crewID/libnfc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix out-of-bounds access in nfc-mfultralight unveiled by coverity scan:

Browse source 
*** CID 1090333:  Out-of-bounds access  (OVERRUN)
This commit is contained in:
Philippe Teuwen 2014-04-14 23:26:44 +02:00
parent bd92f74a58
commit bb9babbeda
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ChangeLog
View file

@ -4,6 +4,7 @@ Fixes:
- Remove unreachable code - Remove unreachable code
- nfc_emulate_uid: cleaner exit on interrupt - nfc_emulate_uid: cleaner exit on interrupt
- Fix reporting of modulations and baud rates by nfc-scan-device -v - Fix reporting of modulations and baud rates by nfc-scan-device -v
- Fix out-of-bounds access in nfc-mfultralight
Improvements: Improvements:
- Allow ISO14443A to be used at higher baud rates - Allow ISO14443A to be used at higher baud rates

3
utils/nfc-mfultralight.c
View file

@ -168,7 +168,8 @@ write_card(void)
// page (4 bytes). The Ultralight-specific Write command only // page (4 bytes). The Ultralight-specific Write command only
// writes one page at a time. // writes one page at a time.
uiBlock = page / 4; uiBlock = page / 4;
memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData + ((page % 4) * 4), 16); memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData + ((page % 4) * 4), 4);
memset(mp.mpd.abtData + 4, 0, 12);
if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, page, &mp)) if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, page, &mp))
bFailure = true; bFailure = true;