From 1857482617051cd48c439278cfd1cfb9dede93e3 Mon Sep 17 00:00:00 2001
From: merlokk <olegmas@gmail.com>
Date: Sun, 27 Jan 2019 00:01:04 +0200
Subject: [PATCH] add some len check

---
 targets/stm32l432/src/nfc.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/targets/stm32l432/src/nfc.c b/targets/stm32l432/src/nfc.c
index f8bd7fd..5139218 100644
--- a/targets/stm32l432/src/nfc.c
+++ b/targets/stm32l432/src/nfc.c
@@ -352,6 +352,13 @@ void nfc_process_iblock(uint8_t * buf, int len)
         case APDU_FIDO_U2F_AUTHENTICATE:
 			printf1(TAG_NFC, "U2F Authenticate command.\r\n");
 			
+			if (plen != 1 + 64 + 1 + buf[65])
+			{
+				printf1(TAG_NFC, "U2F Authenticate request length error. len=%d keyhlen=%d.\r\n", plen, buf[65]);
+				nfc_write_response(buf[0], SW_WRONG_LENGTH);
+				return;
+			}
+			
 			nfc_write_response(buf[0], SW_COND_USE_NOT_SATISFIED);
         break;