From 3e40b2473772cea3a23d4932088fd0bc4cc0f52c Mon Sep 17 00:00:00 2001
From: Romain Vimont <rom@rom1v.com>
Date: Thu, 9 Oct 2025 09:26:47 +0200
Subject: [PATCH] Fix UHID_OUTPUT message parsing

The bounds check was incorrect.

Fixes #6415 <https://github.com/Genymobile/scrcpy/issues/6415>
---
 app/src/device_msg.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/src/device_msg.c b/app/src/device_msg.c
index 7621c040..2172d59b 100644
--- a/app/src/device_msg.c
+++ b/app/src/device_msg.c
@@ -53,7 +53,7 @@ sc_device_msg_deserialize(const uint8_t *buf, size_t len,
             }
             uint16_t id = sc_read16be(&buf[1]);
             size_t size = sc_read16be(&buf[3]);
-            if (size < len - 5) {
+            if (size > len - 5) {
                 return 0; // not available
             }
             uint8_t *data = malloc(size);