From: Dean Camera <dean@fourwalledcubicle.com>
Date: Sat, 19 Jun 2021 07:37:55 +0000 (+1000)
Subject: CCID Low Level Demo: Add missing request length check.
X-Git-Url: http://git.linex4red.de/pub/lufa.git/commitdiff_plain/d6ba0495901f8c1a23c42699ff06490e83f8aa65

CCID Low Level Demo: Add missing request length check.
---

diff --git a/Demos/Device/LowLevel/CCID/CCID.c b/Demos/Device/LowLevel/CCID/CCID.c
index a4e83ff8a..c21462df4 100644
--- a/Demos/Device/LowLevel/CCID/CCID.c
+++ b/Demos/Device/LowLevel/CCID/CCID.c
@@ -563,6 +563,9 @@ void CCID_Task(void)
 				(void)Bwi;
 				(void)LevelParameter;
 
+				if (CCIDHeader.Length * sizeof(uint8_t) > sizeof(RequestBuffer))
+					break;
+
 				Endpoint_Read_Stream_LE(RequestBuffer, CCIDHeader.Length * sizeof(uint8_t), NULL);
 
 				uint8_t  ResponseDataLength = 0;
diff --git a/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c b/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c
index 57d397bdb..d2801280c 100644
--- a/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c
+++ b/LUFA/Drivers/USB/Class/Device/CCIDClassDevice.c
@@ -249,7 +249,6 @@ void CCID_Device_USBTask(USB_ClassInfo_CCID_Device_t* const CCIDInterfaceInfo)
 				{
 					if (CCIDHeader.Length * sizeof(uint8_t) == sizeof(USB_CCID_ProtocolData_T0_t))
 					{
-
 						Endpoint_Read_Stream_LE(RequestBuffer, CCIDHeader.Length * sizeof(uint8_t), NULL);
 						Status = CALLBACK_CCID_SetParameters_T0(CCIDInterfaceInfo, CCIDHeader.Slot, &Error, (USB_CCID_ProtocolData_T0_t*) RequestBuffer);
 						if (CCID_CheckStatusNoError(Status))