From ecd324dd1cc1d25ccbdada9329cd1a573ea71bcb Mon Sep 17 00:00:00 2001
From: Astra <93453568+Astrrra@users.noreply.github.com>
Date: Mon, 17 Jun 2024 22:18:53 +0900
Subject: [PATCH] [FL-3856] Don't crash on reading weird cards (#3717)

* Don't crash on reading weird cards
* mf plus: fix incorrect read fail event handler

Co-authored-by: gornekich <n.gorbadey@gmail.com>
---
 .../main/nfc/helpers/protocol_support/mf_plus/mf_plus.c   | 3 +--
 lib/nfc/protocols/mf_plus/mf_plus_i.c                     | 8 +++++++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/applications/main/nfc/helpers/protocol_support/mf_plus/mf_plus.c b/applications/main/nfc/helpers/protocol_support/mf_plus/mf_plus.c
index eebed2a8d..eb2299cb5 100644
--- a/applications/main/nfc/helpers/protocol_support/mf_plus/mf_plus.c
+++ b/applications/main/nfc/helpers/protocol_support/mf_plus/mf_plus.c
@@ -41,8 +41,7 @@ static NfcCommand nfc_scene_read_poller_callback_mf_plus(NfcGenericEvent event,
         view_dispatcher_send_custom_event(instance->view_dispatcher, NfcCustomEventPollerSuccess);
         command = NfcCommandStop;
     } else if(mf_plus_event->type == MfPlusPollerEventTypeReadFailed) {
-        view_dispatcher_send_custom_event(instance->view_dispatcher, NfcCustomEventPollerFailure);
-        command = NfcCommandStop;
+        command = NfcCommandReset;
     }
 
     return command;
diff --git a/lib/nfc/protocols/mf_plus/mf_plus_i.c b/lib/nfc/protocols/mf_plus/mf_plus_i.c
index d5fe5be82..13bf8c5d8 100644
--- a/lib/nfc/protocols/mf_plus/mf_plus_i.c
+++ b/lib/nfc/protocols/mf_plus/mf_plus_i.c
@@ -4,13 +4,15 @@
     MF_PLUS_FFF_PICC_PREFIX " " \
                             "Version"
 
+#define MF_PLUS_T1_TK_VALUE_LEN 7
+
 #define MF_PLUS_FFF_SECURITY_LEVEL_KEY "Security Level"
 #define MF_PLUS_FFF_CARD_TYPE_KEY "Card Type"
 #define MF_PLUS_FFF_MEMORY_SIZE_KEY "Memory Size"
 
 #define TAG "MfPlus"
 
-const uint8_t mf_plus_ats_t1_tk_values[][7] = {
+const uint8_t mf_plus_ats_t1_tk_values[][MF_PLUS_T1_TK_VALUE_LEN] = {
     {0xC1, 0x05, 0x2F, 0x2F, 0x00, 0x35, 0xC7}, // Mifare Plus S
     {0xC1, 0x05, 0x2F, 0x2F, 0x01, 0xBC, 0xD6}, // Mifare Plus X
     {0xC1, 0x05, 0x2F, 0x2F, 0x00, 0xF6, 0xD1}, // Mifare Plus SE
@@ -97,6 +99,10 @@ MfPlusError
 
     MfPlusError error = MfPlusErrorProtocol;
 
+    if(simple_array_get_count(iso4_data->ats_data.t1_tk) != MF_PLUS_T1_TK_VALUE_LEN) {
+        return MfPlusErrorProtocol;
+    }
+
     switch(iso4_data->iso14443_3a_data->sak) {
     case 0x08:
         if(memcmp(