fdo-mirrors/libfprint
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/libfprint/libfprint.git synced 2026-06-16 13:58:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

egis_etu905: Sanitize print data parsing

Browse source
This commit is contained in:
Marco Trevisan (Treviño) 2026-06-08 13:47:41 +02:00
parent 65c3dcb1eb
commit 5b51f9c8cc
1 changed files with 17 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
libfprint/drivers/egismoc/egis_etu905.c
View file

@ -318,7 +318,7 @@ static guint16
egis_etu905_get_check_bytes (FpiByteReader *reader)
{
fp_dbg ("Get check bytes");
size_t sum_values = 0;
guint64 sum_values = 0;
guint16 val;
fpi_byte_reader_set_pos (reader, 0);
@ -562,8 +562,6 @@ egis_etu905_get_delete_cmd (FpDevice *device,
const guchar *print_data_id = NULL;
gsize print_data_id_len = 0;
g_autofree gchar *print_description = NULL;
g_autofree guchar *enrolled_print_id = NULL;
g_autofree guchar *result = NULL;
gboolean written = TRUE;
/*
@ -639,7 +637,8 @@ egis_etu905_get_delete_cmd (FpDevice *device,
g_object_get (delete_print, "description", &print_description, NULL);
g_object_get (delete_print, "fpi-data", &print_data, NULL);
if (!g_variant_check_format_string (print_data, "(@ay)", FALSE))
if (!print_data ||
!g_variant_check_format_string (print_data, "(@ay)", FALSE))
{
fpi_ssm_mark_failed (self->task_ssm,
fpi_device_error_new (FP_DEVICE_ERROR_DATA_INVALID));
@ -650,11 +649,21 @@ egis_etu905_get_delete_cmd (FpDevice *device,
print_data_id = g_variant_get_fixed_array (print_data_id_var,
&print_data_id_len, sizeof (guchar));
if (!g_str_has_prefix (print_description, "FP"))
fp_dbg ("Fingerprint '%s' was not created by libfprint; deleting anyway.",
print_description);
if (print_data_id_len != EGIS_ETU905_FINGERPRINT_DATA_SIZE)
{
fpi_ssm_mark_failed (self->task_ssm,
fpi_device_error_new_msg (FP_DEVICE_ERROR_DATA_INVALID,
"Stored print id has "
"unexpected length %zu",
print_data_id_len));
return NULL;
}
fp_info ("Delete fingerprint %s", print_description);
if (!print_description || !g_str_has_prefix (print_description, "FP"))
fp_dbg ("Fingerprint '%s' was not created by libfprint; deleting anyway.",
print_description ? print_description : "(null)");
fp_info ("Delete fingerprint %s", print_description ? print_description : "(null)");
written &= fpi_byte_writer_put_data (&writer, print_data_id,
EGIS_ETU905_FINGERPRINT_DATA_SIZE);