X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/e719470c461e38fb3ad99416d06fa1b5b19ff357..01629305d89515f93a6242c945eb6663db0a6060:/client/cmdhflegic.c

diff --git a/client/cmdhflegic.c b/client/cmdhflegic.c
index 731cead1..4ad60e3b 100644
--- a/client/cmdhflegic.c
+++ b/client/cmdhflegic.c
@@ -570,20 +570,42 @@ int CmdLegicCalcCrc8(const char *Cmd){
 	uint8_t cmdp = 0, uidcrc = 0, type=0;
 	bool errors = false;
 	int len = 0;
+	int bg, en;
 	
 	while(param_getchar(Cmd, cmdp) != 0x00) {
 		switch(param_getchar(Cmd, cmdp)) {
 		case 'b':
 		case 'B':
-			data = malloc(len);
+			// peek at length of the input string so we can
+			// figure out how many elements to malloc in "data"
+			bg=en=0;
+			if (param_getptr(Cmd, &bg, &en, cmdp+1)) {
+				errors = true;
+				break;
+			}
+			len = (en - bg + 1);
+
+			// check that user entered even number of characters
+			// for hex data string
+			if (len & 1) {
+				errors = true;
+				break;
+			}
+
+			// it's possible for user to accidentally enter "b" parameter
+			// more than once - we have to clean previous malloc
+			if (data) free(data);
+			data = malloc(len >> 1);
 			if ( data == NULL ) {
 				PrintAndLog("Can't allocate memory. exiting");
 				errors = true;
 				break;
-			}			
-			param_gethex_ex(Cmd, cmdp+1, data, &len);
-			// if odd symbols, (hexbyte must be two symbols)
-			if ( len & 1 ) errors = true;
+			}
+			
+			if (param_gethex(Cmd, cmdp+1, data, len)) {
+				errors = true;
+				break;
+			}
 
 			len >>= 1;	
 			cmdp += 2;