From 97d582a69235c88c8f30a88193769dbddb74e9b1 Mon Sep 17 00:00:00 2001
From: Martin Holst Swende <martin@swende.se>
Date: Mon, 27 Oct 2014 22:33:37 +0100
Subject: [PATCH] More coverity findings
---
client/cmdhfmf.c | 86 +++++++++++-------------------------------
client/cmdlfhitag.c | 23 ++++-------
client/loclass/ikeys.c | 10 +++--
client/mifarehost.c | 26 ++++---------
4 files changed, 46 insertions(+), 99 deletions(-)
diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c
index 4b591f0f..80d93a46 100644
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@@ -343,10 +343,6 @@ int CmdHF14AMfURdCard(const char *Cmd)
uint8_t isOK = 0;
uint8_t * data = NULL;
- if (sectorNo > 15) {
- PrintAndLog("Sector number must be less than 16");
- return 1;
- }
PrintAndLog("Attempting to Read Ultralight... ");
UsbCommand c = {CMD_MIFAREU_READCARD, {sectorNo}};
@@ -359,64 +355,24 @@ int CmdHF14AMfURdCard(const char *Cmd)
PrintAndLog("isOk:%02x", isOK);
if (isOK)
- for (i = 0; i < 16; i++) {
- switch(i){
- case 2:
- //process lock bytes
- lockbytes_t=data+(i*4);
- lockbytes[0]=lockbytes_t[2];
- lockbytes[1]=lockbytes_t[3];
- for(int j=0; j<16; j++){
- bit[j]=lockbytes[j/8] & ( 1 <<(7-j%8));
- }
- //PrintAndLog("LB %02x %02x", lockbytes[0],lockbytes[1]);
- //PrintAndLog("LB2b %02x %02x %02x %02x %02x %02x %02x %02x",bit[8],bit[9],bit[10],bit[11],bit[12],bit[13],bit[14],bit[15]);
- PrintAndLog("Block %3d:%s ", i,sprint_hex(data + i * 4, 4));
- break;
- case 3:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[4]);
- break;
- case 4:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[3]);
- break;
- case 5:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[2]);
- break;
- case 6:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[1]);
- break;
- case 7:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[0]);
- break;
- case 8:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[15]);
- break;
- case 9:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[14]);
- break;
- case 10:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[13]);
- break;
- case 11:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[12]);
- break;
- case 12:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[11]);
- break;
- case 13:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[10]);
- break;
- case 14:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[9]);
- break;
- case 15:
- PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[8]);
- break;
- default:
- PrintAndLog("Block %3d:%s ", i,sprint_hex(data + i * 4, 4));
- break;
+ { // bit 0 and 1
+ PrintAndLog("Block %3d:%s ", 0,sprint_hex(data + 0 * 4, 4));
+ PrintAndLog("Block %3d:%s ", 1,sprint_hex(data + 1 * 4, 4));
+ // bit 2
+ //process lock bytes
+ lockbytes_t=data+(2*4);
+ lockbytes[0]=lockbytes_t[2];
+ lockbytes[1]=lockbytes_t[3];
+ for(int j=0; j<16; j++){
+ bit[j]=lockbytes[j/8] & ( 1 <<(7-j%8));
}
- }
+ //remaining
+ for (i = 3; i < 16; i++) {
+ int bitnum = (23-i) % 16;
+ PrintAndLog("Block %3d:%s [%d]", i,sprint_hex(data + i * 4, 4),bit[bitnum]);
+ }
+
+ }
} else {
PrintAndLog("Command execute timeout");
}
@@ -546,6 +502,7 @@ int CmdHF14AMfDump(const char *Cmd)
for (sectorNo=0; sectorNo<numSectors; sectorNo++) {
if (fread( keyA[sectorNo], 1, 6, fin ) == 0) {
PrintAndLog("File reading error.");
+ fclose(fin);
return 2;
}
}
@@ -553,10 +510,11 @@ int CmdHF14AMfDump(const char *Cmd)
for (sectorNo=0; sectorNo<numSectors; sectorNo++) {
if (fread( keyB[sectorNo], 1, 6, fin ) == 0) {
PrintAndLog("File reading error.");
+ fclose(fin);
return 2;
}
}
-
