Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 10 Apr 2017 12:14:50 +0000 (UTC)
From:      Alex Dupre <ale@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r438157 - in head/security/openct: . files
Message-ID:  <201704101214.v3ACEodw016749@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: ale
Date: Mon Apr 10 12:14:50 2017
New Revision: 438157
URL: https://svnweb.freebsd.org/changeset/ports/438157

Log:
  Don't truncate received APDU when talking to pcsc-lite.
  
  PR:		204552
  Submitted by:	Marcin Cieslak <saper@saper.info>

Added:
  head/security/openct/files/patch-src_pcsc_pcsc.c   (contents, props changed)
Modified:
  head/security/openct/Makefile

Modified: head/security/openct/Makefile
==============================================================================
--- head/security/openct/Makefile	Mon Apr 10 12:12:00 2017	(r438156)
+++ head/security/openct/Makefile	Mon Apr 10 12:14:50 2017	(r438157)
@@ -3,7 +3,7 @@
 
 PORTNAME=	openct
 PORTVERSION=	0.6.20
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	SF/opensc/${PORTNAME}
 

Added: head/security/openct/files/patch-src_pcsc_pcsc.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/openct/files/patch-src_pcsc_pcsc.c	Mon Apr 10 12:14:50 2017	(r438157)
@@ -0,0 +1,50 @@
+--- src/pcsc/pcsc.c.orig	2007-05-25 21:11:45 UTC
++++ src/pcsc/pcsc.c
+@@ -25,6 +25,7 @@
+ #ifdef DEBUG_IFDH
+ #include <syslog.h>
+ #endif
++#include <limits.h>
+ #ifdef __APPLE__
+ #include <PCSC/wintypes.h>
+ #include <PCSC/pcsclite.h>
+@@ -390,6 +391,10 @@ IFDHTransmitToICC(DWORD Lun, SCARD_IO_HE
+ 	ctn = ((unsigned short)(Lun >> 16)) % IFDH_MAX_READERS;
+ 	slot = ((unsigned short)(Lun & 0x0000FFFF)) % IFDH_MAX_SLOTS;
+ 
++	if (TxLength > USHRT_MAX) {
++		(*RxLength) = 0;
++		return IFD_PROTOCOL_NOT_SUPPORTED;
++	}
+ #ifdef HAVE_PTHREAD
+ 	pthread_mutex_lock(&ifdh_context_mutex[ctn]);
+ #endif
+@@ -399,7 +404,7 @@ IFDHTransmitToICC(DWORD Lun, SCARD_IO_HE
+ #endif
+ 		dad = (UCHAR) ((slot == 0) ? 0x00 : slot + 1);
+ 		sad = 0x02;
+-		lr = (unsigned short)(*RxLength);
++		lr = (*RxLength > USHRT_MAX) ? USHRT_MAX : (unsigned short)(*RxLength);
+ 		lc = (unsigned short)TxLength;
+ 
+ 		ret = CT_data(ctn, &dad, &sad, lc, TxBuffer, &lr, RxBuffer);
+@@ -438,6 +443,10 @@ IFDHControl(DWORD Lun, PUCHAR TxBuffer,
+ 	ctn = ((unsigned short)(Lun >> 16)) % IFDH_MAX_READERS;
+ 	slot = ((unsigned short)(Lun & 0x0000FFFF)) % IFDH_MAX_SLOTS;
+ 
++	if (TxLength > USHRT_MAX) {
++		(*RxLength) = 0;
++		return IFD_PROTOCOL_NOT_SUPPORTED;
++	}
+ #ifdef HAVE_PTHREAD
+ 	pthread_mutex_lock(&ifdh_context_mutex[ctn]);
+ #endif
+@@ -447,7 +456,7 @@ IFDHControl(DWORD Lun, PUCHAR TxBuffer,
+ #endif
+ 		dad = 0x01;
+ 		sad = 0x02;
+-		lr = (unsigned short)(*RxLength);
++		lr = (*RxLength > USHRT_MAX) ? USHRT_MAX : (unsigned short)(*RxLength);
+ 		lc = (unsigned short)TxLength;
+ 
+ 		ret = CT_data(ctn, &dad, &sad, lc, TxBuffer, &lr, RxBuffer);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201704101214.v3ACEodw016749>