Change in ...osmo-ccid-firmware[master]: CCID: fix length checks in PC_to_RDR_{GetSlotStatus, SetParameters}

historical

laforge has submitted this change and it was merged. ( https://gerrit.osmocom.org/c/osmo-ccid-firmware/+/15642 )

Change subject: CCID: fix length checks in PC_to_RDR_{GetSlotStatus,SetParameters}
......................................................................

CCID: fix length checks in PC_to_RDR_{GetSlotStatus,SetParameters}

Change-Id: I5ec32fd5fdf704ee06f21e548a16523a557d4988
---
M ccid/ccid_device.c
1 file changed, 3 insertions(+), 2 deletions(-)

Approvals:
  Jenkins Builder: Verified
  Hoernchen: Looks good to me, but someone else must approve; Verified
  laforge: Looks good to me, approved

diff --git a/ccid/ccid_device.c b/ccid/ccid_device.c
index 346f77d..049b1cf 100644
--- a/ccid/ccid_device.c
+++ b/ccid/ccid_device.c
@@ -678,7 +678,7 @@
 
 	switch (ch->bMessageType) {
 	case PC_to_RDR_GetSlotStatus:
-		if (len != sizeof(u->get_slot_status))
+		if (len < sizeof(u->get_slot_status))
 			goto short_msg;
 		rc = ccid_handle_get_slot_status(cs, msg);
 		break;
@@ -708,7 +708,8 @@
 		rc = ccid_handle_reset_parameters(cs, msg);
 		break;
 	case PC_to_RDR_SetParameters:
-		if (len != sizeof(u->set_parameters))
+		// smallest union member
+		if (len < (sizeof(u->set_parameters.abProtocolData.t0)+10))
 			goto short_msg;
 		rc = ccid_handle_set_parameters(cs, msg);
 		break;

-- 
To view, visit https://gerrit.osmocom.org/c/osmo-ccid-firmware/+/15642
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-ccid-firmware
Gerrit-Branch: master
Gerrit-Change-Id: I5ec32fd5fdf704ee06f21e548a16523a557d4988
Gerrit-Change-Number: 15642
Gerrit-PatchSet: 1
Gerrit-Owner: laforge <laforge at osmocom.org>
Gerrit-Reviewer: Hoernchen <ewild at sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: laforge <laforge at osmocom.org>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20191004/7c81b93a/attachment.htm>
