From 2f335e76428d4a8b21b443eb8f63791dfa328aff Mon Sep 17 00:00:00 2001
From: arche8 <m202572218@hust.edu.cn>
Date: Mon, 10 Nov 2025 19:29:04 +0800
Subject: [PATCH] Fix Uninitialized NULL Pointer Dereference Bug in Firmata I2C
 Message Processing

---
 examples/StandardFirmata/StandardFirmata.ino | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/examples/StandardFirmata/StandardFirmata.ino b/examples/StandardFirmata/StandardFirmata.ino
index 0e05a812..98fe38eb 100755
--- a/examples/StandardFirmata/StandardFirmata.ino
+++ b/examples/StandardFirmata/StandardFirmata.ino
@@ -488,6 +488,10 @@ void sysexCallback(byte command, byte argc, byte *argv)
 
   switch (command) {
     case I2C_REQUEST:
+      if (argc < 2) {
+        Firmata.sendString("I2C request requires address and configuration");
+        return;
+      }
       mode = argv[1] & I2C_READ_WRITE_MODE_MASK;
       if (argv[1] & I2C_10BIT_ADDRESS_MODE_MASK) {
         Firmata.sendString("10-bit addressing not supported");
@@ -508,6 +512,10 @@ void sysexCallback(byte command, byte argc, byte *argv)
 
       switch (mode) {
         case I2C_WRITE:
+          if (argc <= 2) {
+            Firmata.sendString("I2C write requires data payload");
+            return;
+          }
           Wire.beginTransmission(slaveAddress);
           for (byte i = 2; i < argc; i += 2) {
             data = argv[i] + (argv[i + 1] << 7);