+ fclose(fin);
// Read access rights to sectors
PrintAndLog("|-----------------------------------------|");
@@ -666,7 +624,6 @@ int CmdHF14AMfDump(const char *Cmd)
PrintAndLog("Dumped %d blocks (%d bytes) to file dumpdata.bin", numblocks, 16*numblocks);
}
- fclose(fin);
return 0;
}
@@ -1432,12 +1389,14 @@ int CmdHF14AMfELoad(const char *Cmd)
break;
}
PrintAndLog("File reading error.");
+ fclose(f);
return 2;
}
if (strlen(buf) < 32){
if(strlen(buf) && feof(f))
break;
PrintAndLog("File content error. Block data must include 32 HEX symbols");
+ fclose(f);
return 2;
}
for (i = 0; i < 32; i += 2) {
@@ -1446,6 +1405,7 @@ int CmdHF14AMfELoad(const char *Cmd)
}
if (mfEmlSetMem(buf8, blockNum, 1)) {
PrintAndLog("Cant set emul block: %3d", blockNum);
+ fclose(f);
return 3;
}
blockNum++;
diff --git a/client/cmdlfhitag.c b/client/cmdlfhitag.c
index 13f075f7..32d38aeb 100644
--- a/client/cmdlfhitag.c
+++ b/client/cmdlfhitag.c
@@ -41,9 +41,6 @@ int CmdLFHitagList(const char *Cmd)
int i = 0;
int prev = -1;
- char filename[256];
- FILE* pf = NULL;
-
for (;;) {
if(i >= 1900) {
break;
@@ -107,23 +104,19 @@ int CmdLFHitagList(const char *Cmd)
line);
- if (pf) {
- fprintf(pf," +%7d: %3d: %s %s\n",
- (prev < 0 ? 0 : (timestamp - prev)),
- bits,
- (isResponse ? "TAG" : " "),
- line);
- }
+// if (pf) {
+// fprintf(pf," +%7d: %3d: %s %s\n",
+// (prev < 0 ? 0 : (timestamp - prev)),
+// bits,
+// (isResponse ? "TAG" : " "),
+// line);
+// }
prev = timestamp;
i += (len + 9);
}
- if (pf) {
- PrintAndLog("Recorded activity succesfully written to file: %s", filename);
- fclose(pf);
- }
-
+
return 0;
}
diff --git a/client/loclass/ikeys.c b/client/loclass/ikeys.c
index cd2b72ee..4749181e 100644
--- a/client/loclass/ikeys.c
+++ b/client/loclass/ikeys.c
@@ -727,13 +727,17 @@ int readKeyFile(uint8_t key[8])
{
FILE *f;
-
+ int retval = 1;
f = fopen("iclass_key.bin", "rb");
if (f)
{
- if(fread(key, sizeof(key), 1, f) == 1) return 0;
+ if(fread(key, sizeof(uint8_t), 8, f) == 1)
+ {
+ retval = 0;
+ }
+ fclose(f);
}
- return 1;
+ return retval;
}
diff --git a/client/mifarehost.c b/client/mifarehost.c
index 7633def3..72e70662 100644
--- a/client/mifarehost.c
+++ b/client/mifarehost.c
@@ -497,7 +497,7 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
break;
case TRACE_WRITE_OK:
- if ((len == 1) && (data[0] = 0x0a)) {
+ if ((len == 1) && (data[0] == 0x0a)) {
traceState = TRACE_WRITE_DATA;
return 0;
@@ -555,23 +555,13 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
at_par = parity;
// decode key here)
- if (!traceCrypto1) {
- ks2 = ar_enc ^ prng_successor(nt, 64);
- ks3 = at_enc ^ prng_successor(nt, 96);
- revstate = lfsr_recovery64(ks2, ks3);
- lfsr_rollback_word(revstate, 0, 0);
- lfsr_rollback_word(revstate, 0, 0);
- lfsr_rollback_word(revstate, nr_enc, 1);
- lfsr_rollback_word(revstate, uid ^ nt, 0);
- }else{
- ks2 = ar_enc ^ prng_successor(nt, 64);
- ks3 = at_enc ^ prng_successor(nt, 96);
- revstate = lfsr_recovery64(ks2, ks3);
- lfsr_rollback_word(revstate, 0, 0);
- lfsr_rollback_word(revstate, 0, 0);
- lfsr_rollback_word(revstate, nr_enc, 1);
- lfsr_rollback_word(revstate, uid ^ nt, 0);
- }
+ ks2 = ar_enc ^ prng_successor(nt, 64);
+ ks3 = at_enc ^ prng_successor(nt, 96);
+ revstate = lfsr_recovery64(ks2, ks3);
+ lfsr_rollback_word(revstate, 0, 0);
+ lfsr_rollback_word(revstate, 0, 0);
+ lfsr_rollback_word(revstate, nr_enc, 1);
+ lfsr_rollback_word(revstate, uid ^ nt, 0);
crypto1_get_lfsr(revstate, &lfsr);
printf("key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF));
AddLogUint64(logHexFileName, "key> ", lfsr);
--
2.39.5