42 lines
1.4 KiB
Diff
42 lines
1.4 KiB
Diff
|
From 2c1ce06df39f17821e4b1891c09e8399bf10ad7f Mon Sep 17 00:00:00 2001
|
||
|
|
From: Ludovic Rousseau <ludovic.rousseau@free.fr>
|
||
|
|
Date: Sat, 8 Aug 2020 16:39:04 +0200
|
||
|
|
Subject: [PATCH 4/6] IFDHSetProtocolParameters: handle ATR_GetConvention()
|
||
|
|
error
|
||
|
|
|
||
|
|
If the ATR is invalid (i.e. does not start with 0x3B or 0x3F) then we
|
||
|
|
return an error instead of using an unitialized value.
|
||
|
|
|
||
|
|
Thanks to Maksim Ivanov for the bug report
|
||
|
|
"[Pcsclite-muscle] Insufficient checks in CCID"
|
||
|
|
http://lists.infradead.org/pipermail/pcsclite-muscle/2020-August/001098.html
|
||
|
|
|
||
|
|
" Hello,
|
||
|
|
|
||
|
|
The CCID free software driver is missing a few checks and graceful
|
||
|
|
handling of some error cases:
|
||
|
|
|
||
|
|
6. Read of uninitialized |convention| in IFDHSetProtocolParameters() -
|
||
|
|
in case ATR_GetConvention() returned a failure on a malformed ATR. "
|
||
|
|
---
|
||
|
|
src/ifdhandler.c | 3 ++-
|
||
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/src/ifdhandler.c b/src/ifdhandler.c
|
||
|
|
index 1d2281e..0deb9d8 100644
|
||
|
|
--- a/src/ifdhandler.c
|
||
|
|
+++ b/src/ifdhandler.c
|
||
|
|
@@ -943,7 +943,8 @@ EXTERNAL RESPONSECODE IFDHSetProtocolParameters(DWORD Lun, DWORD Protocol,
|
||
|
|
}
|
||
|
|
|
||
|
|
/* Now we must set the reader parameters */
|
||
|
|
- (void)ATR_GetConvention(&atr, &convention);
|
||
|
|
+ if (ATR_MALFORMED == ATR_GetConvention(&atr, &convention))
|
||
|
|
+ return IFD_COMMUNICATION_ERROR;
|
||
|
|
|
||
|
|
/* specific mode and implicit parameters? (b5 of TA2) */
|
||
|
|
if (atr.ib[1][ATR_INTERFACE_BYTE_TA].present
|
||
|
|
--
|
||
|
|
1.8.3.1
|
||
|
|
|