Skip to content

Commit

Permalink
Merge pull request #2508 from douniwan5788/cmdread
Browse files Browse the repository at this point in the history
fix: `lf cmdread` silent lost CRC
  • Loading branch information
iceman1001 authored Sep 13, 2024
2 parents 9509990 + 424a467 commit c6f9803
Showing 1 changed file with 9 additions and 3 deletions.
12 changes: 9 additions & 3 deletions client/src/cmdlf.c
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,8 @@ static int CmdLFTune(const char *Cmd) {
return PM3_SUCCESS;
}

#define PAYLOAD_HEADER_SIZE (12 + (3 * LF_CMDREAD_MAX_EXTRA_SYMBOLS))

/* send a LF command before reading */
int CmdLFCommandRead(const char *Cmd) {
CLIParserContext *ctx;
Expand Down Expand Up @@ -274,7 +276,7 @@ int CmdLFCommandRead(const char *Cmd) {
CLIExecWithReturn(ctx, Cmd, argtable, false);
uint32_t delay = arg_get_u32_def(ctx, 1, 0);

char cmd[128] = {0};
char cmd[PM3_CMD_DATA_SIZE - PAYLOAD_HEADER_SIZE] = {0};
int cmd_len = sizeof(cmd) - 1; // CLIGetStrWithReturn does not guarantee string to be null-terminated
CLIGetStrWithReturn(ctx, 2, (uint8_t *)cmd, &cmd_len);

Expand All @@ -295,7 +297,6 @@ int CmdLFCommandRead(const char *Cmd) {
return PM3_ENOTTY;
}

#define PAYLOAD_HEADER_SIZE (12 + (3 * LF_CMDREAD_MAX_EXTRA_SYMBOLS))
struct p {
uint32_t delay;
uint16_t period_0;
Expand All @@ -316,7 +317,12 @@ int CmdLFCommandRead(const char *Cmd) {
memset(payload.symbol_extra, 0, sizeof(payload.symbol_extra));
memset(payload.period_extra, 0, sizeof(payload.period_extra));

if (add_crc_ht && (cmd_len <= 120)) {
if (cmd_len > sizeof(payload.data) - 8 * add_crc_ht - 1) {
PrintAndLogEx(ERR, "cmd too long, max length is %zu", sizeof(cmd) - 1);
return PM3_EINVARG;
}

if (add_crc_ht) {
// Hitag 1, Hitag S, ZX8211
// width=8 poly=0x1d init=0xff refin=false refout=false xorout=0x00 check=0xb4 residue=0x00 name="CRC-8/HITAG"
crc_t crc;
Expand Down

0 comments on commit c6f9803

Please sign in to comment.