Snap for 10103804 from 18c6601b16ecfe81c592368f9342ec111c238d65 to mainline-tzdata5-release
Change-Id: I3bf354fdfb5fe7300395b440fcfd5651ac2a5678
diff --git a/1.0/SecureElement.cpp b/1.0/SecureElement.cpp
index a1bb997..7a71738 100644
--- a/1.0/SecureElement.cpp
+++ b/1.0/SecureElement.cpp
@@ -157,6 +157,13 @@
memset(&resApduBuff, 0x00, sizeof(resApduBuff));
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+ OpenLogicalChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
STLOG_HAL_D("%s: Enter SeInitialized", __func__);
ESESTATUS status = seHalInit();
@@ -308,6 +315,13 @@
OpenBasicChannelProcessing = true;
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(result, SecureElementStatus::FAILED);
+ OpenBasicChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
ESESTATUS status = seHalInit();
if (status != ESESTATUS_SUCCESS) {
diff --git a/1.1/SecureElement.cpp b/1.1/SecureElement.cpp
index ba8c3b2..34b7e30 100644
--- a/1.1/SecureElement.cpp
+++ b/1.1/SecureElement.cpp
@@ -158,6 +158,13 @@
memset(&resApduBuff, 0x00, sizeof(resApduBuff));
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+ OpenLogicalChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
STLOG_HAL_D("%s: Enter SeInitialized", __func__);
ESESTATUS status = seHalInit();
@@ -297,6 +304,13 @@
OpenBasicChannelProcessing = true;
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(result, SecureElementStatus::FAILED);
+ OpenBasicChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
ESESTATUS status = seHalInit();
if (status != ESESTATUS_SUCCESS) {
diff --git a/1.2/SecureElement.cpp b/1.2/SecureElement.cpp
index b8b020f..222f41e 100644
--- a/1.2/SecureElement.cpp
+++ b/1.2/SecureElement.cpp
@@ -163,6 +163,13 @@
memset(&resApduBuff, 0x00, sizeof(resApduBuff));
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+ OpenLogicalChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
STLOG_HAL_D("%s: Enter SeInitialized", __func__);
ESESTATUS status = seHalInit();
@@ -302,6 +309,13 @@
OpenBasicChannelProcessing = true;
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(result, SecureElementStatus::FAILED);
+ OpenBasicChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
ESESTATUS status = seHalInit();
if (status != ESESTATUS_SUCCESS) {