giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

coolkey: For large data, do not even expect response data 

Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25708
This commit is contained in:
Jakub Jelen 2020-09-17 12:06:07 +02:00 committed by Frank Morgner
parent 410012f100
commit 101e9c720d
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/libopensc/card-coolkey.c
View File

@ -1678,7 +1678,7 @@ static int coolkey_rsa_op(sc_card_t *card, const u8 * data, size_t datalen,
{
int r;
u8 **crypt_out_p = NULL;
size_t crypt_out_len_p;
size_t crypt_out_len_p = 0;
coolkey_private_data_t *priv = COOLKEY_DATA(card);
coolkey_compute_crypt_params_t params;
u8 key_number;
@ -1709,9 +1709,6 @@ static int coolkey_rsa_op(sc_card_t *card, const u8 * data, size_t datalen,
params_len = sizeof(params.init);
crypt_out_p = NULL;
crypt_out_len_p = 0;
ushort2bebytes(len_buf, datalen);
r = coolkey_write_object(card, COOLKEY_DL_OBJECT_ID, 0, len_buf, sizeof(len_buf),
@ -1754,7 +1751,9 @@ static int coolkey_rsa_op(sc_card_t *card, const u8 * data, size_t datalen,
size_t out_length;
/* Free card response -- nothing useful -- result is in export object */
free(*crypt_out_p);
if (crypt_out_p) {
free(*crypt_out_p);
}
r = coolkey_read_object(card, COOLKEY_DL_OBJECT_ID, 0, len_buf, sizeof(len_buf),
priv->nonce, sizeof(priv->nonce));