giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pgp: fixed integer underflow

This commit is contained in:
Frank Morgner 2018-07-03 09:36:21 +02:00 committed by Jakub Jelen
parent 92a98cb3bb
commit 30fe0ad453
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/libopensc/card-openpgp.c
View File

@ -623,13 +623,19 @@ pgp_get_card_features(sc_card_t *card)
/* category indicator 0x00, 0x10 or 0x80 => compact TLV (ISO) */ /* category indicator 0x00, 0x10 or 0x80 => compact TLV (ISO) */
switch (hist_bytes[0]) { switch (hist_bytes[0]) {
case 0x00: case 0x00:
pgp_parse_hist_bytes(card, hist_bytes+1, hist_bytes_len-4); if (hist_bytes_len > 4) {
pgp_parse_hist_bytes(card, hist_bytes+1, hist_bytes_len-4);
}
break; break;
case 0x80: case 0x80:
pgp_parse_hist_bytes(card, hist_bytes+1, hist_bytes_len-1); if (hist_bytes_len > 1) {
pgp_parse_hist_bytes(card, hist_bytes+1, hist_bytes_len-1);
}
break; break;
case 0x10: case 0x10:
pgp_parse_hist_bytes(card, hist_bytes+2, hist_bytes_len-2); if (hist_bytes_len > 2) {
pgp_parse_hist_bytes(card, hist_bytes+2, hist_bytes_len-2);
}
break; break;
} }
} }
@ -642,7 +648,9 @@ pgp_get_card_features(sc_card_t *card)
if ((pgp_get_blob(card, priv->mf, 0x5f52, &blob) >= 0) && if ((pgp_get_blob(card, priv->mf, 0x5f52, &blob) >= 0) &&
(blob->data != NULL) && (blob->data[0] == 0x00)) { (blob->data != NULL) && (blob->data[0] == 0x00)) {
pgp_parse_hist_bytes(card, hist_bytes+1, hist_bytes_len-4); if (hist_bytes_len > 4) {
pgp_parse_hist_bytes(card, hist_bytes+1, hist_bytes_len-4);
}
/* get card status from historical bytes status indicator */ /* get card status from historical bytes status indicator */
if ((blob->data[0] == 0x00) && (blob->len >= 4)) { if ((blob->data[0] == 0x00) && (blob->len >= 4)) {