From b1d4bf019aa943d92f17a51279e96ab1162bbeac Mon Sep 17 00:00:00 2001 From: schneider Date: Thu, 4 Aug 2011 00:44:13 +0200 Subject: [PATCH 1/5] sendcard: buffer overflow #fail --- firmware/l0dable/sendcard.c | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/firmware/l0dable/sendcard.c b/firmware/l0dable/sendcard.c index 8bcf110..cd55b1a 100644 --- a/firmware/l0dable/sendcard.c +++ b/firmware/l0dable/sendcard.c @@ -30,12 +30,23 @@ //#include "lcd/print.h" - +void sendFile(char *filename); uint8_t mac[5] = {1,2,3,2,1}; + struct NRF_CFG config = { + .channel= 81, + .txmac= "\x1\x2\x3\x2\x1", + .nrmacs=1, + .mac0= "\x1\x2\x3\x2\x1", + .maclen ="\x20", + }; void ram(void) { + + nrf_config_set(&config); + + char file[13]; selectFile(file,"TXT"); sendFile(file); @@ -43,18 +54,34 @@ void ram(void) void sendR(uint8_t *rx, uint8_t *ry) { - uint8_t exp[2 + 4*NUMWORDS + 2]; + //uint8_t exp[2 + 4*NUMWORDS + 2]; + uint8_t exp[32]; exp[0] = 'R'; for(int i=0; i<4*NUMWORDS; i++) exp[2+i] = rx[i]; exp[1] = 'X'; + lcdPrintln("foo"); + lcdRefresh(); + nrf_snd_pkt_crc(32, exp); + lcdPrintln("bar"); + lcdRefresh(); + delayms(10); exp[1] = 'Y'; for(int i=0; i<4*NUMWORDS; i++) exp[2+i] = ry[i]; + lcdPrintln("foo"); + lcdRefresh(); + nrf_snd_pkt_crc(32, exp); + lcdPrintln("bar"); + lcdRefresh(); + delayms(10); + lcdPrintln("bar"); + lcdRefresh(); + } int receiveKey(uint8_t type, uint8_t *x, uint8_t *y) @@ -169,9 +196,13 @@ void sendFile(char *filename) ECIES_encyptkeygen(px, py, k1, k2, rx, ry); while( !done ){ - lcdPrintln("Sending file");lcdRefresh(); + lcdPrintln("Sending fil");lcdRefresh(); sendR(rx,ry); + lcdPrintln("wait"); + lcdRefresh(); delayms(3000); + lcdPrintln("filetrans"); + lcdRefresh(); filetransfer_send((uint8_t*)filename, 0, mac, (uint32_t*)k1); lcdPrintln("Done"); lcdPrintln("Right=OK"); From eda19fa10c630f11da99d7e43fbe03b70ff7a628 Mon Sep 17 00:00:00 2001 From: schneider Date: Thu, 4 Aug 2011 00:46:53 +0200 Subject: [PATCH 2/5] sendfile: removed debug output --- firmware/l0dable/sendcard.c | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/firmware/l0dable/sendcard.c b/firmware/l0dable/sendcard.c index cd55b1a..cf2a3d7 100644 --- a/firmware/l0dable/sendcard.c +++ b/firmware/l0dable/sendcard.c @@ -60,28 +60,14 @@ void sendR(uint8_t *rx, uint8_t *ry) for(int i=0; i<4*NUMWORDS; i++) exp[2+i] = rx[i]; exp[1] = 'X'; - lcdPrintln("foo"); - lcdRefresh(); - nrf_snd_pkt_crc(32, exp); - lcdPrintln("bar"); - lcdRefresh(); - delayms(10); exp[1] = 'Y'; for(int i=0; i<4*NUMWORDS; i++) exp[2+i] = ry[i]; - lcdPrintln("foo"); - lcdRefresh(); - nrf_snd_pkt_crc(32, exp); - lcdPrintln("bar"); - lcdRefresh(); delayms(10); - lcdPrintln("bar"); - lcdRefresh(); - } int receiveKey(uint8_t type, uint8_t *x, uint8_t *y) @@ -196,13 +182,9 @@ void sendFile(char *filename) ECIES_encyptkeygen(px, py, k1, k2, rx, ry); while( !done ){ - lcdPrintln("Sending fil");lcdRefresh(); + lcdPrintln("Sending file");lcdRefresh(); sendR(rx,ry); - lcdPrintln("wait"); - lcdRefresh(); delayms(3000); - lcdPrintln("filetrans"); - lcdRefresh(); filetransfer_send((uint8_t*)filename, 0, mac, (uint32_t*)k1); lcdPrintln("Done"); lcdPrintln("Right=OK"); From 8513771825e5de6631406f05e497b08c9c22df72 Mon Sep 17 00:00:00 2001 From: schneider Date: Thu, 4 Aug 2011 00:49:28 +0200 Subject: [PATCH 3/5] recvcard: init nrf --- firmware/l0dable/recvcard.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/firmware/l0dable/recvcard.c b/firmware/l0dable/recvcard.c index d19da8d..3ef7bfb 100644 --- a/firmware/l0dable/recvcard.c +++ b/firmware/l0dable/recvcard.c @@ -24,9 +24,20 @@ uint8_t mac[5] = {1,2,3,2,1}; + struct NRF_CFG config = { + .channel= 81, + .txmac= "\x1\x2\x3\x2\x1", + .nrmacs=1, + .mac0= "\x1\x2\x3\x2\x1", + .maclen ="\x20", + }; void ram(void) { + memset(0,0,0); + nrf_config_set(&config); + + if( sendKeys() ) return; From cf2824511e31665bfc2cf072443c32e1760b6a6a Mon Sep 17 00:00:00 2001 From: schneider Date: Thu, 4 Aug 2011 00:49:46 +0200 Subject: [PATCH 4/5] added exports for vcard --- firmware/l0dable/EXPORTS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/firmware/l0dable/EXPORTS b/firmware/l0dable/EXPORTS index c25d631..e77c938 100644 --- a/firmware/l0dable/EXPORTS +++ b/firmware/l0dable/EXPORTS @@ -65,3 +65,5 @@ meshGetMessage nickname uint32touint8p uint8ptouint32 +memset +nrf_config_set From 0a266eae4a5b7d0937d36434d1cd25dca259639c Mon Sep 17 00:00:00 2001 From: schneider Date: Thu, 4 Aug 2011 00:50:45 +0200 Subject: [PATCH 5/5] vcard: added system includes --- firmware/l0dable/system-include-hack.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/firmware/l0dable/system-include-hack.h b/firmware/l0dable/system-include-hack.h index 4f8f217..f1f77e5 100644 --- a/firmware/l0dable/system-include-hack.h +++ b/firmware/l0dable/system-include-hack.h @@ -1,3 +1,4 @@ size_t strlen(const char *s); -char * strcpy(char * restrict dst, const char * restrict src); -void * memcpy(void *dst, const void *src, size_t len); +char strcpy(char * restrict dst, const char * restrict src); +void memcpy(void *dst, const void *src, size_t len); +void memset(void *s, int c, size_t n);