git.openpandora.org / pandora-kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a434c24)
NFC: pn533: Frame is invalid if ccid.datalen is 0
authorSamuel Ortiz <sameo@linux.intel.com>
Sat, 4 Jan 2014 02:23:35 +0000 (03:23 +0100)
committerSamuel Ortiz <sameo@linux.intel.com>
Sat, 4 Jan 2014 02:32:27 +0000 (03:32 +0100)
Some ACR122 firmwares seem to send 0 length data frames. Before using
that length as a data index, we check that it's not 0. If it is we
report the frame as being invalid.

Reported-by: Arthur Taylor <arthur@advancedtelematic.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
drivers/nfc/pn533.c patch | blob | history

diff --git a/drivers/nfc/pn533.c b/drivers/nfc/pn533.c
index 3df19e6..cf1a87b 100644 (file)
--- a/drivers/nfc/pn533.c
+++ b/drivers/nfc/pn533.c
@@ -521,6 +521,9 @@ static bool pn533_acr122_is_rx_frame_valid(void *_frame, struct pn533 *dev)
        if (frame->ccid.type != 0x83)
                return false;
 
+       if (!frame->ccid.datalen)
+               return false;
+
        if (frame->data[frame->ccid.datalen - 2] == 0x63)
                return false;
 
Pandora Kernel Repository