From 1e5e970fd13b5855389a4f6c37fc4e00465eb153 Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Fri, 3 Dec 2021 17:19:20 +0100 Subject: [PATCH] fix(legacy/firmware): improve pin length bound check --- legacy/firmware/config.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/legacy/firmware/config.c b/legacy/firmware/config.c index 570f7f005..4a41232c7 100644 --- a/legacy/firmware/config.c +++ b/legacy/firmware/config.c @@ -318,8 +318,10 @@ static secbool config_upgrade_v10(void) { storage_init(NULL, HW_ENTROPY_DATA, HW_ENTROPY_LEN); storage_unlock(PIN_EMPTY, PIN_EMPTY_LEN, NULL); if (config.has_pin) { + size_t pin_len = + MIN(strnlen(config.pin, sizeof(config.pin)), (size_t)MAX_PIN_LEN); storage_change_pin(PIN_EMPTY, PIN_EMPTY_LEN, (const uint8_t *)config.pin, - strnlen(config.pin, MAX_PIN_LEN), NULL, NULL); + pin_len, NULL, NULL); } while (pin_wait != 0) {