CCID Low Level Demo: Add missing request length check.

diff --git a/Demos/Device/LowLevel/CCID/CCID.c b/Demos/Device/LowLevel/CCID/CCID.c
index a4e83ff..c21462d 100644 (file)
--- a/Demos/Device/LowLevel/CCID/CCID.c
+++ b/Demos/Device/LowLevel/CCID/CCID.c
@@ -563,6 +563,9 @@ void CCID_Task(void)
                                (void)Bwi;
                                (void)LevelParameter;
 
+                               if (CCIDHeader.Length * sizeof(uint8_t) > sizeof(RequestBuffer))
+                                       break;
+
                                Endpoint_Read_Stream_LE(RequestBuffer, CCIDHeader.Length * sizeof(uint8_t), NULL);
 
                                uint8_t  ResponseDataLength = 0;

diff --git a/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c b/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c
index 57d397b..d280128 100644 (file)
--- a/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c
+++ b/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c
@@ -249,7 +249,6 @@ void CCID_Device_USBTask(USB_ClassInfo_CCID_Device_t* const CCIDInterfaceInfo)
                                {
                                        if (CCIDHeader.Length * sizeof(uint8_t) == sizeof(USB_CCID_ProtocolData_T0_t))
                                        {
-
                                                Endpoint_Read_Stream_LE(RequestBuffer, CCIDHeader.Length * sizeof(uint8_t), NULL);
                                                Status = CALLBACK_CCID_SetParameters_T0(CCIDInterfaceInfo, CCIDHeader.Slot, &Error, (USB_CCID_ProtocolData_T0_t*) RequestBuffer);
                                                if (CCID_CheckStatusNoError(Status))