From 5b905fe47fafe70d755010ac8377bc85d1d96f81 Mon Sep 17 00:00:00 2001
From: Charles-Edouard de la Vergne <charles-edouard.delavergne@ledger.fr>
Date: Fri, 12 Apr 2024 09:32:16 +0200
Subject: [PATCH] fix potential oob writes

---
 src_common/common_utils.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src_common/common_utils.c b/src_common/common_utils.c
index 240f2f2..44d31ba 100644
--- a/src_common/common_utils.c
+++ b/src_common/common_utils.c
@@ -199,8 +199,11 @@ bool amountToString(const uint8_t *amount,
     uint8_t amount_len = strnlen(tmp_buffer, sizeof(tmp_buffer));
     uint8_t ticker_len = strnlen(ticker, MAX_TICKER_LEN);
 
-    memcpy(out_buffer, ticker, MIN(out_buffer_size, ticker_len));
     if (ticker_len > 0) {
+        if (out_buffer_size <= ticker_len + 1) {
+            return false;
+        }
+        memcpy(out_buffer, ticker, ticker_len);
         out_buffer[ticker_len++] = ' ';
     }