From 9a0572e8e44d8262626816088536136cd2e850a8 Mon Sep 17 00:00:00 2001
From: just_stuff_tm <133525672+just-stuff-tm@users.noreply.github.com>
Date: Mon, 2 Mar 2026 02:46:50 -0500
Subject: [PATCH] Add payload length validation in USB frame decoder

---
 lib/services/usb_serial_frame_codec.dart | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/services/usb_serial_frame_codec.dart b/lib/services/usb_serial_frame_codec.dart
index f2ddbb64..eb4c41e9 100644
--- a/lib/services/usb_serial_frame_codec.dart
+++ b/lib/services/usb_serial_frame_codec.dart
@@ -3,6 +3,7 @@ import 'dart:typed_data';
 const int usbSerialTxFrameStart = 0x3c;
 const int usbSerialRxFrameStart = 0x3e;
 const int usbSerialHeaderLength = 3;
+const int usbSerialMaxPayloadLength = 172;
 
 Uint8List wrapUsbSerialTxFrame(Uint8List payload) {
   final packet = Uint8List(usbSerialHeaderLength + payload.length);
@@ -59,6 +60,11 @@ class UsbSerialFrameDecoder {
 
       final payloadLength =
           _rxBuffer[_startIndex + 1] | (_rxBuffer[_startIndex + 2] << 8);
+      if (payloadLength > usbSerialMaxPayloadLength) {
+        _startIndex++;
+        _compactBufferIfNeeded();
+        continue;
+      }
       final packetLength = usbSerialHeaderLength + payloadLength;
       if (availableLength < packetLength) {
         _compactBufferIfNeeded(force: true);