laforge has submitted this change. ( https://gerrit.osmocom.org/c/android-apdu-proxy/+/41801?usp=email )

Change subject: OmapiCallbackHandlerVpcd: add check to filter shortTPDUs ......................................................................

OmapiCallbackHandlerVpcd: add check to filter shortTPDUs

Related: OS#6836 Change-Id: I4e76afd7cf4d63c67b1525202fbe74e0796b2ba3 --- M app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java 1 file changed, 10 insertions(+), 0 deletions(-)

Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified

diff --git a/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java b/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java index c71581c..0b880fb 100644 --- a/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java +++ b/app/src/main/java/org/osmocom/androidApduProxy/OmapiCallbackHandlerVpcd.java @@ -101,6 +101,16 @@ @Override public byte[] vpcdTransact(byte[] tpdu) { Log.i("PROXY", "Exchanging TPDU...\n"); + + //All TPDUs that we receive here should have a minimum length of 5 bytes. Under normal conditins, short + //TPDUs should not occurr as they should already be filtered out by the layers that call this method. + //To ensure seamless operation, let's check the TPDU length and reject short TPDUs immediately. + if (tpdu.length < 5) { + Log.e("PROXY", String.format("Rejecting short TPDU (%s)...\n", Utils.b2h(tpdu))); + //see also ISO/IEC 7816-4, table 5 (wrong length; no further indication) + return (Utils.h2b("6700")); + } + //In case the TPDU contains a SELECT by DF-Name, which is forbidden by OMAPI by design, we must //find an alternative solution: In case the SELECT targets the currently selected application, //we just use the FID 7FFF, which is an alias for the currently selected application. In case the