
- if(opt == 'f' && param_getstr(Cmd, 1, filename) > 0) {
+ if(opt == 'f' && param_getstr(Cmd, 1, filename, sizeof(filename)) > 0) {
f = fopen(filename, "rb");
if ( f == NULL ) {
PrintAndLog("Could not find file %s", filename);
case 'c':
case 'C':
have_credit_key = true;
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, CreditKEY, dataLen);
} else if (dataLen == 1) {
break;
case 'f':
case 'F':
- fileNameLen = param_getstr(Cmd, cmdp+1, filename);
+ fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
if (fileNameLen < 1) {
PrintAndLog("No filename found after f");
errors = true;
case 'k':
case 'K':
have_debit_key = true;
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, KEY, dataLen);
} else if (dataLen == 1) {
break;
case 'k':
case 'K':
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, KEY, dataLen);
} else if (dataLen == 1) {
break;
case 'f':
case 'F':
- fileNameLen = param_getstr(Cmd, cmdp+1, filename);
+ fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
if (fileNameLen < 1) {
PrintAndLog("No filename found after f");
errors = true;
break;
case 'k':
case 'K':
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, KEY, dataLen);
} else if (dataLen == 1) {
case 'k':
case 'K':
auth = true;
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, KEY, dataLen);
} else if (dataLen == 1) {
char fileName[255] = {0};
if(opt == 'f')
{
- if(param_getstr(Cmd, 1, fileName) > 0)
+ if(param_getstr(Cmd, 1, fileName, sizeof(fileName)) > 0)
{
return bruteforceFileNoKeys(fileName);
}else
char tempnum[5];
FILE *f;
char filename[FILE_PATH_SIZE];
- if (param_getstr(Cmd, 0, filename) < 1)
+ if (param_getstr(Cmd, 0, filename, sizeof(filename)) < 1)
return usage_hf_iclass_readtagfile();
- if (param_getstr(Cmd,1,(char *)&tempnum) < 1)
+ if (param_getstr(Cmd, 1, tempnum, sizeof(tempnum)) < 1)
startblock = 0;
else
sscanf(tempnum,"%d",&startblock);
- if (param_getstr(Cmd,2,(char *)&tempnum) < 1)
+ if (param_getstr(Cmd,2, tempnum, sizeof(tempnum)) < 1)
endblock = 0;
else
sscanf(tempnum,"%d",&endblock);
return usage_hf_iclass_calc_newkey();
case 'e':
case 'E':
- dataLen = param_getstr(Cmd, cmdp, tempStr);
+ dataLen = param_getstr(Cmd, cmdp, tempStr, sizeof(tempStr));
if (dataLen==2)
oldElite = true;
elite = true;
break;
case 'n':
case 'N':
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, NEWKEY, dataLen);
} else if (dataLen == 1) {
break;
case 'o':
case 'O':
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) {
errors = param_gethex(tempStr, 0, OLDKEY, dataLen);
} else if (dataLen == 1) {
return usage_hf_iclass_managekeys();
case 'f':
case 'F':
- fileNameLen = param_getstr(Cmd, cmdp+1, filename);
+ fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
if (fileNameLen < 1) {
PrintAndLog("No filename found after f");
errors = true;
case 'k':
case 'K':
operation += 3; //set key
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 16) { //ul-c or ev1/ntag key length
errors = param_gethex(tempStr, 0, KEY, dataLen);
} else {
char ctmp3[3] = {0};\r
int len = param_getlength(Cmd, indx);\r
if (len > 0 && len < 4){\r
- param_getstr(Cmd, indx, ctmp3);\r
+ param_getstr(Cmd, indx, ctmp3, sizeof(ctmp3));\r
\r
*paramT |= (ctmp3[0] == 't' || ctmp3[0] == 'T');\r
*paramD |= (ctmp3[0] == 'd' || ctmp3[0] == 'D');\r
// double parameters - ts, ds\r
int clen = param_getlength(Cmd, 2);\r
if (clen == 2 || clen == 3){\r
- param_getstr(Cmd, 2, ctmp3);\r
+ param_getstr(Cmd, 2, ctmp3, sizeof(ctmp3));\r
ctmp = ctmp3[1];\r
}\r
//parse\r
keycnt++;\r
} else {\r
// May be a dic file\r
- if ( param_getstr(Cmd, 2 + i,filename) >= FILE_PATH_SIZE ) {\r
+ if ( param_getstr(Cmd, 2 + i, filename, sizeof(filename)) >= FILE_PATH_SIZE ) {\r
PrintAndLog("File name too long");\r
free(keyBlock);\r
return 2;\r
break;\r
case 'f':\r
case 'F':\r
- len = param_getstr(Cmd, cmdp+1, filename);\r
+ len = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));\r
if (len < 1) {\r
PrintAndLog("error no filename found");\r
return 0;\r
}\r
}\r
\r
- len = param_getstr(Cmd,nameParamNo,filename);\r
+ len = param_getstr(Cmd,nameParamNo,filename,sizeof(filename));\r
\r
if (len > FILE_PATH_SIZE - 5) len = FILE_PATH_SIZE - 5;\r
\r
}\r
}\r
\r
- len = param_getstr(Cmd,nameParamNo,filename);\r
+ len = param_getstr(Cmd,nameParamNo,filename,sizeof(filename));\r
\r
if (len > FILE_PATH_SIZE - 5) len = FILE_PATH_SIZE - 5;\r
\r
}\r
return 0;\r
} else {\r
- param_getstr(Cmd, 0, filename);\r
+ param_getstr(Cmd, 0, filename, sizeof(filename));\r
\r
len = strlen(filename);\r
if (len > FILE_PATH_SIZE - 5) len = FILE_PATH_SIZE - 5;\r
}\r
return 0;\r
} else {\r
