fixed out of bounds read
fixes https://oss-fuzz.com/testcase-detail/5769032858075136
This commit is contained in:
parent
d4a9405bf4
commit
0a17188710
|
@ -1768,6 +1768,10 @@ static int coolkey_rsa_op(sc_card_t *card,
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
size_t out_length = bebytes2ushort(buf);
|
size_t out_length = bebytes2ushort(buf);
|
||||||
|
if (out_length > sizeof buf - 2) {
|
||||||
|
r = SC_ERROR_WRONG_LENGTH;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
out_length = MIN(out_length, max_out_len);
|
out_length = MIN(out_length, max_out_len);
|
||||||
memcpy(out, buf+2, out_length);
|
memcpy(out, buf+2, out_length);
|
||||||
r = out_length;
|
r = out_length;
|
||||||
|
|
Loading…
Reference in New Issue