From cbd9a5d296a847fb39039e0cc0c6a362913b1821 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Sun, 27 Oct 2024 01:24:36 +0200
Subject: [PATCH] Add sanitize check.

Only pages 0 and 1 are allowed for reading.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/hsm/cmd_extras.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/hsm/cmd_extras.c b/src/hsm/cmd_extras.c
index be01e54..9c90cdd 100644
--- a/src/hsm/cmd_extras.c
+++ b/src/hsm/cmd_extras.c
@@ -261,6 +261,9 @@ int cmd_extras() {
         }
         uint16_t row = (apdu.data[0] << 8) | apdu.data[1];
         if (apdu.nc == 2) {
+            if (row > 0xbf) {
+                return SW_WRONG_DATA();
+            }
             memcpy(res_APDU, otp_buffer(row), apdu.ne);
             res_APDU_size = apdu.ne;
         }