The NFC Forum's Record Type Definition (RTD) Technical Specification
version 1.0, section 3.4 (RTD Type Names Requirements) specifies that
RTD type name encodings MUST be done according to the ASCII chart in
Appendix A (Character Set for Record Types). Enforce this by checking
that all of the RTD type name encodings are valid before determining
their type. Conveniently, isprint() does the correct checking.
Signed-off-by: Mark Greer <mgreer@xxxxxxxxxxxxxxx>
---
src/ndef.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/ndef.c b/src/ndef.c
index 03d6b13..7a3c76b 100644
--- a/src/ndef.c
+++ b/src/ndef.c
@@ -27,6 +27,7 @@
#include <stdlib.h>
#include <errno.h>
#include <string.h>
+#include <ctype.h>
#include <glib.h>
@@ -881,6 +882,8 @@ static enum record_type get_external_record_type(uint8_t *type,
static enum record_type get_record_type(enum record_tnf tnf,
uint8_t *type, size_t type_length)
{
+ unsigned int i;
+
DBG("");
switch (tnf) {
@@ -891,6 +894,10 @@ static enum record_type get_record_type(enum record_tnf tnf,
break;
case RECORD_TNF_WELLKNOWN:
+ for (i = 0; i < type_length; i++)
+ if (!isprint(type[i]))
+ return RECORD_TYPE_ERROR;
+
if (type_length == 1) {
if (type[0] == 'T')
return RECORD_TYPE_WKT_TEXT;
--
2.13.0
