giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

card-asepcos: Fix heap-buffer overflow 

Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24940
This commit is contained in:
Jakub Jelen 2020-08-31 18:41:51 +02:00 committed by Jakub Jelen
parent 94d67bed81
commit 238b783a0e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libopensc/card-asepcos.c
View File

@ -184,7 +184,7 @@ static int asepcos_parse_sec_attr(sc_card_t *card, sc_file_t *file, const u8 *bu
if (r != SC_SUCCESS)
return r;
tlen += 2;
} else if (p[3] == 0xA0 && len >= 4U + p[4]) {
} else if (p[3] == 0xA0 && len >= 5U + p[4]) {
if (len < 6) {
sc_log(card->ctx, "invalid access mode encoding");
return SC_ERROR_INTERNAL;
@ -194,7 +194,7 @@ static int asepcos_parse_sec_attr(sc_card_t *card, sc_file_t *file, const u8 *bu
if (r != SC_SUCCESS)
return r;
tlen += 2 + p[4]; /* FIXME */
} else if (p[3] == 0xAF && len >= 4U + p[4]) {
} else if (p[3] == 0xAF && len >= 5U + p[4]) {
if (len < 6) {
sc_log(card->ctx, "invalid access mode encoding");
return SC_ERROR_INTERNAL;