From owner-svn-ports-all@freebsd.org  Mon Apr 10 12:14:51 2017
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id F2A61D365AE;
 Mon, 10 Apr 2017 12:14:51 +0000 (UTC) (envelope-from ale@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A91101A27;
 Mon, 10 Apr 2017 12:14:51 +0000 (UTC) (envelope-from ale@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v3ACEoF1016751;
 Mon, 10 Apr 2017 12:14:50 GMT (envelope-from ale@FreeBSD.org)
Received: (from ale@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v3ACEodw016749;
 Mon, 10 Apr 2017 12:14:50 GMT (envelope-from ale@FreeBSD.org)
Message-Id: <201704101214.v3ACEodw016749@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: ale set sender to ale@FreeBSD.org
 using -f
From: Alex Dupre <ale@FreeBSD.org>
Date: Mon, 10 Apr 2017 12:14:50 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r438157 - in head/security/openct: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2017 12:14:52 -0000

Author: ale
Date: Mon Apr 10 12:14:50 2017
New Revision: 438157
URL: https://svnweb.freebsd.org/changeset/ports/438157

Log:
  Don't truncate received APDU when talking to pcsc-lite.
  
  PR:		204552
  Submitted by:	Marcin Cieslak <saper@saper.info>

Added:
  head/security/openct/files/patch-src_pcsc_pcsc.c   (contents, props changed)
Modified:
  head/security/openct/Makefile

Modified: head/security/openct/Makefile
==============================================================================
--- head/security/openct/Makefile	Mon Apr 10 12:12:00 2017	(r438156)
+++ head/security/openct/Makefile	Mon Apr 10 12:14:50 2017	(r438157)
@@ -3,7 +3,7 @@
 
 PORTNAME=	openct
 PORTVERSION=	0.6.20
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	SF/opensc/${PORTNAME}
 

Added: head/security/openct/files/patch-src_pcsc_pcsc.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/openct/files/patch-src_pcsc_pcsc.c	Mon Apr 10 12:14:50 2017	(r438157)
@@ -0,0 +1,50 @@
+--- src/pcsc/pcsc.c.orig	2007-05-25 21:11:45 UTC
++++ src/pcsc/pcsc.c
+@@ -25,6 +25,7 @@
+ #ifdef DEBUG_IFDH
+ #include <syslog.h>
+ #endif
++#include <limits.h>
+ #ifdef __APPLE__
+ #include <PCSC/wintypes.h>
+ #include <PCSC/pcsclite.h>
+@@ -390,6 +391,10 @@ IFDHTransmitToICC(DWORD Lun, SCARD_IO_HE
+ 	ctn = ((unsigned short)(Lun >> 16)) % IFDH_MAX_READERS;
+ 	slot = ((unsigned short)(Lun & 0x0000FFFF)) % IFDH_MAX_SLOTS;
+ 
++	if (TxLength > USHRT_MAX) {
++		(*RxLength) = 0;
++		return IFD_PROTOCOL_NOT_SUPPORTED;
++	}
+ #ifdef HAVE_PTHREAD
+ 	pthread_mutex_lock(&ifdh_context_mutex[ctn]);
+ #endif
+@@ -399,7 +404,7 @@ IFDHTransmitToICC(DWORD Lun, SCARD_IO_HE
+ #endif
+ 		dad = (UCHAR) ((slot == 0) ? 0x00 : slot + 1);
+ 		sad = 0x02;
+-		lr = (unsigned short)(*RxLength);
++		lr = (*RxLength > USHRT_MAX) ? USHRT_MAX : (unsigned short)(*RxLength);
+ 		lc = (unsigned short)TxLength;
+ 
+ 		ret = CT_data(ctn, &dad, &sad, lc, TxBuffer, &lr, RxBuffer);
+@@ -438,6 +443,10 @@ IFDHControl(DWORD Lun, PUCHAR TxBuffer,
+ 	ctn = ((unsigned short)(Lun >> 16)) % IFDH_MAX_READERS;
+ 	slot = ((unsigned short)(Lun & 0x0000FFFF)) % IFDH_MAX_SLOTS;
+ 
++	if (TxLength > USHRT_MAX) {
++		(*RxLength) = 0;
++		return IFD_PROTOCOL_NOT_SUPPORTED;
++	}
+ #ifdef HAVE_PTHREAD
+ 	pthread_mutex_lock(&ifdh_context_mutex[ctn]);
+ #endif
+@@ -447,7 +456,7 @@ IFDHControl(DWORD Lun, PUCHAR TxBuffer,
+ #endif
+ 		dad = 0x01;
+ 		sad = 0x02;
+-		lr = (unsigned short)(*RxLength);
++		lr = (*RxLength > USHRT_MAX) ? USHRT_MAX : (unsigned short)(*RxLength);
+ 		lc = (unsigned short)TxLength;
+ 
+ 		ret = CT_data(ctn, &dad, &sad, lc, TxBuffer, &lr, RxBuffer);