-
-
Notifications
You must be signed in to change notification settings - Fork 693
Apps: PicoPass: Fix crash on save with 23+ character default name #487
Comments
I am having the same issue I even deleted the apps folder and reflashed the latest stable update to make sure it was not something from the original updat flash. |
you seem to be correct here the text input result is copied into the device name buffer (23 chars) using the length of the source text (up to 129 chars), not destination bounds previously here the text input was given a max of 22 characters this copying wouldn't be too big of an issue if we know for certain that the text buffer will not be longer than the device name buffer. however giving the text input a max length only prevents from adding more after that, instead if the text store already contained more than the maximum length, the limit on the text input is useless. and in fact, previously the default name was generated with the automatic default generator, using the text buffer size of 129 maximum characters im not sure if this problem did not come up previously because on other firmware the default names happen to be shorter than 23 characters, but putting the correct max length on the generator would have fixed this, although cutting off the default timestamp name. rather @bettse i was thinking that increasing the max name length for picopass devices would be a better solution. i see it is set with EDIT: not sure why github decided to not embed the code snippets, kinda rude lol. i think it doesnt do it across repositories |
i have pushed e06837d (update from apps submodule) which should hopefully resolve the issue. let me know if it causes other weird behavior |
I see no problem. CC me on the PR and I'll 👍 |
Describe the bug.
The flipper zero Xtreme FW crashes if I scan an NFC HID iClass (picopass) card, and when it prompts to save the scanned profile with the default name (name+date), it crashes and reboot, however, if I rename it to something else before saving, nothing happens, so it must be the name crashes it with memory buffer overflow or similar.
Reproduction
Target
XFW-0052
Logs
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: