Hoernchen has uploaded this change for review.

View Change

ccid: reject invalid bClockCommand

Change-Id: I34dedcaaaf3cd67e22b207016f08e745736dd625
---
M ccid_common/ccid_device.c
1 file changed, 9 insertions(+), 1 deletion(-)

git pull ssh://gerrit.osmocom.org:29418/osmo-ccid-firmware refs/changes/78/42778/1
diff --git a/ccid_common/ccid_device.c b/ccid_common/ccid_device.c
index 63a4d70..d9faa00 100644
--- a/ccid_common/ccid_device.c
+++ b/ccid_common/ccid_device.c
@@ -601,9 +601,17 @@
 	const union ccid_pc_to_rdr *u = msgb_ccid_out(msg);
 	const struct ccid_header *ch = (const struct ccid_header *) u;
 	uint8_t seq = u->icc_clock.hdr.bSeq;
+	uint8_t cmd = u->icc_clock.bClockCommand;
 	struct msgb *resp;
 
-	cs->ci->slot_ops->set_clock(cs, u->icc_clock.bClockCommand);
+	/* CCID v1.1 ยง6.1.9: bClockCommand has only two defined values; reject
+	 * early here */
+	if (cmd != CCID_CLOCK_CMD_RESTART && cmd != CCID_CLOCK_CMD_STOP) {
+		resp = ccid_gen_slot_status(cs, seq, CCID_CMD_STATUS_FAILED, offsetof(struct ccid_pc_to_rdr_icc_clock, bClockCommand));
+		return ccid_slot_send_unbusy(cs, resp);
+	}
+
+	cs->ci->slot_ops->set_clock(cs, cmd);
 	resp = ccid_gen_slot_status(cs, seq, CCID_CMD_STATUS_OK, 0);
 	return ccid_slot_send_unbusy(cs, resp);
 }

To view, visit change 42778. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-MessageType: newchange
Gerrit-Project: osmo-ccid-firmware
Gerrit-Branch: master
Gerrit-Change-Id: I34dedcaaaf3cd67e22b207016f08e745736dd625
Gerrit-Change-Number: 42778
Gerrit-PatchSet: 1
Gerrit-Owner: Hoernchen <ewild@sysmocom.de>