diff options
| author | ale <ale@FreeBSD.org> | 2017-04-10 20:14:50 +0800 |
|---|---|---|
| committer | ale <ale@FreeBSD.org> | 2017-04-10 20:14:50 +0800 |
| commit | 4bd2548cef9340edd0c4a4551f373c32ad4361b3 (patch) | |
| tree | 3f3ff7b4973c7924addd261898cefc3af2734c08 /security | |
| parent | a9646a9e7c31fe00468b16c2cdb0c2808236aba8 (diff) | |
| download | freebsd-ports-gnome-4bd2548cef9340edd0c4a4551f373c32ad4361b3.tar.gz freebsd-ports-gnome-4bd2548cef9340edd0c4a4551f373c32ad4361b3.tar.zst freebsd-ports-gnome-4bd2548cef9340edd0c4a4551f373c32ad4361b3.zip | |
Don't truncate received APDU when talking to pcsc-lite.
PR: 204552
Submitted by: Marcin Cieslak <saper@saper.info>
Diffstat (limited to 'security')
| -rw-r--r-- | security/openct/Makefile | 2 | ||||
| -rw-r--r-- | security/openct/files/patch-src_pcsc_pcsc.c | 50 |
2 files changed, 51 insertions, 1 deletions
diff --git a/security/openct/Makefile b/security/openct/Makefile index 33c5fff5e5d3..fef293e46d0c 100644 --- a/security/openct/Makefile +++ b/security/openct/Makefile @@ -3,7 +3,7 @@ PORTNAME= openct PORTVERSION= 0.6.20 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= SF/opensc/${PORTNAME} diff --git a/security/openct/files/patch-src_pcsc_pcsc.c b/security/openct/files/patch-src_pcsc_pcsc.c new file mode 100644 index 000000000000..2ac00d4704f4 --- /dev/null +++ b/security/openct/files/patch-src_pcsc_pcsc.c @@ -0,0 +1,50 @@ +--- src/pcsc/pcsc.c.orig 2007-05-25 21:11:45 UTC ++++ src/pcsc/pcsc.c +@@ -25,6 +25,7 @@ + #ifdef DEBUG_IFDH + #include <syslog.h> + #endif ++#include <limits.h> + #ifdef __APPLE__ + #include <PCSC/wintypes.h> + #include <PCSC/pcsclite.h> +@@ -390,6 +391,10 @@ IFDHTransmitToICC(DWORD Lun, SCARD_IO_HE + ctn = ((unsigned short)(Lun >> 16)) % IFDH_MAX_READERS; + slot = ((unsigned short)(Lun & 0x0000FFFF)) % IFDH_MAX_SLOTS; + ++ if (TxLength > USHRT_MAX) { ++ (*RxLength) = 0; ++ return IFD_PROTOCOL_NOT_SUPPORTED; ++ } + #ifdef HAVE_PTHREAD + pthread_mutex_lock(&ifdh_context_mutex[ctn]); + #endif +@@ -399,7 +404,7 @@ IFDHTransmitToICC(DWORD Lun, SCARD_IO_HE + #endif + dad = (UCHAR) ((slot == 0) ? 0x00 : slot + 1); + sad = 0x02; +- lr = (unsigned short)(*RxLength); ++ lr = (*RxLength > USHRT_MAX) ? USHRT_MAX : (unsigned short)(*RxLength); + lc = (unsigned short)TxLength; + + ret = CT_data(ctn, &dad, &sad, lc, TxBuffer, &lr, RxBuffer); +@@ -438,6 +443,10 @@ IFDHControl(DWORD Lun, PUCHAR TxBuffer, + ctn = ((unsigned short)(Lun >> 16)) % IFDH_MAX_READERS; + slot = ((unsigned short)(Lun & 0x0000FFFF)) % IFDH_MAX_SLOTS; + ++ if (TxLength > USHRT_MAX) { ++ (*RxLength) = 0; ++ return IFD_PROTOCOL_NOT_SUPPORTED; ++ } + #ifdef HAVE_PTHREAD + pthread_mutex_lock(&ifdh_context_mutex[ctn]); + #endif +@@ -447,7 +456,7 @@ IFDHControl(DWORD Lun, PUCHAR TxBuffer, + #endif + dad = 0x01; + sad = 0x02; +- lr = (unsigned short)(*RxLength); ++ lr = (*RxLength > USHRT_MAX) ? USHRT_MAX : (unsigned short)(*RxLength); + lc = (unsigned short)TxLength; + + ret = CT_data(ctn, &dad, &sad, lc, TxBuffer, &lr, RxBuffer); |