From 2c1ce06df39f17821e4b1891c09e8399bf10ad7f Mon Sep 17 00:00:00 2001
From: Ludovic Rousseau <ludovic.rousseau@free.fr>
Date: Sat, 8 Aug 2020 16:39:04 +0200
Subject: [PATCH 4/6] IFDHSetProtocolParameters: handle ATR_GetConvention()
 error

If the ATR is invalid (i.e. does not start with 0x3B or 0x3F) then we
return an error instead of using an unitialized value.

Thanks to Maksim Ivanov for the bug report
"[Pcsclite-muscle] Insufficient checks in CCID"
http://lists.infradead.org/pipermail/pcsclite-muscle/2020-August/001098.html

" Hello,

The CCID free software driver is missing a few checks and graceful
handling of some error cases:

6. Read of uninitialized |convention| in IFDHSetProtocolParameters() -
in case ATR_GetConvention() returned a failure on a malformed ATR. "
---
 src/ifdhandler.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ifdhandler.c b/src/ifdhandler.c
index 1d2281e..0deb9d8 100644
--- a/src/ifdhandler.c
+++ b/src/ifdhandler.c
@@ -943,7 +943,8 @@ EXTERNAL RESPONSECODE IFDHSetProtocolParameters(DWORD Lun, DWORD Protocol,
 	}
 
 	/* Now we must set the reader parameters */
-	(void)ATR_GetConvention(&atr, &convention);
+	if (ATR_MALFORMED == ATR_GetConvention(&atr, &convention))
+		return IFD_COMMUNICATION_ERROR;
 
 	/* specific mode and implicit parameters? (b5 of TA2) */
 	if (atr.ib[1][ATR_INTERFACE_BYTE_TA].present
-- 
1.8.3.1