- param_getstr(Cmd, 0, filename);\r
+ param_getstr(Cmd, 0, filename, sizeof(filename));\r
\r
len = strlen(filename);\r
if (len > FILE_PATH_SIZE - 5) len = FILE_PATH_SIZE - 5;\r
return usage_hf_mfu_info();
case 'k':
case 'K':
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 32 || dataLen == 8) { //ul-c or ev1/ntag key length
errors = param_gethex(tempStr, 0, authenticationkey, dataLen);
dataLen /= 2; // handled as bytes from now on
return usage_hf_mfu_dump();
case 'k':
case 'K':
- dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr, sizeof(tempStr));
if (dataLen == 32 || dataLen == 8) { //ul-c or ev1/ntag key length
errors = param_gethex(tempStr, 0, authenticationkey, dataLen);
dataLen /= 2;
break;
case 'n':
case 'N':
- fileNlen = param_getstr(Cmd, cmdp+1, filename);
+ fileNlen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename));
if (!fileNlen) errors = true;
if (fileNlen > FILE_PATH_SIZE-5) fileNlen = FILE_PATH_SIZE-5;
cmdp += 2;
cmdp++;
break;
case 'c':
- param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
+ param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes, sizeof(c.d.asBytes));
cmdp+=2;
break;
case 'd':
uint8_t fcHigh=0, fcLow=0, clk=0;
uint8_t invert=0;
bool errors = false;
- char hexData[32] = {0x00}; // store entered hex data
+ char hexData[64] = {0x00}; // store entered hex data
uint8_t data[255] = {0x00};
int dataLen = 0;
uint8_t cmdp = 0;
// cmdp++;
// break;
case 'd':
- dataLen = param_getstr(Cmd, cmdp+1, hexData);
+ dataLen = param_getstr(Cmd, cmdp+1, hexData, sizeof(hexData));
if (dataLen==0) {
errors=true;
} else {
uint8_t encoding = 1, separator = 0;
uint8_t clk=0, invert=0;
bool errors = false;
- char hexData[32] = {0x00};
+ char hexData[64] = {0x00};
uint8_t data[255]= {0x00}; // store entered hex data
int dataLen = 0;
uint8_t cmdp = 0;
cmdp++;
break;
case 'd':
- dataLen = param_getstr(Cmd, cmdp+1, hexData);
+ dataLen = param_getstr(Cmd, cmdp+1, hexData, sizeof(hexData));
if (dataLen==0) {
errors=true;
} else {
uint8_t carrier=0, clk=0;
uint8_t invert=0;
bool errors = false;
- char hexData[32] = {0x00}; // store entered hex data
+ char hexData[64] = {0x00}; // store entered hex data
uint8_t data[255] = {0x00};
int dataLen = 0;
uint8_t cmdp = 0;
cmdp++;
break;
case 'd':
- dataLen = param_getstr(Cmd, cmdp+1, hexData);
+ dataLen = param_getstr(Cmd, cmdp+1, hexData, sizeof(hexData));
if (dataLen==0) {
errors=true;
} else {
delay = param_get32ex(Cmd, 4, 1000, 10);
}
- param_getstr(Cmd, 0, filename);
+ param_getstr(Cmd, 0, filename, sizeof(filename));
uidBlock = calloc(stUidBlock, 5);
if (uidBlock == NULL) return 1;
case 'D':
case 'd':
//param get string int param_getstr(const char *line, int paramnum, char * str)
- stringlen = param_getstr(Cmd, cmdp+1, id);
+ stringlen = param_getstr(Cmd, cmdp+1, id, sizeof(id));
if (stringlen < 2) return -1;
cmdp+=2;
break;
cmdp+=2;\r
break;\r
case 'd':\r
- param_getstr(Cmd, cmdp+1, modulation);\r
+ param_getstr(Cmd, cmdp+1, modulation, sizeof(modulation));\r
cmdp += 2;\r
\r
if ( strcmp(modulation, "FSK" ) == 0) {\r
return 0;
}
-int param_getstr(const char *line, int paramnum, char * str)
+int param_getstr(const char *line, int paramnum, char * str, size_t buffersize)
{
int bg, en;
- if (param_getptr(line, &bg, &en, paramnum)) return 0;
+ if (param_getptr(line, &bg, &en, paramnum)) {
+ return 0;
+ }
+
+ // Prevent out of bounds errors
+ if (en - bg + 1 >= buffersize) {
+ printf("out of bounds error: want %lu bytes have %lu bytes\n", en - bg + 1 + 1, buffersize);
+ return 0;
+ }
memcpy(str, line + bg, en - bg + 1);
str[en - bg + 1] = 0;
int hextobinarray(char *target, char *source)
{
int length, i, count= 0;
+ char* start = source;
char x;
length = strlen(source);
x -= '0';
else if (x >= 'A' && x <= 'F')
x -= 'A' - 10;
- else
+ else {
+ printf("Discovered unknown character %c %d at idx %d of %s\n", x, x, source - start, start);
return 0;
+ }
// output
for(i= 0 ; i < 4 ; ++i, ++count)
*(target++)= (x >> (3 - i)) & 1;
extern int param_gethex(const char *line, int paramnum, uint8_t * data, int hexcnt);
extern int param_gethex_ex(const char *line, int paramnum, uint8_t * data, int *hexcnt);
extern int param_gethex_to_eol(const char *line, int paramnum, uint8_t * data, int maxdatalen, int *datalen);
-extern int param_getstr(const char *line, int paramnum, char * str);
+extern int param_getstr(const char *line, int paramnum, char * str, size_t buffersize);
extern int hextobinarray( char *target, char *source);
extern int hextobinstring( char *target, char *source);
projects / proxmark3-svn / commitdiff