Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
opensc.33796
opensc-0_13_0-CVE-2020-26570.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File opensc-0_13_0-CVE-2020-26570.patch of Package opensc.33796
Index: opensc-0.13.0/src/libopensc/pkcs15-oberthur.c =================================================================== --- opensc-0.13.0.orig/src/libopensc/pkcs15-oberthur.c +++ opensc-0.13.0/src/libopensc/pkcs15-oberthur.c @@ -265,11 +265,15 @@ sc_oberthur_read_file(struct sc_pkcs15_c rv = sc_read_binary(card, 0, *out, sz, 0); } else { - int rec; - int offs = 0; - int rec_len = file->record_length; - + size_t rec; + size_t offs = 0; + size_t rec_len = file->record_length; + for (rec = 1; ; rec++) { + if ((file->record_count < 0) || (rec > (size_t)file->record_count)) { + rv = 0; + break; + } rv = sc_read_record(card, rec, *out + offs + 2, rec_len, SC_RECORD_BY_REC_NR); if (rv == SC_ERROR_RECORD_NOT_FOUND) { rv = 0;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor