pkcs15: Avoid insane allocations
and use single max constant accross the code https://oss-fuzz.com/testcase-detail/6314983763214336
This commit is contained in:
parent
f0310f7776
commit
532b06d07e
@ -55,8 +55,6 @@
|
||||
#endif
|
||||
#include "simpletlv.h"
|
||||
|
||||
#define PIV_MAX_FILE_SIZE 65535
|
||||
|
||||
enum {
|
||||
PIV_OBJ_CCC = 0,
|
||||
PIV_OBJ_CHUI,
|
||||
@ -962,7 +960,7 @@ piv_get_data(sc_card_t * card, int enumtag, u8 **buf, size_t *buf_len)
|
||||
"buffer for #%d *buf=0x%p len=%"SC_FORMAT_LEN_SIZE_T"u",
|
||||
enumtag, *buf, *buf_len);
|
||||
if (*buf == NULL && *buf_len > 0) {
|
||||
if (*buf_len > PIV_MAX_FILE_SIZE) {
|
||||
if (*buf_len > MAX_FILE_SIZE) {
|
||||
goto err;
|
||||
}
|
||||
*buf = malloc(*buf_len);
|
||||
|
@ -29,8 +29,6 @@
|
||||
#include "internal.h"
|
||||
#include "asn1.h"
|
||||
|
||||
#define MAX_FILE_SIZE 65535
|
||||
|
||||
struct app_entry {
|
||||
const u8 *aid;
|
||||
size_t aid_len;
|
||||
|
@ -217,6 +217,8 @@ extern "C" {
|
||||
#define SC_EVENT_READER_DETACHED 0x0008
|
||||
#define SC_EVENT_READER_EVENTS SC_EVENT_READER_ATTACHED|SC_EVENT_READER_DETACHED
|
||||
|
||||
#define MAX_FILE_SIZE 65535
|
||||
|
||||
struct sc_supported_algo_info {
|
||||
unsigned int reference;
|
||||
unsigned int mechanism;
|
||||
|
@ -1039,6 +1039,10 @@ sc_pkcs15_bind_internal(struct sc_pkcs15_card *p15card, struct sc_aid *aid)
|
||||
sc_log(ctx, "EF(ODF) is empty");
|
||||
goto end;
|
||||
}
|
||||
if (len > MAX_FILE_SIZE) {
|
||||
sc_log(ctx, "EF(ODF) too large");
|
||||
goto end;
|
||||
}
|
||||
buf = malloc(len);
|
||||
if(buf == NULL)
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||
|
Loading…
Reference in New Issue
Block a user