fix(nfc): bounds-check slicing flagged by clippy::indexing_slicing

AlfioEmanueleFresta · AlfioEmanueleFresta · commit 491c25b95fc3 · 2026-05-10T21:39:34.000+01:00
The NFC backend (gated behind the `nfc`/`pcsc`/`libnfc` features) was
not exercised by the default `cargo build`, so the lint enabled in
the previous commits did not surface there. CI's
`cargo clippy --all-targets --all-features` flags 5 sites:

- `channel::NfcChannel::handle`: replace `&amp;buf[..len]` (returned by
  `handle_in_ctx` into a fixed 1024-byte buffer) with `buf.get(..len)`
  and surface `HandleError::NotEnoughBuffer` if a backend overruns.
- `channel::NfcChannel::cbor_send`: replace the `&amp;rest[..250]` /
  `&amp;rest[250..]` chunking with `rest.split_at(250)`; the
  `rest.len() &gt; 250` loop predicate keeps this panic-safe.
- `libnfc::Channel::connect_to_target`: replace
  `&amp;modulations[modulations.len() - 1]` with `.last()`, returning
  `TransportUnavailable` if the device reports no supported baud rates.
diff --git a/libwebauthn/src/transport/nfc/channel.rs b/libwebauthn/src/transport/nfc/channel.rs
@@ -186,7 +186,8 @@ where
         let mut rapdu = Vec::new();
 
         let len = self.handle_in_ctx(ctx, &command_buf, &mut buf)?;
-        let mut resp = Response::from(&buf[..len]);
+        let resp_bytes = buf.get(..len).ok_or(HandleError::NotEnoughBuffer(len))?;
+        let mut resp = Response::from(resp_bytes);
 
         let (mut sw1, mut sw2) = resp.trailer;
         rapdu.extend_from_slice(resp.payload);
@@ -195,7 +196,8 @@ where
             let get_response_cmd = command_get_response(0x00, 0x00, sw2);
             let get_response_buf = Vec::from(get_response_cmd);
             let len = self.handle_in_ctx(ctx, &get_response_buf, &mut buf)?;
-            resp = Response::from(&buf[..len]);
+            let resp_bytes = buf.get(..len).ok_or(HandleError::NotEnoughBuffer(len))?;
+            resp = Response::from(resp_bytes);
             (sw1, sw2) = resp.trailer;
             rapdu.extend_from_slice(resp.payload);
         }
@@ -262,8 +264,8 @@ where
         let mut rest: &[u8] = data;
 
         while rest.len() > 250 {
-            let to_send = &rest[..250];
-            rest = &rest[250..];
+            let (to_send, remaining) = rest.split_at(250);
+            rest = remaining;
             let ctap_msg = command_ctap_msg(true, to_send);
             let resp = self.handle(self.ctx, ctap_msg)?;
             trace!("cbor_send has_more {:?} {:?}", to_send, resp);
diff --git a/libwebauthn/src/transport/nfc/libnfc/mod.rs b/libwebauthn/src/transport/nfc/libnfc/mod.rs
@@ -150,7 +150,9 @@ impl Channel {
                 baud_rate: *baud_rate,
             })
             .collect::<Vec<nfc1::Modulation>>();
-        let modulation = &modulations[modulations.len() - 1];
+        let modulation = modulations
+            .last()
+            .ok_or(Error::Transport(TransportError::TransportUnavailable))?;
         let is_one_rate = modulations.len() == 1;
         for i in 0..2 {
             if i > 0 {
