Fixed several issues found using a coverity-scan

author Martin Holst Swende <martin@swende.se>

Mon, 27 Oct 2014 20:46:04 +0000 (21:46 +0100)

committer Martin Holst Swende <martin@swende.se>

Mon, 27 Oct 2014 20:46:04 +0000 (21:46 +0100)
author Martin Holst Swende <martin@swende.se>
Mon, 27 Oct 2014 20:46:04 +0000 (21:46 +0100)
committer Martin Holst Swende <martin@swende.se>
Mon, 27 Oct 2014 20:46:04 +0000 (21:46 +0100)
diff --git a/client/cmddata.c b/client/cmddata.c

index fa54d01a69387897b5498ccd8e43270e46a50dbf..7d9ec1b76bafbc9e1b09736bd11f2c93fa11d7d8 100644 (file)
--- a/client/cmddata.c
+++ b/client/cmddata.c
@@ -556,7 +556,7 @@ int CmdManchesterDemod(const char *Cmd)
  
    /* But it does not work if compiling on WIndows: therefore we just allocate a */
    /* large array */
  
    /* But it does not work if compiling on WIndows: therefore we just allocate a */
    /* large array */
-  uint8_t BitStream[MAX_GRAPH_TRACE_LEN];
+  uint8_t BitStream[MAX_GRAPH_TRACE_LEN] = {0};
  
    /* Detect high and lows */
    for (i = 0; i < GraphTraceLen; i++)
  
    /* Detect high and lows */
    for (i = 0; i < GraphTraceLen; i++)
diff --git a/client/cmdhf15.c b/client/cmdhf15.c

index cc61d2899e3c5d56ee8f894509c3a656942cbbd4..2239e9e4634ff151e5181050800af12e294d574a 100644 (file)
--- a/client/cmdhf15.c
+++ b/client/cmdhf15.c
@@ -535,7 +535,8 @@ int CmdHF15CmdRaw (const char *cmd) {
   */
  int prepareHF15Cmd(char **cmd, UsbCommand *c, uint8_t iso15cmd[], int iso15cmdlen) {
         int temp;
   */
  int prepareHF15Cmd(char **cmd, UsbCommand *c, uint8_t iso15cmd[], int iso15cmdlen) {
         int temp;
-       uint8_t *req=c->d.asBytes, uid[8];
+       uint8_t *req=c->d.asBytes;
+       uint8_t uid[8] = {0};
         uint32_t reqlen=0;
  
         // strip
         uint32_t reqlen=0;
  
         // strip
diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c

index 7156b1188809ab9c492ac52a2efb4d2e32e270e6..d9af90441f16951783d09e40663e5608043036dc 100644 (file)
--- a/client/cmdhficlass.c
+++ b/client/cmdhficlass.c
@@ -502,6 +502,8 @@ int CmdHFiClassReader_Dump(const char *Cmd)
    SendCommand(&c);
    
    UsbCommand resp;
    SendCommand(&c);
    
    UsbCommand resp;
+  uint8_t key_sel[8] = {0};
+  uint8_t key_sel_p[8] = { 0 };
  
    if (WaitForResponseTimeout(CMD_ACK,&resp,4500)) {
          uint8_t isOK    = resp.arg[0] & 0xff;
  
    if (WaitForResponseTimeout(CMD_ACK,&resp,4500)) {
          uint8_t isOK    = resp.arg[0] & 0xff;
@@ -520,8 +522,6 @@ int CmdHFiClassReader_Dump(const char *Cmd)
          {
              if(elite)
              {
          {
              if(elite)
              {
-                uint8_t key_sel[8] = {0};
-                uint8_t key_sel_p[8] = { 0 };
                  //Get the key index (hash1)
                  uint8_t key_index[8] = {0};
  
                  //Get the key index (hash1)
                  uint8_t key_index[8] = {0};
  
diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c

index b66aa3a6d59d220d685c8b57ce657b3f415feee8..4b591f0f6195caf01c2f40d4ba1e2ca95779d02d 100644 (file)
--- a/client/cmdhfmf.c
+++ b/client/cmdhfmf.c
@@ -1004,6 +1004,16 @@ int CmdHF14AMfNested(const char *Cmd)
  \r
  int CmdHF14AMfChk(const char *Cmd)\r
  {\r
  \r
  int CmdHF14AMfChk(const char *Cmd)\r
  {\r
+       if (strlen(Cmd)<3) {\r
+               PrintAndLog("Usage:  hf mf chk <block number>|<*card memory> <key type (A/B/?)> [t] [<key (12 hex symbols)>] [<dic (*.dic)>]");\r
+               PrintAndLog("          * - all sectors");\r
+               PrintAndLog("card memory - 0 - MINI(320 bytes), 1 - 1K, 2 - 2K, 4 - 4K, <other> - 1K");\r
+               PrintAndLog("d - write keys to binary file\n");\r
+               PrintAndLog("      sample: hf mf chk 0 A 1234567890ab keys.dic");\r
+               PrintAndLog("              hf mf chk *1 ? t");\r
+               return 0;\r
+       }       \r
+\r
         FILE * f;\r
         char filename[256]={0};\r
         char buf[13];\r
         FILE * f;\r
         char filename[256]={0};\r
         char buf[13];\r
@@ -1021,6 +1031,7 @@ int CmdHF14AMfChk(const char *Cmd)
         int transferToEml = 0;\r
         int createDumpFile = 0;\r
  \r
         int transferToEml = 0;\r
         int createDumpFile = 0;\r
  \r
+\r
         keyBlock = calloc(stKeyBlock, 6);\r
         if (keyBlock == NULL) return 1;\r
  \r
         keyBlock = calloc(stKeyBlock, 6);\r
         if (keyBlock == NULL) return 1;\r
  \r
@@ -1047,15 +1058,6 @@ int CmdHF14AMfChk(const char *Cmd)
                 num_to_bytes(defaultKeys[defaultKeyCounter], 6, (uint8_t*)(keyBlock + defaultKeyCounter * 6));\r
         }\r
         \r
                 num_to_bytes(defaultKeys[defaultKeyCounter], 6, (uint8_t*)(keyBlock + defaultKeyCounter * 6));\r
         }\r
         \r
-       if (strlen(Cmd)<3) {\r
-               PrintAndLog("Usage:  hf mf chk <block number>|<*card memory> <key type (A/B/?)> [t] [<key (12 hex symbols)>] [<dic (*.dic)>]");\r
-               PrintAndLog("          * - all sectors");\r
-               PrintAndLog("card memory - 0 - MINI(320 bytes), 1 - 1K, 2 - 2K, 4 - 4K, <other> - 1K");\r
-               PrintAndLog("d - write keys to binary file\n");\r
-               PrintAndLog("      sample: hf mf chk 0 A 1234567890ab keys.dic");\r
-               PrintAndLog("              hf mf chk *1 ? t");\r
-               return 0;\r
-       }       \r
         \r
         if (param_getchar(Cmd, 0)=='*') {\r
                 blockNo = 3;\r
         \r
         if (param_getchar(Cmd, 0)=='*') {\r
                 blockNo = 3;\r
@@ -1144,11 +1146,11 @@ int CmdHF14AMfChk(const char *Cmd)
                                         keycnt++;\r
                                         memset(buf, 0, sizeof(buf));\r
                                 }\r
                                         keycnt++;\r
                                         memset(buf, 0, sizeof(buf));\r
                                 }\r
+                               fclose(f);\r
                         } else {\r
                                 PrintAndLog("File: %s: not found or locked.", filename);\r
                                 free(keyBlock);\r
                                 return 1;\r
                         } else {\r
                                 PrintAndLog("File: %s: not found or locked.", filename);\r
                                 free(keyBlock);\r
                                 return 1;\r
-                       fclose(f);\r
                         }\r
                 }\r
         }\r
                         }\r
                 }\r
         }\r
@@ -1586,8 +1588,8 @@ int CmdHF14AMfEKeyPrn(const char *Cmd)
  int CmdHF14AMfCSetUID(const char *Cmd)\r
  {\r
         uint8_t wipeCard = 0;\r
  int CmdHF14AMfCSetUID(const char *Cmd)\r
  {\r
         uint8_t wipeCard = 0;\r
-       uint8_t uid[8];\r
-       uint8_t oldUid[8];\r
+       uint8_t uid[8] = {0};\r
+       uint8_t oldUid[8]= {0};\r
         int res;\r
  \r
         if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
         int res;\r
  \r
         if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
diff --git a/client/cmdlfem4x.c b/client/cmdlfem4x.c

index a7312d21b81a21a148c7cfe1e0e95f5b4db021d3..a3674a6ca6ebcb87896819149633f8c6bd21ac56 100644 (file)
--- a/client/cmdlfem4x.c
+++ b/client/cmdlfem4x.c
@@ -319,7 +319,7 @@ int CmdEM4x50Read(const char *Cmd)
        ++i;
      while ((GraphBuffer[i] > low) && (i<GraphTraceLen))
        ++i;
        ++i;
      while ((GraphBuffer[i] > low) && (i<GraphTraceLen))
        ++i;
-    if (j>(MAX_GRAPH_TRACE_LEN/64)) {
+    if (j>=(MAX_GRAPH_TRACE_LEN/64)) {
        break;
      }
      tmpbuff[j++]= i - start;
        break;
      }
      tmpbuff[j++]= i - start;
diff --git a/client/cmdlfhitag.c b/client/cmdlfhitag.c

