From 6cbead15671540d92db61fdf9e3acd3fff6d5671 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Wed, 30 Jan 2013 02:02:26 +0000 Subject: uid_len checks git-svn-id: https://svn.spreadspace.org/avr/trunk@101 aa12f405-d877-488e-9caf-2d797e2a1cc7 --- usb-i2c-sl018/tuer-rfid.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/usb-i2c-sl018/tuer-rfid.c b/usb-i2c-sl018/tuer-rfid.c index d225a0e..2406ec7 100644 --- a/usb-i2c-sl018/tuer-rfid.c +++ b/usb-i2c-sl018/tuer-rfid.c @@ -223,7 +223,7 @@ bool sl018_cmd(const uint8_t* send_twi_buf) return 0; } else { if(recv_twi_msg->len < 2) { - fprintf(stdio,"SL018 Cmd,Error: short Message received\n\r"); + fprintf(stdio,"SL018 Cmd,Error: short message received\n\r"); return 0; } if(recv_twi_msg->status) { @@ -232,7 +232,7 @@ bool sl018_cmd(const uint8_t* send_twi_buf) } sl018_message_t * send_twi_msg = (sl018_message_t *)send_twi_buf; if(send_twi_msg->command != recv_twi_msg->command) { - fprintf(stdio,"SL018 Cmd,Error: mismatch: send, rcv: %02X,%02X\n\r",send_twi_msg->command,recv_twi_msg->command); + fprintf(stdio,"SL018 Cmd,Error: mismatch of sent and received command code: %02X,%02X\n\r",send_twi_msg->command,recv_twi_msg->command); } } return 1; @@ -292,7 +292,6 @@ void handle_stdio(uint8_t cmd) if(sl018_reset()) fprintf(stdio, "ok\n\r"); break; - case 'f': //get cardreader firmware version if(sl018_cmd(SL018CMD_ComGetFirmwareVersion)) fprintf(stdio, "%s\n\r",recv_twi_msg->data); @@ -361,7 +360,12 @@ void handle_card(void) if(sl018_cmd(SL018CMD_ComSelectCard)) { uint8_t uid_len = recv_twi_msg->len - sizeof(recv_twi_msg->command) - sizeof(recv_twi_msg->status) - 1; - for (pos=uid_len-1; pos< 255; pos--) + if(uid_len == 255 || uid_len > sizeof(keyslot_t) - 1) { + fprintf(stdio,"Invalid uid_len received %d\n\r", uid_len); + return; + } + + for (pos=uid_len-1; pos<255; pos--) fprintf(stdio,"%02X",recv_twi_msg->data[pos]); fprintf(stdio, "\n\r"); -- cgit v1.2.3