X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/ab981f05819e3b4b368e50f5729951a33f5ce8de..987c59849ef113c8111e7b3a7067b87a6837c882:/client/cmdhflegic.c?ds=inline diff --git a/client/cmdhflegic.c b/client/cmdhflegic.c index 0adf3c59..4ad60e3b 100644 --- a/client/cmdhflegic.c +++ b/client/cmdhflegic.c @@ -570,20 +570,42 @@ int CmdLegicCalcCrc8(const char *Cmd){ uint8_t cmdp = 0, uidcrc = 0, type=0; bool errors = false; int len = 0; + int bg, en; while(param_getchar(Cmd, cmdp) != 0x00) { switch(param_getchar(Cmd, cmdp)) { case 'b': case 'B': - data = malloc(len); + // peek at length of the input string so we can + // figure out how many elements to malloc in "data" + bg=en=0; + if (param_getptr(Cmd, &bg, &en, cmdp+1)) { + errors = true; + break; + } + len = (en - bg + 1); + + // check that user entered even number of characters + // for hex data string + if (len & 1) { + errors = true; + break; + } + + // it's possible for user to accidentally enter "b" parameter + // more than once - we have to clean previous malloc + if (data) free(data); + data = malloc(len >> 1); if ( data == NULL ) { PrintAndLog("Can't allocate memory. exiting"); errors = true; break; - } - param_gethex_ex(Cmd, cmdp+1, data, &len); - // if odd symbols, (hexbyte must be two symbols) - if ( len & 1 ) errors = true; + } + + if (param_gethex(Cmd, cmdp+1, data, len)) { + errors = true; + break; + } len >>= 1; cmdp += 2; @@ -611,7 +633,7 @@ int CmdLegicCalcCrc8(const char *Cmd){ } //Validations if (errors){ - if (data != NULL) free(data); + if (data) free(data); return usage_legic_calccrc8(); } @@ -624,7 +646,7 @@ int CmdLegicCalcCrc8(const char *Cmd){ break; } - if (data != NULL) free(data); + if (data) free(data); return 0; }