giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

prevent integer underflow and subsequent heap overflow 

fixes https://oss-fuzz.com/testcase-detail/5666689944649728
This commit is contained in:
Frank Morgner 2020-06-04 09:47:22 +02:00
parent 4bc03cb55d
commit 55fd3db2b5
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libopensc/card-oberthur.c
View File

@ -2164,11 +2164,15 @@ auth_read_binary(struct sc_card *card, unsigned int offset,
key.exponent = bn[0];
key.modulus = bn[1];
if (sc_pkcs15_encode_pubkey_rsa(card->ctx, &key, &out, &out_len)) {
if (sc_pkcs15_encode_pubkey_rsa(card->ctx, &key, &out, &out_len) != SC_SUCCESS) {
rv = SC_ERROR_INVALID_ASN1_OBJECT;
LOG_TEST_GOTO_ERR(card->ctx, rv, "cannot encode RSA public key");
}
else {
if (out_len < offset) {
rv = SC_ERROR_UNKNOWN_DATA_RECEIVED;
goto err;
}
rv = out_len - offset > count ? count : out_len - offset;
memcpy(buf, out + offset, rv);