From b8bbc1d0a5faa5dd6775e4c44edbcf651b106d96 Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Mon, 6 Apr 2020 07:29:12 +0200
Subject: [PATCH] filename checks

---
 client/cmdhflegic.c | 22 ++++++++++------------
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/client/cmdhflegic.c b/client/cmdhflegic.c
index 1e06aba8a..c6de1379d 100644
--- a/client/cmdhflegic.c
+++ b/client/cmdhflegic.c
@@ -1031,12 +1031,11 @@ static int CmdLegicRestore(const char *Cmd) {
                 break;
             }
             case 'f': {
-                int len = param_getstr(Cmd, cmdp + 1, filename, FILE_PATH_SIZE);
-                if (!len)
-                    errors = true;
-                else
-                    have_filename = true;
-
+                if (param_getstr(Cmd, cmdp + 1, filename, FILE_PATH_SIZE) >= FILE_PATH_SIZE) {
+                    PrintAndLogEx(FAILED, "Filename too long");
+                    break;
+                }
+                have_filename = true;
                 cmdp += 2;
                 break;
             }
@@ -1147,12 +1146,11 @@ static int CmdLegicELoad(const char *Cmd) {
                 return usage_legic_eload();
             }
             case 'f' : {
-                int len = param_getstr(Cmd, cmdp + 1, filename, FILE_PATH_SIZE);
-                if (!len)
-                    errors = true;
-                else
-                    have_filename = true;
-
+                if (param_getstr(Cmd, cmdp + 1, filename, FILE_PATH_SIZE) >= FILE_PATH_SIZE) {
+                    PrintAndLogEx(FAILED, "Filename too long");
+                    break;
+                }
+                have_filename = true;
                 cmdp += 2;
                 break;
             }