check for userInStorage.currentCredentialCount <= kMaxCredentialsPerUser

Author: mykrupp

examples/lock-app/silabs/src/LockManager.cpp

@@ -372,6 +372,9 @@ bool LockManager::GetUser(chip::EndpointId endpointId, uint16_t userIndex, Ember
     user.modificationSource = DlAssetSource::kMatterIM;
     user.lastModifiedBy     = userInStorage.lastModifiedBy;
 
+    // Ensure userInStorage.currentCredentialCount <= kMaxCredentialsPerUser to avoid buffer overflow
+    VerifyOrReturnValue(userInStorage.currentCredentialCount <= kMaxCredentialsPerUser, false);
+
     // Get credential struct from nvm3
     chip::StorageKeyName credentialKey = LockUserCredentialMap(userIndex);