]> cvs.zerfleddert.de Git - proxmark3-svn/blob - client/util.c
fix memory overflow in hf mf nested (issue #479)
[proxmark3-svn] / client / util.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // utilities
9 //-----------------------------------------------------------------------------
10
11 #include "util.h"
12
13 #include <stdint.h>
14 #include <string.h>
15 #include <ctype.h>
16 #include <stdlib.h>
17 #include <stdio.h>
18 #include <time.h>
19 #include "data.h"
20
21 #ifdef _WIN32
22 #include <windows.h>
23 #endif
24
25 #define MAX_BIN_BREAK_LENGTH (3072+384+1)
26
27 #ifndef _WIN32
28 #include <termios.h>
29 #include <sys/ioctl.h>
30 #include <unistd.h>
31
32 int ukbhit(void)
33 {
34 int cnt = 0;
35 int error;
36 static struct termios Otty, Ntty;
37
38 if ( tcgetattr(STDIN_FILENO, &Otty) == -1 ) return -1;
39 Ntty = Otty;
40
41 Ntty.c_iflag = 0x0000; // input mode
42 Ntty.c_oflag = 0x0000; // output mode
43 Ntty.c_lflag &= ~ICANON; // control mode = raw
44 Ntty.c_cc[VMIN] = 1; // return if at least 1 character is in the queue
45 Ntty.c_cc[VTIME] = 0; // no timeout. Wait forever
46
47 if (0 == (error = tcsetattr(STDIN_FILENO, TCSANOW, &Ntty))) { // set new attributes
48 error += ioctl(STDIN_FILENO, FIONREAD, &cnt); // get number of characters availabe
49 error += tcsetattr(STDIN_FILENO, TCSANOW, &Otty); // reset attributes
50 }
51
52 return ( error == 0 ? cnt : -1 );
53 }
54
55 #else
56
57 #include <conio.h>
58 int ukbhit(void) {
59 return kbhit();
60 }
61 #endif
62
63 // log files functions
64 void AddLogLine(char *file, char *extData, char *c) {
65 FILE *fLog = NULL;
66 char filename[FILE_PATH_SIZE] = {0x00};
67 int len = 0;
68
69 len = strlen(file);
70 if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
71 memcpy(filename, file, len);
72
73 fLog = fopen(filename, "a");
74 if (!fLog) {
75 printf("Could not append log file %s", filename);
76 return;
77 }
78
79 fprintf(fLog, "%s", extData);
80 fprintf(fLog, "%s\n", c);
81 fclose(fLog);
82 }
83
84 void AddLogHex(char *fileName, char *extData, const uint8_t * data, const size_t len){
85 AddLogLine(fileName, extData, sprint_hex(data, len));
86 }
87
88 void AddLogUint64(char *fileName, char *extData, const uint64_t data) {
89 char buf[100] = {0};
90 sprintf(buf, "%x%x", (unsigned int)((data & 0xFFFFFFFF00000000) >> 32), (unsigned int)(data & 0xFFFFFFFF));
91 AddLogLine(fileName, extData, buf);
92 }
93
94 void AddLogCurrentDT(char *fileName) {
95 char buff[20];
96 struct tm *curTime;
97
98 time_t now = time(0);
99 curTime = gmtime(&now);
100
101 strftime (buff, sizeof(buff), "%Y-%m-%d %H:%M:%S", curTime);
102 AddLogLine(fileName, "\nanticollision: ", buff);
103 }
104
105 void FillFileNameByUID(char *fileName, uint8_t * uid, char *ext, int byteCount) {
106 char * fnameptr = fileName;
107 memset(fileName, 0x00, 200);
108
109 for (int j = 0; j < byteCount; j++, fnameptr += 2)
110 sprintf(fnameptr, "%02x", (unsigned int) uid[j]);
111 sprintf(fnameptr, "%s", ext);
112 }
113
114 // printing and converting functions
115
116 void print_hex(const uint8_t * data, const size_t len)
117 {
118 size_t i;
119
120 for (i=0; i < len; i++)
121 printf("%02x ", data[i]);
122
123 printf("\n");
124 }
125
126 void print_hex_break(const uint8_t *data, const size_t len, uint8_t breaks) {
127
128 int rownum = 0;
129 printf("[%02d] | ", rownum);
130 for (int i = 0; i < len; ++i) {
131
132 printf("%02X ", data[i]);
133
134 // check if a line break is needed
