Snap for 9929149 from 572566f562ad6070b803666627068f3eb255028e to tm-qpr3-release
Change-Id: I5d83206b5e87666ab4b07efbbf3d18402b92541d
diff --git a/1.0/SecureElement.cpp b/1.0/SecureElement.cpp
index a1bb997..7a71738 100644
--- a/1.0/SecureElement.cpp
+++ b/1.0/SecureElement.cpp
@@ -157,6 +157,13 @@
memset(&resApduBuff, 0x00, sizeof(resApduBuff));
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+ OpenLogicalChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
STLOG_HAL_D("%s: Enter SeInitialized", __func__);
ESESTATUS status = seHalInit();
@@ -308,6 +315,13 @@
OpenBasicChannelProcessing = true;
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(result, SecureElementStatus::FAILED);
+ OpenBasicChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
ESESTATUS status = seHalInit();
if (status != ESESTATUS_SUCCESS) {
diff --git a/1.1/SecureElement.cpp b/1.1/SecureElement.cpp
index ba8c3b2..34b7e30 100644
--- a/1.1/SecureElement.cpp
+++ b/1.1/SecureElement.cpp
@@ -158,6 +158,13 @@
memset(&resApduBuff, 0x00, sizeof(resApduBuff));
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+ OpenLogicalChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
STLOG_HAL_D("%s: Enter SeInitialized", __func__);
ESESTATUS status = seHalInit();
@@ -297,6 +304,13 @@
OpenBasicChannelProcessing = true;
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(result, SecureElementStatus::FAILED);
+ OpenBasicChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
ESESTATUS status = seHalInit();
if (status != ESESTATUS_SUCCESS) {
diff --git a/1.2/SecureElement.cpp b/1.2/SecureElement.cpp
index b8b020f..222f41e 100644
--- a/1.2/SecureElement.cpp
+++ b/1.2/SecureElement.cpp
@@ -163,6 +163,13 @@
memset(&resApduBuff, 0x00, sizeof(resApduBuff));
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(resApduBuff, SecureElementStatus::FAILED);
+ OpenLogicalChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
STLOG_HAL_D("%s: Enter SeInitialized", __func__);
ESESTATUS status = seHalInit();
@@ -302,6 +309,13 @@
OpenBasicChannelProcessing = true;
STLOG_HAL_D("%s: Enter", __func__);
+ if (aid.size() > 16) {
+ STLOG_HAL_E("%s: Invalid AID size: %u", __func__, (unsigned)aid.size());
+ _hidl_cb(result, SecureElementStatus::FAILED);
+ OpenBasicChannelProcessing = false;
+ return Void();
+ }
+
if (!isSeInitialized()) {
ESESTATUS status = seHalInit();
if (status != ESESTATUS_SUCCESS) {