Google Git
Sign in
android / platform / hardware / st / secure_element / refs/tags/aml_tz5_341510070^1..refs/tags/aml_tz5_341510070 / .
commitebd81349d0ab25fab13af15b8fe6cb6031f625b2[log] [tgz]
authorAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Wed May 10 16:26:08 2023 +0000
committerAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Wed May 10 16:26:08 2023 +0000
tree45431ceae30cc769bf3342200d6ee9485fe7df09
parent3162412eb8f33660d71d38249b3a708b50159301 [diff]
parent18c6601b16ecfe81c592368f9342ec111c238d65 [diff]
Snap for 10103804 from 18c6601b16ecfe81c592368f9342ec111c238d65 to mainline-tzdata5-release

Change-Id: I3bf354fdfb5fe7300395b440fcfd5651ac2a5678

diff --git a/1.0/SecureElement.cpp b/1.0/SecureElement.cpp
index a1bb997..7a71738 100644
--- a/1.0/SecureElement.cpp
+++ b/1.0/SecureElement.cpp

@@ -157,6 +157,13 @@
   memset(&resApduBuff, 0x00, sizeof(resApduBuff));
   STLOG_HAL_D("%s: Enter", __func__);
 
+  if (aid.size() > 16) {
+    STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+    _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+    OpenLogicalChannelProcessing = false;
+    return Void();
+  }
+
   if (!isSeInitialized()) {
     STLOG_HAL_D("%s: Enter SeInitialized", __func__);
     ESESTATUS status = seHalInit();
@@ -308,6 +315,13 @@
   OpenBasicChannelProcessing = true;
   STLOG_HAL_D("%s: Enter", __func__);
 
+  if (aid.size() > 16) {
+    STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+    _hidl_cb(result, SecureElementStatus::FAILED);
+    OpenBasicChannelProcessing = false;
+    return Void();
+  }
+
   if (!isSeInitialized()) {
     ESESTATUS status = seHalInit();
     if (status != ESESTATUS_SUCCESS) {

diff --git a/1.1/SecureElement.cpp b/1.1/SecureElement.cpp
index ba8c3b2..34b7e30 100644
--- a/1.1/SecureElement.cpp
+++ b/1.1/SecureElement.cpp

@@ -158,6 +158,13 @@
   memset(&resApduBuff, 0x00, sizeof(resApduBuff));
   STLOG_HAL_D("%s: Enter", __func__);
 
+  if (aid.size() > 16) {
+    STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+    _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+    OpenLogicalChannelProcessing = false;
+    return Void();
+  }
+
   if (!isSeInitialized()) {
     STLOG_HAL_D("%s: Enter SeInitialized", __func__);
     ESESTATUS status = seHalInit();
@@ -297,6 +304,13 @@
   OpenBasicChannelProcessing = true;
   STLOG_HAL_D("%s: Enter", __func__);
 
+  if (aid.size() > 16) {
+    STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+    _hidl_cb(result, SecureElementStatus::FAILED);
+    OpenBasicChannelProcessing = false;
+    return Void();
+  }
+
   if (!isSeInitialized()) {
     ESESTATUS status = seHalInit();
     if (status != ESESTATUS_SUCCESS) {

diff --git a/1.2/SecureElement.cpp b/1.2/SecureElement.cpp
index b8b020f..222f41e 100644
--- a/1.2/SecureElement.cpp
+++ b/1.2/SecureElement.cpp

@@ -163,6 +163,13 @@
   memset(&resApduBuff, 0x00, sizeof(resApduBuff));
   STLOG_HAL_D("%s: Enter", __func__);
 
+  if (aid.size() > 16) {
+    STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+    _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+    OpenLogicalChannelProcessing = false;
+    return Void();
+  }
+
   if (!isSeInitialized()) {
     STLOG_HAL_D("%s: Enter SeInitialized", __func__);
     ESESTATUS status = seHalInit();
@@ -302,6 +309,13 @@
   OpenBasicChannelProcessing = true;
   STLOG_HAL_D("%s: Enter", __func__);
 
+  if (aid.size() > 16) {
+    STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+    _hidl_cb(result, SecureElementStatus::FAILED);
+    OpenBasicChannelProcessing = false;
+    return Void();
+  }
+
   if (!isSeInitialized()) {
     ESESTATUS status = seHalInit();
     if (status != ESESTATUS_SUCCESS) {