Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
opensc.21595
opensc-oberthur-return-values.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File opensc-oberthur-return-values.patch of Package opensc.21595
From 1db88374bb7706a115d5c3617c6f16115c33bf27 Mon Sep 17 00:00:00 2001 From: Jakub Jelen <jjelen@redhat.com> Date: Thu, 7 Jan 2021 14:20:31 +0100 Subject: [PATCH] oberthur: Correctly check for return values Thanks oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843 --- src/libopensc/pkcs15-oberthur.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) Index: opensc-0.13.0/src/libopensc/pkcs15-oberthur.c =================================================================== --- opensc-0.13.0.orig/src/libopensc/pkcs15-oberthur.c +++ opensc-0.13.0/src/libopensc/pkcs15-oberthur.c @@ -298,15 +298,20 @@ sc_oberthur_read_file(struct sc_pkcs15_c if (verify_pin && rv == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED) { struct sc_pkcs15_object *objs[0x10], *pin_obj = NULL; const struct sc_acl_entry *acl = sc_file_get_acl_entry(file, SC_AC_OP_READ); - int ii; + int ii, nobjs; - rv = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_AUTH_PIN, objs, 0x10); - SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot read oberthur file: get AUTH objects error"); + nobjs = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_AUTH_PIN, objs, 0x10); + if (nobjs < 1) { + sc_file_free(file); + free(*out); + *out = NULL; + LOG_TEST_RET(ctx, rv, "Cannot read oberthur file: get AUTH objects error"); + } - for (ii=0; ii<rv; ii++) { + for (ii = 0; ii < nobjs; ii++) { struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) objs[ii]->data; sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "compare PIN/ACL refs:%i/%i, method:%i/%i", - auth_info->attrs.pin.reference, acl->key_ref, auth_info->auth_method, acl->method); + auth_info->attrs.pin.reference, acl->key_ref, auth_info->auth_method, acl->method); if (auth_info->attrs.pin.reference == (int)acl->key_ref && auth_info->auth_method == (unsigned)acl->method) { pin_obj = objs[ii]; break;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor