From 9e52f0701f65933e1dcfcf4ed632cd1f97dbe733 Mon Sep 17 00:00:00 2001
From: team-orangeBlue <63470411+team-orangeBlue@users.noreply.github.com>
Date: Sat, 11 Apr 2026 00:41:31 +0300
Subject: [PATCH] Correct ACL RO check

See commit 1cb843a22bbb5c5afc93478f8ab2806792ec6b39

Signed-off-by: team-orangeBlue <63470411+team-orangeBlue@users.noreply.github.com>
---
 client/src/cmdhfmf.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c
index c01ad0550..8f70b5b01 100644
--- a/client/src/cmdhfmf.c
+++ b/client/src/cmdhfmf.c
@@ -869,10 +869,16 @@ static int mf_analyse_st_block(uint8_t blockno, uint8_t *block, bool force) {
     }
 
     bool ro_detected = false;
-    uint8_t bar = mfNumBlocksPerSector(mfSectorNum(blockno));
+    //uint8_t bar = mfNumBlocksPerSector(mfSectorNum(blockno));
+    uint8_t bar = 4;
     for (uint8_t foo = 0; foo < bar; foo++) {
         if (mfReadOnlyAccessConditions(foo, &block[6])) {
-            PrintAndLogEx(WARNING, "Strict ReadOnly Access Conditions on block " _YELLOW_("%u") " detected", blockno - bar + 1 + foo);
+        // WARNING: Sectors 33+ assume ACLs apply to groups of 4 blocks, not 1 block.
+        // The code as-is is bugged and actually wastes iterations. If you have 16 blocks, it'll run all 16 but only error out like it's a 4-block sector.
+            if (blockno<127)
+                PrintAndLogEx(WARNING, "Strict ReadOnly Access Conditions on block " _YELLOW_("%u") " detected", blockno - bar + 1 + foo);
+            else
+                PrintAndLogEx(WARNING, "Strict ReadOnly Access Conditions on blocks " _YELLOW_("%u-%u") " detected", blockno - bar*4 + 1 + foo*5, blockno - bar*4 + 1 + foo*5 + 4);
             ro_detected = true;
         }
     }