135 if ( breaks > 0 && !((i+1) % breaks) && (i+1 < len) ) {
136 ++rownum;
137 printf("\n[%02d] | ", rownum);
138 }
139 }
140 printf("\n");
141 }
142
143 char *sprint_hex(const uint8_t *data, const size_t len) {
144
145 int maxLen = ( len > 1024/3) ? 1024/3 : len;
146 static char buf[1024];
147 memset(buf, 0x00, 1024);
148 char *tmp = buf;
149 size_t i;
150
151 for (i=0; i < maxLen; ++i, tmp += 3)
152 sprintf(tmp, "%02x ", (unsigned int) data[i]);
153
154 return buf;
155 }
156
157 char *sprint_bin_break(const uint8_t *data, const size_t len, const uint8_t breaks) {
158 // make sure we don't go beyond our char array memory
159 int max_len;
160 if (breaks==0)
161 max_len = ( len > MAX_BIN_BREAK_LENGTH ) ? MAX_BIN_BREAK_LENGTH : len;
162 else
163 max_len = ( len+(len/breaks) > MAX_BIN_BREAK_LENGTH ) ? MAX_BIN_BREAK_LENGTH : len+(len/breaks);
164
165 static char buf[MAX_BIN_BREAK_LENGTH]; // 3072 + end of line characters if broken at 8 bits
166 //clear memory
167 memset(buf, 0x00, sizeof(buf));
168 char *tmp = buf;
169
170 size_t in_index = 0;
171 // loop through the out_index to make sure we don't go too far
172 for (size_t out_index=0; out_index < max_len; out_index++) {
173 // set character - (should be binary but verify it isn't more than 1 digit)
174 if (data[in_index]<10)
175 sprintf(tmp++, "%u", (unsigned int) data[in_index]);
176 // check if a line break is needed and we have room to print it in our array
177 if ( (breaks > 0) && !((in_index+1) % breaks) && (out_index+1 < max_len) ) {
178 // increment and print line break
179 out_index++;
180 sprintf(tmp++, "%s","\n");
181 }
182 in_index++;
183 }
184
185 return buf;
186 }
187
188 char *sprint_bin(const uint8_t *data, const size_t len) {
189 return sprint_bin_break(data, len, 0);
190 }
191
192 char *sprint_hex_ascii(const uint8_t *data, const size_t len) {
193 static char buf[1024];
194 char *tmp = buf;
195 memset(buf, 0x00, 1024);
196 size_t max_len = (len > 255) ? 255 : len;
197 // max 255 bytes * 3 + 2 characters = 767 in buffer
198 sprintf(tmp, "%s| ", sprint_hex(data, max_len) );
199
200 size_t i = 0;
201 size_t pos = (max_len * 3)+2;
202 // add another 255 characters ascii = 1020 characters of buffer used
203 while(i < max_len) {
204 char c = data[i];
205 if ( (c < 32) || (c == 127))
206 c = '.';
207 sprintf(tmp+pos+i, "%c", c);
208 ++i;
209 }
210 return buf;
211 }
212
213 char *sprint_ascii(const uint8_t *data, const size_t len) {
214 static char buf[1024];
215 char *tmp = buf;
216 memset(buf, 0x00, 1024);
217 size_t max_len = (len > 1010) ? 1010 : len;
218 size_t i = 0;
219 while(i < max_len){
220 char c = data[i];
221 tmp[i] = ((c < 32) || (c == 127)) ? '.' : c;
222 ++i;
223 }
224 return buf;
225 }
226
227 void num_to_bytes(uint64_t n, size_t len, uint8_t* dest)
228 {
229 while (len--) {
230 dest[len] = (uint8_t) n;
231 n >>= 8;
232 }
233 }
234
235 uint64_t bytes_to_num(uint8_t* src, size_t len)
236 {
237 uint64_t num = 0;
238 while (len--)
239 {
240 num = (num << 8) | (*src);
241 src++;
242 }
243 return num;
244 }
245
246 void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest) {
247 while (len--) {
248 dest[len] = n & 1;
249 n >>= 1;
250 }
251 }
252
253 //least significant bit first
254 void num_to_bytebitsLSBF(uint64_t n, size_t len, uint8_t *dest) {
255 for(int i = 0 ; i < len ; ++i) {
256 dest[i] = n & 1;
257 n >>= 1;
258 }
259 }
260
261 // Swap bit order on a uint32_t value. Can be limited by nrbits just use say 8bits reversal
262 // And clears the rest of the bits.
