crewID/libnfc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Replace some sprintf with snprintf to prevent from buffer-overflow.

Browse source
This commit is contained in:
Romuald Conty 2010-04-21 10:23:11 +00:00
parent ce6f7f2c84
commit d9ec086beb
2 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
libnfc/drivers/pn532_uart.c
View file

@ -133,8 +133,7 @@ pn532_uart_list_devices(nfc_device_desc_t pnddDevices[], size_t szDevices, size_
snprintf(pnddDevices[*pszDeviceFound].acDevice, DEVICE_NAME_LENGTH - 1, "%s (%s)", "PN532", acConnect);
pnddDevices[*pszDeviceFound].acDevice[DEVICE_NAME_LENGTH - 1] = '\0';
pnddDevices[*pszDeviceFound].pcDriver = PN532_UART_DRIVER_NAME;
//pnddDevices[*pszDeviceFound].pcPort = strndup(acConnect, BUFFER_LENGTH - 1);
pnddDevices[*pszDeviceFound].pcPort = strdup(acConnect);
pnddDevices[*pszDeviceFound].pcPort = strndup(acConnect, BUFFER_LENGTH - 1);
pnddDevices[*pszDeviceFound].pcPort[BUFFER_LENGTH] = '\0';
pnddDevices[*pszDeviceFound].uiSpeed = SERIAL_DEFAULT_PORT_SPEED;
DBG("Device found: %s.", pnddDevices[*pszDeviceFound].acDevice);

6
libnfc/nfc.c
View file

@ -195,9 +195,9 @@ nfc_device_t* nfc_connect(nfc_device_desc_t* pndd)
// Add the firmware revision to the device name, PN531 gives 2 bytes info, but PN532 gives 4
switch(pnd->nc)
{
case NC_PN531: sprintf(pnd->acName,"%s - PN531 v%d.%d",pnd->acName,abtFw[0],abtFw[1]); break;
case NC_PN532: sprintf(pnd->acName,"%s - PN532 v%d.%d (0x%02x)",pnd->acName,abtFw[1],abtFw[2],abtFw[3]); break;
case NC_PN533: sprintf(pnd->acName,"%s - PN533 v%d.%d (0x%02x)",pnd->acName,abtFw[1],abtFw[2],abtFw[3]); break;
case NC_PN531: snprintf(pnd->acName,DEVICE_NAME_LENGTH - 1,"%s - PN531 v%d.%d",pnd->acName,abtFw[0],abtFw[1]); break;
case NC_PN532: snprintf(pnd->acName,DEVICE_NAME_LENGTH - 1,"%s - PN532 v%d.%d (0x%02x)",pnd->acName,abtFw[1],abtFw[2],abtFw[3]); break;
case NC_PN533: snprintf(pnd->acName,DEVICE_NAME_LENGTH - 1,"%s - PN533 v%d.%d (0x%02x)",pnd->acName,abtFw[1],abtFw[2],abtFw[3]); break;
}
// Reset the ending transmission bits register, it is unknown what the last tranmission used there