From 0119e13ff31007ca473a02f334f1897412ebb37b Mon Sep 17 00:00:00 2001
From: Uli Heilmeier <uh@heilmeier.eu>
Date: Fri, 10 May 2019 14:50:09 +0200
Subject: [PATCH] client/comms.c: fix buffer overflow

Don't copy more bytes into pm3_capabilities as its size.

Fix: RfidResearchGroup/proxmark3#189
---
 client/comms.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/comms.c b/client/comms.c
index 764b70089..187761ae0 100644
--- a/client/comms.c
+++ b/client/comms.c
@@ -613,7 +613,7 @@ int TestProxmark(void) {
 
         SendCommandNG(CMD_CAPABILITIES, NULL, 0);
         if (WaitForResponseTimeoutW(CMD_CAPABILITIES, &resp, 1000, false)) {
-            memcpy(&pm3_capabilities, resp.data.asBytes, resp.length);
+            memcpy(&pm3_capabilities, resp.data.asBytes, MIN(sizeof(capabilities_t), resp.length));
             conn.send_via_fpc_usart = pm3_capabilities.via_fpc;
             conn.uart_speed = pm3_capabilities.baudrate;
             PrintAndLogEx(INFO, "Communicating with PM3 over %s", conn.send_via_fpc_usart ? _YELLOW_("FPC UART") : _YELLOW_("USB-CDC"));