263 uint32_t SwapBits(uint32_t value, int nrbits) {
264 uint32_t newvalue = 0;
265 for(int i = 0; i < nrbits; i++) {
266 newvalue ^= ((value >> i) & 1) << (nrbits - 1 - i);
267 }
268 return newvalue;
269 }
270
271 // aa,bb,cc,dd,ee,ff,gg,hh, ii,jj,kk,ll,mm,nn,oo,pp
272 // to
273 // hh,gg,ff,ee,dd,cc,bb,aa, pp,oo,nn,mm,ll,kk,jj,ii
274 // up to 64 bytes or 512 bits
275 uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize){
276 static uint8_t buf[64];
277 memset(buf, 0x00, 64);
278 uint8_t *tmp = buf;
279 for (uint8_t block=0; block < (uint8_t)(len/blockSize); block++){
280 for (size_t i = 0; i < blockSize; i++){
281 tmp[i+(blockSize*block)] = src[(blockSize-1-i)+(blockSize*block)];
282 }
283 }
284 return tmp;
285 }
286
287 // takes a uint8_t src array, for len items and reverses the byte order in blocksizes (8,16,32,64),
288 // returns: the dest array contains the reordered src array.
289 void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest){
290 for (uint8_t block=0; block < (uint8_t)(len/blockSize); block++){
291 for (size_t i = 0; i < blockSize; i++){
292 dest[i+(blockSize*block)] = src[(blockSize-1-i)+(blockSize*block)];
293 }
294 }
295 }
296
297 //assumes little endian
298 char * printBits(size_t const size, void const * const ptr)
299 {
300 unsigned char *b = (unsigned char*) ptr;
301 unsigned char byte;
302 static char buf[1024];
303 char * tmp = buf;
304 int i, j;
305
306 for (i=size-1;i>=0;i--)
307 {
308 for (j=7;j>=0;j--)
309 {
310 byte = b[i] & (1<<j);
311 byte >>= j;
312 sprintf(tmp, "%u", (unsigned int)byte);
313 tmp++;
314 }
315 }
316 return buf;
317 }
318
319 // -------------------------------------------------------------------------
320 // string parameters lib
321 // -------------------------------------------------------------------------
322
323 // -------------------------------------------------------------------------
324 // line - param line
325 // bg, en - symbol numbers in param line of beginning and ending parameter
326 // paramnum - param number (from 0)
327 // -------------------------------------------------------------------------
328 int param_getptr(const char *line, int *bg, int *en, int paramnum)
329 {
330 int i;
331 int len = strlen(line);
332
333 *bg = 0;
334 *en = 0;
335
336 // skip spaces
337 while (line[*bg] ==' ' || line[*bg]=='\t') (*bg)++;
338 if (*bg >= len) {
339 return 1;
340 }
341
342 for (i = 0; i < paramnum; i++) {
343 while (line[*bg]!=' ' && line[*bg]!='\t' && line[*bg] != '\0') (*bg)++;
344 while (line[*bg]==' ' || line[*bg]=='\t') (*bg)++;
345
346 if (line[*bg] == '\0') return 1;
347 }
348
349 *en = *bg;
350 while (line[*en] != ' ' && line[*en] != '\t' && line[*en] != '\0') (*en)++;
351
352 (*en)--;
353
354 return 0;
355 }
356
357
358 int param_getlength(const char *line, int paramnum)
359 {
360 int bg, en;
361
362 if (param_getptr(line, &bg, &en, paramnum)) return 0;
363
364 return en - bg + 1;
365 }
366
367 char param_getchar(const char *line, int paramnum) {
