Merge branch 'dev/11/fp3/security-aosp-rvc-release' into int/11/fp3
* dev/11/fp3/security-aosp-rvc-release:
OOBR in AnalyzeMfcResp in NxpMfcReader.cc
Change-Id: I9a9a11d6da11a31b9e80b402e44ed93d7dae6ee5
diff --git a/halimpl/mifare/NxpMfcReader.cc b/halimpl/mifare/NxpMfcReader.cc
index d5e2f74..de3b966 100644
--- a/halimpl/mifare/NxpMfcReader.cc
+++ b/halimpl/mifare/NxpMfcReader.cc
@@ -350,6 +350,10 @@
} break;
case eMfcAuthRsp: {
+ if (*pBufflen < 2) {
+ status = NFCSTATUS_FAILED;
+ break;
+ }
/* check the status byte */
if (NFCSTATUS_SUCCESS == pBuff[1]) {
status = NFCSTATUS_SUCCESS;