//Get Decrypted License
if ((ret = TADC_GetResponseRO((unsigned char *)pRespBuf, pt_ROAcqInfo, &t_RO,
- (unsigned char *)pDecLicenseBuf)) < 0) {
+ (unsigned char *)pDecLicenseBuf, *decLicenseBufLen)) < 0) {
DrmTdcDHInfoFree(idx); //2010.02.26
DRM_TAPPS_EXCEPTION("TADC_GetResponseRO! Ret[%x]", ret);
return TADC_GET_RORES_INFO_ERROR;
}
int TADC_GetResponseRO(unsigned char *inBuffer, T_ROACQ_INFO *t_ROAcqInfo,
- T_RO *t_RO, unsigned char *outBuffer)
+ T_RO *t_RO, unsigned char *outBuffer, unsigned int outBufferLen)
{
int nHMacSize = 28; // Base64 Enc length of SHA1 20byte
TADC_U8 sha1_tmp[20] = {0, };
IF_TRUE_RETURN(t_RO == NULL, TADC_PARAMETER_ERROR);
nSize = TADC_IF_StrLen((char *)inBuffer);
- IF_TRUE_RETURN(nSize <= 40 || nSize > RESP_MAXSIZE, TADC_PARAMETER_ERROR);
+ IF_TRUE_RETURN(nSize <= 40 || nSize > RESP_MAXSIZE || nSize >= (int)outBufferLen, TADC_PARAMETER_ERROR);
IF_TRUE_RETURN(t_ROAcqInfo->t_DHInfo.pSize <= 0 ||
t_ROAcqInfo->t_DHInfo.pSize > DHKey_SIZE, TADC_PARAMETER_ERROR);
int TADC_MakeRequestRO(T_ROACQ_INFO *t_ROAcqInfo, unsigned char *outBuffer,
size_t outBufferSize, unsigned char *ROVer = NULL);
int TADC_GetResponseRO(unsigned char *inBuffer, T_ROACQ_INFO *t_ROAcqInfo,
- T_RO *t_RO, unsigned char *outBuffer);
+ T_RO *t_RO, unsigned char *outBuffer, unsigned int outBufferLen);
int TADC_GetResponseROInfo(LPBYTE pszXML, T_RO *t_RO);
int TADC_GetHashReqID(unsigned char *inBuffer, unsigned char *hashReqID);
int TADC_GetCEK(T_DEVICE_INFO *t_DeviceInfo, T_RO *t_RODB,