Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
opensc
opensc-0_18_0-CVE-2019-19481.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File opensc-0_18_0-CVE-2019-19481.patch of Package opensc
Index: opensc-0.18.0/src/libopensc/card-cac.c =================================================================== --- opensc-0.18.0.orig/src/libopensc/card-cac.c +++ opensc-0.18.0/src/libopensc/card-cac.c @@ -492,7 +492,7 @@ static int cac_cac1_get_certificate(sc_c u8 *out_ptr; size_t size = 0; size_t left = 0; - size_t len, next_len; + size_t len; sc_apdu_t apdu; int r = SC_SUCCESS; @@ -501,9 +501,8 @@ static int cac_cac1_get_certificate(sc_c size = left = *out_buf ? *out_len : sizeof(buf); out_ptr = *out_buf ? *out_buf : buf; sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, CAC_INS_GET_CERTIFICATE, 0, 0 ); - next_len = MIN(left, 100); - for (; left > 0; left -= len, out_ptr += len) { - len = next_len; + len = MIN(left, 100); + for (; left > 0;) { /* Increments for readability in the end of the function */ apdu.resp = out_ptr; apdu.le = len; apdu.resplen = left; @@ -519,7 +518,11 @@ static int cac_cac1_get_certificate(sc_c left -= len; break; } - next_len = MIN(left,apdu.sw2); + /* Adjust the lengths */ + left -= len; + out_ptr += len; + len = MIN(left, apdu.sw2); + } if (r < 0) { return r; @@ -582,7 +585,7 @@ static int cac_read_binary(sc_card_t *ca u8 *tl = NULL, *val = NULL; u8 *tl_ptr, *val_ptr, *tlv_ptr, *tl_start; u8 *cert_ptr; - size_t tl_len, val_len, tlv_len; + size_t tl_len, val_len = 0, tlv_len; size_t len, tl_head_len, cert_len; u8 cert_type, tag;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor