Date: Sun, 15 Nov 2015 00:34:20 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 204552] security/openct: [patch] Don't truncate received APDU when talking to pcsc-lite 1.8.14 Message-ID: <bug-204552-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204552 Bug ID: 204552 Summary: security/openct: [patch] Don't truncate received APDU when talking to pcsc-lite 1.8.14 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: ale@FreeBSD.org Reporter: saper@saper.info Keywords: patch Flags: maintainer-feedback?(ale@FreeBSD.org) Assignee: ale@FreeBSD.org Created attachment 163130 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=163130&action=edit Bump PORTREVISION to 2 pcsc-lite starting from 1.8.14 provides 65548 byte receive buffers to IFDHTransmitToICC(), which is a maximal extended APDU size. Unfortunately this is more than CT API can use (16 bits). If more than 65536 bytes are about to be sent, return IFD_PROTOCOL_NOT_SUPPORTED. Receive at most 65536 bytes. pcsc-lite will always specify 65548 buffer, even if the client application requests less; therefore we cannot return an error in this case. Discussion: https://lists.alioth.debian.org/pipermail/pcsclite-muscle/Week-of-Mon-20151109/000493.html Also submitted as: https://github.com/OpenSC/openct/pull/5 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-204552-13>