Currently, we return false, and after turning set the bFailure state.
This is of course not possible.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
We use a variable, uiBlocks, to determine how many blocks to read/write.
Reading is actually done via a hardcoded 0xF value however.
Additionally, make uiblocks a const, as we use it as a constant and
change the page variable to uint32_t for consistency sake.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
When several tags are in range, nfc-mfultralight uses the lowest ID it
finds by default. This patch adds some code from nfc-list that lists the
tags in range whenever an operation is performed (r/w). Further more it
adds the --with-uid <UID> option to force reading/writing of a specific
tag.
The UID can be up to 10 bytes long and can be optionally separated by
colons or hyphens (MAC address style).
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
For some reason, 0cece94778 changed the argc count check to only show
the help if argc is 0. Obviously, argc is never zero, as the first
argument in argv is always the binary itself. Revert that and show usage
if there is no arguments supplied to the binary.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
The nfc-mfclassic utility will pick a seemingly random (the libnfc
default which seems to be the lowest UID). With the new (u|U) options
it is now possible to force a UID and thus write a specific tag, which
can be very useful if there are more then one tag visible.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Currently the check on argc is done twice, once in each if branch. This
is silly and we can just check once and fail right away.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
- For cards that aren’t magic, system will refuse to attempt writing
to block 0 / 1
- Tested on Gen 1 & Gen 2 cards:
Gen 1
$ ./nfc-mfultralight w ul-test.dmp --full
NFC device: SCM Micro / SCL3711-NFC&RW opened
Found MIFARE Ultralight card with UID: 044e075ad42184
Writing 16 pages |................|
Done, 16 of 16 pages written (0 pages skipped).
Gen 2
$ ./nfc-mfultralight w ul-test.dmp --full
NFC device: SCM Micro / SCL3711-NFC&RW opened
Found MIFARE Ultralight card with UID: 044e075ad42184
Writing 16 pages |................|
Done, 16 of 16 pages written (0 pages skipped).
Non-magic
$ ./nfc-mfultralight w ul-test.dmp --full
NFC device: SCM Micro / SCL3711-NFC&RW opened
Found MIFARE Ultralight card with UID: 044e075ad42184
Writing 16 pages |
Unable to unlock card - are you sure the card is magic?
$
Modifying behavior relating to magic cards.
If a user has a 'magic2' card (IE, direct-write, not a 'fully magic' card) - we'll warn them that they don't need to use the W / R modes, and then proceed with the unlock operation, instead of exiting.
Problem reported by Coverity:
CID 1090334 (#1 of 1): Big parameter passed by value (PASS_BY_VALUE)
pass_by_value: Passing parameter nt of type nfc_target const (size 291 bytes) by value.
This avoids Coverity being unhappy that only lower bound was defined, well I hope
lower_bounds: Checking lower bounds of signed scalar "waiting_time" by "waiting_time > 0".
CID 1090343 (#1 of 1): Untrusted value as argument (TAINTED_SCALAR)
tainted_data: Passing tainted variable "waiting_time" to a tainted sink.
sleep(waiting_time);
Problem reported by Coverity:
CID 1090323 (#1 of 1): Unchecked return value (CHECKED_RETURN)
unchecked_value: No check of the return value of "nfc_initiator_select_passive_target(pnd, nmMifare, nt.nti.nai.abtUid, nt.nti.nai.szUidLen, NULL)".
Problem reported by Coverity:
CID 1090325 (#1 of 1): Unchecked return value (CHECKED_RETURN)
unchecked_value: No check of the return value of "nfc_device_set_property_bool(pnd, NP_AUTO_ISO14443_4, false)".
Hopefully fix TOCTOU by calling fopen() before stat()
At least this should prevent Coverity to complain about it:
CID 1090346 (#1 of 1): Time of check time of use (TOCTOU)
fs_check_call: Calling function "stat(char const *, struct stat *)" to perform check on "filename".
toctou: Calling function "fopen(char const * restrict, char const * restrict)" that uses "filename" after a check function. This can cause a time-of-check, time-of-use race condition.
Note that it seems pretty hard to avoid completely:
https://en.wikipedia.org/wiki/Time_of_check_to_time_of_use#Preventing_TOCTTOU
switch case was redundant as getopt was already telling the issue:
nfc-read-forum-tag3: option requires an argument -- 'o'
Option -o requires an argument.
This fixes also a problem reported by Coverity about missing break:
CID 1090330 (#1 of 1): Missing break in switch (MISSING_BREAK)
unterminated_case: This case (value 63) is not terminated by a 'break' statement.
Problem reported by Coverity
CID 1090319 (#1 of 1): Unchecked return value (CHECKED_RETURN)
unchecked_value: No check of the return value of "nfc_device_set_property_bool(pnd, NP_EASY_FRAMING, nt.nti.nai.btSak & 0x20)".
CID 1090320 (#1 of 1): Unchecked return value (CHECKED_RETURN)
unchecked_value: No check of the return value of "nfc_device_set_property_bool(dev, NP_HANDLE_CRC, false)".
CID 1090324 (#1 of 2): Unchecked return value (CHECKED_RETURN)
unchecked_value: No check of the return value of "nfc_device_set_property_bool(pnd, NP_ACTIVATE_FIELD, true)".
CID 1090325 (#1 of 1): Unchecked return value (CHECKED_RETURN)
unchecked_value: No check of the return value of "nfc_device_set_property_bool(pnd, NP_AUTO_ISO14443_4, false)".
nfc_exit(context); was called 2 times
CID 1090348 (#1 of 1): Use after free (USE_AFTER_FREE)53. deref_arg:
Calling "nfc_exit(nfc_context *)" dereferences freed pointer "context".
(The dereference is assumed on the basis of the 'nonnull' parameter
attribute.)
