This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

t4t_lib NFC NDEF Malformed/Overflow Check?

pctj101 over 8 years ago

I'm concerned about users writing too much or invalid NDEF data to the NFC function.

This could result in parse errors or buffer overflows leading to system crashes/malfunction.

Since the t4t_lib is closed source, by any chance, are these conditions at least checked internally at Nordic?

0 Jørgen Holmefjord over 8 years ago

Hi,

The NFC type 4 tag library checks for NULL-pointers and data length (<=0xFFF0U), but does not do any NDEF correctness checks. If you are using custom NDEF data, the reader might fail if NDEF data is not consistent. You should implement NDEF correctness checks yourself, if using custom NDEF data. You can use the NDEF libraries in the SDK for this purpose:

NFC Data Exchange Format library have NDEF message generating and parsing capabilities.

Best regards,

Jørgen
0 pctj101 over 8 years ago in reply to Jørgen Holmefjord

Thanks, that's helpful.
0 pctj101 over 8 years ago in reply to Jørgen Holmefjord

It seems that FFF0 is about 64k, which is nearly all the RAM in the NRF52832. So I'm looking for a way to safely further restrict the bounds checking.

Do you happen to know if this following command will further restrict valid data length? ret_code_t nfc_t4t_ndef_rwpayload_set(uint8_t * p_emulation_buffer, size_t buffer_length);

Or is it safe to assume that a buffer overflow beyond "buffer_length" could occur at any time?
0 Jørgen Holmefjord over 8 years ago in reply to Jørgen Holmefjord

In nfc_t4t_ndef_rwpayload_set, the buffer_length parameter sets the maximum writable NDEF payload size. In case a Reader/Writer wants wo write an NDEF message that exceeds the buffer size, it will be rejected by the library and not cause buffer overflow.
0 pctj101 over 8 years ago in reply to Jørgen Holmefjord

Thanks a bunch Jørgen! That clears things up perfectly!