Bug report with NFC03A1
We are using the NFC03A1 board with Nucleo F103RB.
In the function :
int8_t PCD_ProtocolSelect(const uint8_t Length,const uint8_t Protocol,const uint8_t *Parameters,uint8_t *pResponse)
There is a buffer DataToSend[SELECT_BUFFER_SIZE] where SELECT_BUFFER_SIZE is 6.
Then we fit the buffer with datas depending on the Lenght argument... until '3 + Length - 1'
In the function : ISO14443A_ConfigFDTforAnticollision(), we can read :
if( IcVers >= QJE)
NbParam = 6; else NbParam = 4; status = PCD_ProtocolSelect((NbParam+1),PCD_PROTOCOL_ISO14443A,ProtocolSelectParameters,pDataRead);... and we got a buffer overflow!
We solved the problem with :
&sharpdefine SELECT_BUFFER_SIZE 10
#nfc03a1