From 6664f87d8f2650d7471a110b33839c878f97f8b4 Mon Sep 17 00:00:00 2001
From: Vasily Khoruzhick <anarsoul@gmail.com>
Date: Sat, 19 Sep 2015 10:28:49 -0700
Subject: [PATCH] aes1610: fix memory corruption introduced by a457658f1b

---
 libfprint/drivers/aes1610.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/libfprint/drivers/aes1610.c b/libfprint/drivers/aes1610.c
index 957d0f4..f87a63c 100644
--- a/libfprint/drivers/aes1610.c
+++ b/libfprint/drivers/aes1610.c
@@ -579,11 +579,14 @@ static void capture_read_strip_cb(struct libusb_transfer *transfer)
 	}
 
 	if (sum > 0) {
-	        /* FIXME: would preallocating strip buffers be a decent optimization? */
-	        stripdata = g_malloc(128 * 4);
-	        memcpy(stripdata, data + 1, 128 * 4);
-	        aesdev->strips = g_slist_prepend(aesdev->strips, stripdata);
-	        aesdev->strips_len++;
+		/* FIXME: would preallocating strip buffers be a decent optimization? */
+		struct aes_stripe *stripe = g_malloc(FRAME_WIDTH * (FRAME_HEIGHT / 2) + sizeof(struct aes_stripe));
+		stripe->delta_x = 0;
+		stripe->delta_y = 0;
+		stripdata = stripe->data;
+		memcpy(stripdata, data + 1, FRAME_WIDTH * (FRAME_HEIGHT / 2));
+		aesdev->strips = g_slist_prepend(aesdev->strips, stripe);
+		aesdev->strips_len++;
 		aesdev->blanks_count = 0;
 	}