From 1fb70e01f0d6b96a39c3ae194a8ca2372dffb46b Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 1 Feb 2013 00:17:29 +0000 Subject: additional sanity check, uid len fits to tag type git-svn-id: https://svn.spreadspace.org/avr/trunk@108 aa12f405-d877-488e-9caf-2d797e2a1cc7 --- usb-i2c-sl018/tuer-rfid.c | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/usb-i2c-sl018/tuer-rfid.c b/usb-i2c-sl018/tuer-rfid.c index 664e810..698f2b7 100644 --- a/usb-i2c-sl018/tuer-rfid.c +++ b/usb-i2c-sl018/tuer-rfid.c @@ -95,6 +95,19 @@ const char* SL018_tagtype_tostring(const uint8_t type) } } +uint8_t SL018_tagtype_to_uidlen(const uint8_t type) +{ + switch(type) { + case 0x1: + case 0x4: return 4; + case 0x2: + case 0x3: + case 0x5: + case 0x6: return 7; + default: return 0; + } +} + const uint8_t SL018_CMD_ComSelectCard[] = {1,0x01}; const uint8_t SL018_CMD_ComRedLedOn[] = {2,0x40,1}; const uint8_t SL018_CMD_ComRedLedOff[] = {2,0x40,0}; @@ -371,13 +384,18 @@ void handle_card(void) { uint8_t uid_len = twi_recv_msg->len - sizeof(twi_recv_msg->command) - sizeof(twi_recv_msg->status) - 1; if(uid_len == 255 || uid_len > sizeof(keyslot_t) - 1) { - fprintf(stdio," Invalid uid length received %d\n\r", uid_len); + fprintf(stdio," received UID length (%d) is to big for keystore \n\r", uid_len); return; } + uint8_t type = twi_recv_msg->data[uid_len]; + uint8_t expected_uid_len = SL018_tagtype_to_uidlen(type); + if(expected_uid_len != uid_len) { + fprintf(stdio," Invalid uid length (%d) for tag type: %s\n\r", uid_len, SL018_tagtype_tostring(type)); + return; + } + for (uint8_t pos=0; posdata[uid_len-pos-1]); - - uint8_t type = twi_recv_msg->data[uid_len]; fprintf(stdio, ", %s\n\r", SL018_tagtype_tostring(type)); if (0 < type && type < 7) { -- cgit v1.2.3