368 return param_getchar_indx(line, 0, paramnum);
369 }
370
371 char param_getchar_indx(const char *line, int indx, int paramnum) {
372 int bg, en;
373
374 if (param_getptr(line, &bg, &en, paramnum)) return 0x00;
375
376 if (bg + indx > en)
377 return '\0';
378
379 return line[bg + indx];
380 }
381
382 uint8_t param_get8(const char *line, int paramnum)
383 {
384 return param_get8ex(line, paramnum, 0, 10);
385 }
386
387 /**
388 * @brief Reads a decimal integer (actually, 0-254, not 255)
389 * @param line
390 * @param paramnum
391 * @return -1 if error
392 */
393 uint8_t param_getdec(const char *line, int paramnum, uint8_t *destination)
394 {
395 uint8_t val = param_get8ex(line, paramnum, 255, 10);
396 if( (int8_t) val == -1) return 1;
397 (*destination) = val;
398 return 0;
399 }
400 /**
401 * @brief Checks if param is decimal
402 * @param line
403 * @param paramnum
404 * @return
405 */
406 uint8_t param_isdec(const char *line, int paramnum)
407 {
408 int bg, en;
409 //TODO, check more thorougly
410 if (!param_getptr(line, &bg, &en, paramnum)) return 1;
411 // return strtoul(&line[bg], NULL, 10) & 0xff;
412
413 return 0;
414 }
415
416 uint8_t param_get8ex(const char *line, int paramnum, int deflt, int base)
417 {
418 int bg, en;
419
420 if (!param_getptr(line, &bg, &en, paramnum))
421 return strtoul(&line[bg], NULL, base) & 0xff;
422 else
423 return deflt;
424 }
425
426 uint32_t param_get32ex(const char *line, int paramnum, int deflt, int base)
427 {
428 int bg, en;
429
430 if (!param_getptr(line, &bg, &en, paramnum))
431 return strtoul(&line[bg], NULL, base);
432 else
433 return deflt;
434 }
435
436 uint64_t param_get64ex(const char *line, int paramnum, int deflt, int base)
437 {
438 int bg, en;
439
440 if (!param_getptr(line, &bg, &en, paramnum))
441 return strtoull(&line[bg], NULL, base);
442 else
443 return deflt;
444 }
445
446 int param_gethex(const char *line, int paramnum, uint8_t * data, int hexcnt)
447 {
448 int bg, en, temp, i;
449
450 if (hexcnt % 2)
451 return 1;
452
453 if (param_getptr(line, &bg, &en, paramnum)) return 1;
454
455 if (en - bg + 1 != hexcnt)
456 return 1;
457
458 for(i = 0; i < hexcnt; i += 2) {
459 if (!(isxdigit(line[bg + i]) && isxdigit(line[bg + i + 1])) ) return 1;
460
461 sscanf((char[]){line[bg + i], line[bg + i + 1], 0}, "%X", &temp);
462 data[i / 2] = temp & 0xff;
463 }
464
465 return 0;
466 }
467 int param_gethex_ex(const char *line, int paramnum, uint8_t * data, int *hexcnt)
468 {
469 int bg, en, temp, i;
470
471 //if (hexcnt % 2)
472 // return 1;
473
474 if (param_getptr(line, &bg, &en, paramnum)) return 1;
475
476 *hexcnt = en - bg + 1;
477 if (*hexcnt % 2) //error if not complete hex bytes
478 return 1;
479
480 for(i = 0; i < *hexcnt; i += 2) {
481 if (!(isxdigit(line[bg + i]) && isxdigit(line[bg + i + 1])) ) return 1;
482
483 sscanf((char[]){line[bg + i], line[bg + i + 1], 0}, "%X", &temp);
484 data[i / 2] = temp & 0xff;
485 }
486
487 return 0;
488 }
489
490 int param_gethex_to_eol(const char *line, int paramnum, uint8_t * data, int maxdatalen, int *datalen) {
491 int bg, en;
492 uint32_t temp;
493 char buf[5] = {0};
494
495 if (param_getptr(line, &bg, &en, paramnum)) return 1;
496
497 *datalen = 0;
498
499 int indx = bg;
500 while (line[indx]) {
501 if (line[indx] == '\t' || line[indx] == ' ')
502 continue;
503
504 if (isxdigit(line[indx])) {
505 buf[strlen(buf) + 1] = 0x00;
506 buf[strlen(buf)] = line[indx];
507 } else {
508 // if we have symbols other than spaces and hex
509 return 1;
510 }
511
512 if (*datalen >= maxdatalen) {
513 // if we dont have space in buffer and have symbols to translate
514 return 2;
515 }
516
517 if (strlen(buf) >= 2) {
518 sscanf(buf, "%x", &temp);
519 data[*datalen] = (uint8_t)(temp & 0xff);
520 *buf = 0;
521 (*datalen)++;
522 }
523
524 indx++;
525 }
526
527 if (strlen(buf) > 0)
528 //error when not completed hex bytes
529 return 3;
530
531 return 0;
532 }
533
534 int param_getstr(const char *line, int paramnum, char * str, size_t buffersize)
535 {
536 int bg, en;
537
538 if (param_getptr(line, &bg, &en, paramnum)) {
539 return 0;
540 }
541
542 // Prevent out of bounds errors
543 if (en - bg + 1 >= buffersize) {
544 printf("out of bounds error: want %lu bytes have %lu bytes\n", en - bg + 1 + 1, buffersize);
545 return 0;
546 }
547
548 memcpy(str, line + bg, en - bg + 1);
549 str[en - bg + 1] = 0;
550
551 return en - bg + 1;
552 }
553
554 /*
555 The following methods comes from Rfidler sourcecode.
556 https://github.com/ApertureLabsLtd/RFIDler/blob/master/firmware/Pic32/RFIDler.X/src/
557 */
558
559 // convert hex to sequence of 0/1 bit values
560 // returns number of bits converted
561 int hextobinarray(char *target, char *source)
562 {
563 int length, i, count= 0;
564 char* start = source;
565 char x;
566
567 length = strlen(source);
568 // process 4 bits (1 hex digit) at a time
569 while(length--)
570 {
571 x= *(source++);
572 // capitalize
573 if (x >= 'a' && x <= 'f')
574 x -= 32;
575 // convert to numeric value
576 if (x >= '0' && x <= '9')
577 x -= '0';
578 else if (x >= 'A' && x <= 'F')
579 x -= 'A' - 10;
580 else {
581 printf("Discovered unknown character %c %d at idx %d of %s\n", x, x, source - start, start);
582 return 0;
583 }
584 // output
585 for(i= 0 ; i < 4 ; ++i, ++count)
586 *(target++)= (x >> (3 - i)) & 1;
587 }
588
589 return count;
590 }
591
592 // convert hex to human readable binary string
593 int hextobinstring(char *target, char *source)
594 {
595 int length;
596
597 if(!(length= hextobinarray(target, source)))
598 return 0;
599 binarraytobinstring(target, target, length);
600 return length;
601 }
602
603 // convert binary array of 0x00/0x01 values to hex (safe to do in place as target will always be shorter than source)
604 // return number of bits converted
605 int binarraytohex(char *target,char *source, int length)
606 {
607 unsigned char i, x;
608 int j = length;
609
610 if(j % 4)
611 return 0;
612
613 while(j)
614 {
615 for(i= x= 0 ; i < 4 ; ++i)
