dexter has uploaded this change for review. ( https://gerrit.osmocom.org/c/android-apdu-proxy/+/41801?usp=email )

Change subject: OmapiCallbackHandlerVpcd: add check to filter short TPDUs ......................................................................

OmapiCallbackHandlerVpcd: add check to filter short TPDUs

Related: OS#6836 Change-Id: I4e76afd7cf4d63c67b1525202fbe74e0796b2ba3 --- M app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java 1 file changed, 10 insertions(+), 0 deletions(-)

git pull ssh://gerrit.osmocom.org:29418/android-apdu-proxy refs/changes/01/41801/1

diff --git a/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java b/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java index f443ac2..b33d28c 100644 --- a/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java +++ b/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java @@ -101,6 +101,16 @@ @Override public byte[] vpcdTransact(byte[] tpdu) { Log.i("PROXY", "Exchanging TPDU...\n"); + + //All TPDUs that we receive here should have a minimum length of 5 bytes. Under normal conditins, short + //TPDUs should not occurr as they should already be filtered out by the layers that call this method. + //To ensure seamless operation, let's check the TPDU length and reject short TPDUs immediately. + if (tpdu.length < 5) { + Log.e("PROXY", String.format("Rejecting short TPDU (%s)...\n", Utils.b2h(tpdu))); + //see also ISO/IEC 7816-4, table 5 (wrong length; no further indication) + return (Utils.h2b("6700")); + } + //In case the TPDU contains a SELECT by DF-Name, which is forbidden by OMAPI by design, we must //find an alternative solution: In case the SELECT targets the currently selected application, //we just use the FID 7FFF, which is an alias for the currently selected application. In case the