index af61bd36690e965a45388199bbddd24359ad3b64..13f075f7291114d612930caeb642e59d0331aa8b 100644 (file)
--- a/client/cmdlfhitag.c
+++ b/client/cmdlfhitag.c
@@ -149,6 +149,7 @@ int CmdLFHitagSim(const char *Cmd) {
                 tag_mem_supplied = true;
                 if (fread(c.d.asBytes,48,1,pf) == 0) {
        PrintAndLog("Error: File reading error");
                 tag_mem_supplied = true;
                 if (fread(c.d.asBytes,48,1,pf) == 0) {
        PrintAndLog("Error: File reading error");
+      fclose(pf);
                         return 1;
      }
                 fclose(pf);
                         return 1;
      }
                 fclose(pf);
diff --git a/client/cmdmain.c b/client/cmdmain.c

index fa358fac8b2211b0ae27eb1e32a746830303807b..77f1c373ece5bb884b0f9b3ea78c8af1dcbe2440 100644 (file)
--- a/client/cmdmain.c
+++ b/client/cmdmain.c
@@ -134,8 +134,9 @@ int getCommand(UsbCommand* response)
   */
  bool WaitForResponseTimeout(uint32_t cmd, UsbCommand* response, size_t ms_timeout) {
    
   */
  bool WaitForResponseTimeout(uint32_t cmd, UsbCommand* response, size_t ms_timeout) {
    
+  UsbCommand resp;
+
    if (response == NULL) {
    if (response == NULL) {
-    UsbCommand resp;
      response = &resp;
    }
  
      response = &resp;
    }
  
diff --git a/client/mifarehost.c b/client/mifarehost.c

index fe8b8b2682a3d28b46bd469a369c1c6303c93e07..7633def36a61bdcf2ea68de25ebc420cc3b0587d 100644 (file)
--- a/client/mifarehost.c
+++ b/client/mifarehost.c
@@ -296,7 +296,7 @@ static uint8_t trailerAccessBytes[4] = {0x08, 0x77, 0x8F, 0x00};
  // variables\r
  char logHexFileName[200] = {0x00};\r
  static uint8_t traceCard[4096] = {0x00};\r
  // variables\r
  char logHexFileName[200] = {0x00};\r
  static uint8_t traceCard[4096] = {0x00};\r
-static char traceFileName[20];\r
+static char traceFileName[200] = {0};\r
  static int traceState = TRACE_IDLE;\r
  static uint8_t traceCurBlock = 0;\r
  static uint8_t traceCurKey = 0;\r
  static int traceState = TRACE_IDLE;\r
  static uint8_t traceCurBlock = 0;\r
  static uint8_t traceCurKey = 0;\r
diff --git a/client/nonce2key/crapto1.c b/client/nonce2key/crapto1.c

index 90f55ab4c6cce6ad91ad594059069a7e64a0a270..61215420ff604ec464d40afd450998f0d0fada20 100644 (file)
--- a/client/nonce2key/crapto1.c
+++ b/client/nonce2key/crapto1.c
@@ -544,8 +544,14 @@ lfsr_common_prefix(uint32_t pfx, uint32_t rr, uint8_t ks[8], uint8_t par[8][8],
  \r
         statelist = malloc((sizeof *statelist) << 21);  //how large should be? \r
         if(!statelist || !odd || !even)\r
  \r
         statelist = malloc((sizeof *statelist) << 21);  //how large should be? \r
         if(!statelist || !odd || !even)\r
+       {\r
+                               free(statelist);\r
+                               free(odd);\r
+                               free(even);\r
                  return 0;\r
  \r
                  return 0;\r
  \r
+       }\r
+\r
         s = statelist;\r
         for(o = odd; *o != -1; ++o)\r
                 for(e = even; *e != -1; ++e)\r
         s = statelist;\r
         for(o = odd; *o != -1; ++o)\r
                 for(e = even; *e != -1; ++e)\r
author	Martin Holst Swende <martin@swende.se>
	Mon, 27 Oct 2014 20:46:04 +0000 (21:46 +0100)
committer	Martin Holst Swende <martin@swende.se>
	Mon, 27 Oct 2014 20:46:04 +0000 (21:46 +0100)
client/cmddata.c		patch \| blob \| blame \| history
client/cmdhf15.c		patch \| blob \| blame \| history
client/cmdhficlass.c		patch \| blob \| blame \| history
client/cmdhfmf.c		patch \| blob \| blame \| history
client/cmdlfem4x.c		patch \| blob \| blame \| history
client/cmdlfhitag.c		patch \| blob \| blame \| history
client/cmdmain.c		patch \| blob \| blame \| history
client/mifarehost.c		patch \| blob \| blame \| history
client/nonce2key/crapto1.c		patch \| blob \| blame \| history