616 x += ( source[i] << (3 - i));
617 sprintf(target,"%X", (unsigned int)x);
618 ++target;
619 source += 4;
620 j -= 4;
621 }
622 return length;
623 }
624
625 // convert binary array to human readable binary
626 void binarraytobinstring(char *target, char *source, int length)
627 {
628 int i;
629
630 for(i= 0 ; i < length ; ++i)
631 *(target++)= *(source++) + '0';
632 *target= '\0';
633 }
634
635 // return parity bit required to match type
636 uint8_t GetParity( uint8_t *bits, uint8_t type, int length)
637 {
638 int x;
639
640 for(x= 0 ; length > 0 ; --length)
641 x += bits[length - 1];
642 x %= 2;
643
644 return x ^ type;
645 }
646
647 // add HID parity to binary array: EVEN prefix for 1st half of ID, ODD suffix for 2nd half
648 void wiegand_add_parity(uint8_t *target, uint8_t *source, uint8_t length)
649 {
650 *(target++)= GetParity(source, EVEN, length / 2);
651 memcpy(target, source, length);
652 target += length;
653 *(target)= GetParity(source + length / 2, ODD, length / 2);
654 }
655
656 // xor two arrays together for len items. The dst array contains the new xored values.
657 void xor(unsigned char *dst, unsigned char *src, size_t len) {
658 for( ; len > 0; len--,dst++,src++)
659 *dst ^= *src;
660 }
661
662 int32_t le24toh (uint8_t data[3]) {
663 return (data[2] << 16) | (data[1] << 8) | data[0];
664 }
665 uint32_t le32toh (uint8_t *data) {
666 return (uint32_t)( (data[3]<<24) | (data[2]<<16) | (data[1]<<8) | data[0]);
667 }
668
669 // RotateLeft - Ultralight, Desfire, works on byte level
670 // 00-01-02 >> 01-02-00
671 void rol(uint8_t *data, const size_t len){
672 uint8_t first = data[0];
673 for (size_t i = 0; i < len-1; i++) {
674 data[i] = data[i+1];
675 }
676 data[len-1] = first;
677 }
678
679
680 // Replace unprintable characters with a dot in char buffer
681 void clean_ascii(unsigned char *buf, size_t len) {
682 for (size_t i = 0; i < len; i++) {
683 if (!isprint(buf[i]))
684 buf[i] = '.';
685 }
686 }
687
688 // replace \r \n to \0
689 void strcleanrn(char *buf, size_t len) {
690 strcreplace(buf, len, '\n', '\0');
691 strcreplace(buf, len, '\r', '\0');
692 }
693
694 // replace char in buffer
695 void strcreplace(char *buf, size_t len, char from, char to) {
696 for (size_t i = 0; i < len; i++) {
697 if (buf[i] == from)
698 buf[i] = to;
699 }
700 }
701
702 char *strmcopy(char *buf) {
703 char * str = NULL;
704 if ((str = (char*) malloc(strlen(buf) + 1)) != NULL) {
705 memset(str, 0, strlen(buf) + 1);
706 strcpy(str, buf);
707 }
708 return str;
709 }
710
711
712 // determine number of logical CPU cores (use for multithreaded functions)
713 extern int num_CPUs(void)
714 {
715 #if defined(_WIN32)
716 #include <sysinfoapi.h>
717 SYSTEM_INFO sysinfo;
718 GetSystemInfo(&sysinfo);
719 return sysinfo.dwNumberOfProcessors;
720 #elif defined(__linux__) || defined(__APPLE__)
721 #include <unistd.h>
722 return sysconf(_SC_NPROCESSORS_ONLN);
723 #else
724 return 1;
725 #endif
726 }
727
Impressum, Datenschutz