]> git.zerfleddert.de Git - proxmark3-svn/commitdiff
Merge pull request #162 from marshmellow42/CoverityFixes
authorMartin Holst Swende <martin@swende.se>
Mon, 15 Feb 2016 17:43:25 +0000 (18:43 +0100)
committerMartin Holst Swende <martin@swende.se>
Mon, 15 Feb 2016 17:43:25 +0000 (18:43 +0100)
Coverity fixes - mainly from @iceman1001 s fork

1  2 
client/cmdhficlass.c

diff --combined client/cmdhficlass.c
index 12a7141ef0f2aba895a9c1b71c5946faa73aa767,134ca21e07d8424130f5ef5ee6ea1a592a08527f..309880d2bf77b72fb8a129b6de8c68dd03611e3f
@@@ -33,8 -33,6 +33,6 @@@
  #include "usb_cmd.h"
  #include "cmdhfmfu.h"
  
- #define llX PRIx64
  static int CmdHelp(const char *Cmd);
  
  #define ICLASS_KEYS_MAX 8
@@@ -283,8 -281,13 +281,13 @@@ int CmdHFiClassELoad(const char *Cmd) 
        long fsize = ftell(f);
        fseek(f, 0, SEEK_SET);
  
-       uint8_t *dump = malloc(fsize);
+       if (fsize < 0) {
+               PrintAndLog("Error, when getting filesize");
+               fclose(f);
+               return 1;
+       }
  
+       uint8_t *dump = malloc(fsize);
  
        size_t bytes_read = fread(dump, 1, fsize, f);
        fclose(f);
@@@ -368,10 -371,13 +371,13 @@@ int CmdHFiClassDecrypt(const char *Cmd
        //Open the tagdump-file
        FILE *f;
        char filename[FILE_PATH_SIZE];
-       if(opt == 'f' && param_getstr(Cmd, 1, filename) > 0)
-       {
+       if(opt == 'f' && param_getstr(Cmd, 1, filename) > 0) {
                f = fopen(filename, "rb");
-       }else{
+               if ( f == NULL ) {
+                       PrintAndLog("Could not find file %s", filename);
+                       return 1;
+               }
+       } else {
                return usage_hf_iclass_decrypt();
        }
  
@@@ -591,7 -597,7 +597,7 @@@ int CmdHFiClassReader_Dump(const char *
                                errors = param_gethex(tempStr, 0, CreditKEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(CreditKEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
                                errors = param_gethex(tempStr, 0, KEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(KEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
@@@ -884,7 -890,7 +890,7 @@@ int CmdHFiClass_WriteBlock(const char *
                                errors = param_gethex(tempStr, 0, KEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(KEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
@@@ -933,7 -939,7 +939,7 @@@ int usage_hf_iclass_clone(void) 
  }
  
  int CmdHFiClassCloneTag(const char *Cmd) {
-       char filename[FILE_PATH_SIZE];
+       char filename[FILE_PATH_SIZE] = {0};
        char tempStr[50]={0};
        uint8_t KEY[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
        uint8_t keyNbr = 0;
                                errors = param_gethex(tempStr, 0, KEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(KEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
  
        if (startblock<5) {
                PrintAndLog("You cannot write key blocks this way. yet... make your start block > 4");
+               fclose(f);
                return 0;
        }
        // now read data from the file from block 6 --- 19
        // else we have to create a share memory
        int i;
        fseek(f,startblock*8,SEEK_SET);
-       fread(tag_data,sizeof(iclass_block_t),endblock - startblock + 1,f);
+       if ( fread(tag_data,sizeof(iclass_block_t),endblock - startblock + 1,f) == 0 ) {
+               PrintAndLog("File reading error.");
+               fclose(f);
+               return 2;
+       }
  
        uint8_t MAC[4]={0x00,0x00,0x00,0x00};
        uint8_t div_key[8]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
@@@ -1168,7 -1179,7 +1179,7 @@@ int CmdHFiClass_ReadBlock(const char *C
                                errors = param_gethex(tempStr, 0, KEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(KEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
@@@ -1209,7 -1220,7 +1220,7 @@@ int CmdHFiClass_loclass(const char *Cmd
                PrintAndLog("f <filename>  Bruteforce iclass dumpfile");
                PrintAndLog("                   An iclass dumpfile is assumed to consist of an arbitrary number of");
                PrintAndLog("                   malicious CSNs, and their protocol responses");
 -              PrintAndLog("                   The the binary format of the file is expected to be as follows: ");
 +              PrintAndLog("                   The binary format of the file is expected to be as follows: ");
                PrintAndLog("                   <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
                PrintAndLog("                   <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
                PrintAndLog("                   <8 byte CSN><8 byte CC><4 byte NR><4 byte MAC>");
@@@ -1305,8 -1316,13 +1316,13 @@@ int CmdHFiClassReadTagFile(const char *
        long fsize = ftell(f);
        fseek(f, 0, SEEK_SET);
  
-       uint8_t *dump = malloc(fsize);
+       if ( fsize < 0 ) {
+               PrintAndLog("Error, when getting filesize");
+               fclose(f);
+               return 1;
+       }
  
+       uint8_t *dump = malloc(fsize);
  
        size_t bytes_read = fread(dump, 1, fsize, f);
        fclose(f);
@@@ -1332,7 -1348,7 +1348,7 @@@ uint64_t hexarray_to_uint64(uint8_t *ke
        for (int i = 0;i < 8;i++)
                sprintf(&temp[(i *2)],"%02X",key[i]);
        temp[16] = '\0';
-       if (sscanf(temp,"%016"llX,&uint_key) < 1)
+       if (sscanf(temp,"%016"llx,&uint_key) < 1)
                return 0;
        return uint_key;
  }
@@@ -1431,7 -1447,7 +1447,7 @@@ int CmdHFiClassCalcNewKey(const char *C
                                errors = param_gethex(tempStr, 0, NEWKEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(NEWKEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: NewKey Nbr is invalid\n");
                                errors = param_gethex(tempStr, 0, OLDKEY, dataLen);
                        } else if (dataLen == 1) {
                                keyNbr = param_get8(Cmd, cmdp+1);
-                               if (keyNbr <= ICLASS_KEYS_MAX) {
+                               if (keyNbr < ICLASS_KEYS_MAX) {
                                        memcpy(OLDKEY, iClass_Key_Table[keyNbr], 8);
                                } else {
                                        PrintAndLog("\nERROR: Credit KeyNbr is invalid\n");
@@@ -1498,6 -1514,12 +1514,12 @@@ static int loadKeys(char *filename) 
        long fsize = ftell(f);
        fseek(f, 0, SEEK_SET);
  
+       if ( fsize < 0 ) {
+               PrintAndLog("Error, when getting filesize");
+               fclose(f);
+               return 1;
+       }
        uint8_t *dump = malloc(fsize);
  
        size_t bytes_read = fread(dump, 1, fsize, f);
@@@ -1590,8 -1612,8 +1612,8 @@@ int CmdHFiClassManageKeys(const char *C
                case 'n':
                case 'N':
                        keyNbr = param_get8(Cmd, cmdp+1);
-                       if (keyNbr < 0) {
-                               PrintAndLog("Wrong block number");
+                       if (keyNbr >= ICLASS_KEYS_MAX) {
+                               PrintAndLog("Invalid block number");
                                errors = true;
                        }
                        cmdp += 2;
Impressum, Datenschutz