nfc: pn533: prevent potential memory corruption

author Dan Carpenter <dan.carpenter@oracle.com>

Fri, 2 Apr 2021 11:44:42 +0000 (14:44 +0300)

committer David S. Miller <davem@davemloft.net>

Fri, 2 Apr 2021 21:27:50 +0000 (14:27 -0700)
author Dan Carpenter <dan.carpenter@oracle.com>
Fri, 2 Apr 2021 11:44:42 +0000 (14:44 +0300)
committer David S. Miller <davem@davemloft.net>
Fri, 2 Apr 2021 21:27:50 +0000 (14:27 -0700)
diff --git a/drivers/nfc/pn533/pn533.c b/drivers/nfc/pn533/pn533.c

index f1469ac8ff425346699a30e14d1dafddc63ce1c9..3fe5b81eda2d69a6856fae427bd3db803c373a41 100644 (file)
--- a/drivers/nfc/pn533/pn533.c
+++ b/drivers/nfc/pn533/pn533.c
@@ -706,6 +706,9 @@ static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
         if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
                 return false;
  
+       if (type_a->nfcid_len > NFC_NFCID1_MAXSIZE)
+               return false;
+
         return true;
  }
author	Dan Carpenter <dan.carpenter@oracle.com>
	Fri, 2 Apr 2021 11:44:42 +0000 (14:44 +0300)
committer	David S. Miller <davem@davemloft.net>
	Fri, 2 Apr 2021 21:27:50 +0000 (14:27 -0700)