libopensc: avoid using of the not completely initialized 'sc_path' variables

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5106 c6295689-39f2-0310-b995-f0e70906c6a9
2011-01-18 09:48:26 +00:00 · 2011-01-18 09:48:26 +00:00 · 5ab90b9219
parent 5405d74d19
commit 5ab90b9219
7 changed files with 19 additions and 5 deletions
--- a/src/libopensc/card-authentic.c
+++ b/src/libopensc/card-authentic.c
@ -623,7 +623,6 @@ authentic_select_mf(struct sc_card *card, struct sc_file **file_out)

 	LOG_FUNC_CALLED(ctx);

-	memset(&mfpath, 0, sizeof(struct sc_path));
 	sc_format_path("3F00", &mfpath);
 	mfpath.type = SC_PATH_TYPE_PATH;

--- a/src/libopensc/card-oberthur.c
+++ b/src/libopensc/card-oberthur.c
@ -186,7 +186,8 @@ auth_select_aid(struct sc_card *card)
 		data->sn += (int)(*(apdu.resp + 15 + ii)) << (3-ii)*8;
 	
 	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "serial number %li/0x%lX\n", data->sn, data->sn);
-		
+	
+	memset(&tmp_path, 0, sizeof(struct sc_path));
 	tmp_path.type = SC_PATH_TYPE_DF_NAME;
 	memcpy(tmp_path.value, aidAuthentIC_V5, lenAidAuthentIC_V5);
 	tmp_path.len = lenAidAuthentIC_V5;
@ -572,7 +573,8 @@ auth_select_file(struct sc_card *card, const struct sc_path *in_path,
 	
 		if (path.len - offs > 0)   {
 			struct sc_path tmp_path;
-			
+		
+			memset(&tmp_path, 0, sizeof(struct sc_path));	
 			tmp_path.type = SC_PATH_TYPE_FILE_ID;
 			tmp_path.len = 2;
 			
@ -678,6 +680,7 @@ auth_delete_file(struct sc_card *card, const struct sc_path *path)
 		int ii, len;
 		unsigned char lbuf[SC_MAX_APDU_BUFFER_SIZE];
 		
+		memset(&tmp_path, 0, sizeof(struct sc_path));	
 		tmp_path.type = SC_PATH_TYPE_FILE_ID;
 		memcpy(tmp_path.value, sbuf, 2);
 		tmp_path.len = 2;
@ -690,6 +693,7 @@ auth_delete_file(struct sc_card *card, const struct sc_path *path)
 		for (ii=0; ii<len/2; ii++)   {
 			struct sc_path tmp_path_x;

+			memset(&tmp_path_x, 0, sizeof(struct sc_path));	
 			tmp_path_x.type = SC_PATH_TYPE_FILE_ID;
 			tmp_path_x.value[0] = *(lbuf + ii*2);
 			tmp_path_x.value[1] = *(lbuf + ii*2 + 1);
@ -1303,6 +1307,7 @@ auth_generate_key(struct sc_card *card, int use_sm,
 	rv = sc_check_sw(card, apdu.sw1, apdu.sw2);
 	SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, rv, "Card returned error");
 		
+	memset(&tmp_path, 0, sizeof(struct sc_path));	
 	tmp_path.type = SC_PATH_TYPE_FILE_ID;
 	tmp_path.len = 2;
 	memcpy(tmp_path.value, sbuf, 2);
@ -1809,6 +1814,8 @@ auth_pin_reset_oberthur_style(struct sc_card *card, unsigned int type,
 		SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_ARGUMENTS, "Oberthur style 'PIN RESET' failed: invalid PIN reference");

 	memset(&pin_cmd, 0, sizeof(pin_cmd));
+	memset(&tmp_path, 0, sizeof(struct sc_path));	
+
 	pin_cmd.pin_type = SC_AC_CHV;
        pin_cmd.cmd = SC_PIN_CMD_VERIFY;
 	pin_cmd.pin_reference = OBERTHUR_PIN_REFERENCE_PUK;
--- a/src/libopensc/pkcs15-sec.c
+++ b/src/libopensc/pkcs15-sec.c
@ -40,6 +40,10 @@ static int select_key_file(struct sc_pkcs15_card *p15card,

 	if (prkey->path.len < 2)
 		return SC_ERROR_INVALID_ARGUMENTS;
+
+	memset(&path, 0, sizeof(sc_path_t));
+	memset(&file_id, 0, sizeof(sc_path_t));
+
 	/* For pkcs15-emulated cards, the file_app may be NULL,
 	   in that case we allways assume an absolute path */
 	if (prkey->path.len == 2 && p15card->file_app != NULL) {
--- a/src/libopensc/pkcs15-tcos.c
+++ b/src/libopensc/pkcs15-tcos.c
@ -274,6 +274,7 @@ static int detect_netkey(
 	const char *c_auth;

 	/* NKS-Applikation ? */
+	memset(&p, 0, sizeof(sc_path_t));
 	p.len=7; p.type=SC_PATH_TYPE_DF_NAME;
 	memcpy(p.value, "\xD2\x76\x00\x00\x03\x01\x02", p.len=7);
 	if (sc_select_file(card,&p,&f)!=SC_SUCCESS) return 1;
--- a/src/libopensc/pkcs15.c
+++ b/src/libopensc/pkcs15.c
@ -2004,7 +2004,7 @@ int sc_pkcs15_hex_string_to_id(const char *in, struct sc_pkcs15_id *out)

 int sc_pkcs15_make_absolute_path(const sc_path_t *parent, sc_path_t *child)
 {
-	struct sc_path ppath;
+	sc_path_t ppath;

 	/* a 0 length path stays a 0 length path */
 	if (child->len == 0)
@ -2013,7 +2013,7 @@ int sc_pkcs15_make_absolute_path(const sc_path_t *parent, sc_path_t *child)
 	if (child->aid.len)
 		return SC_SUCCESS;

-	memcpy(&ppath, parent, sizeof(struct sc_path));
+	memcpy(&ppath, parent, sizeof(sc_path_t));
 	if (ppath.aid.len)   {
 		memcpy(&child->aid, &ppath.aid, sizeof(child->aid));
 		if (ppath.len)   {
--- a/src/pkcs15init/pkcs15-asepcos.c
+++ b/src/pkcs15init/pkcs15-asepcos.c
@ -669,6 +669,7 @@ static int asepcos_do_store_rsa_key(sc_pkcs15_card_t *p15card, sc_profile_t *pro
 	}

 	/* select the rsa private key */
+	memset(&tpath, 0, sizeof(sc_path_t));
 	tpath.type = SC_PATH_TYPE_FILE_ID;
 	tpath.len  = 2;
 	tpath.value[0] = kinfo->path.value[kinfo->path.len-2];
@ -765,6 +766,7 @@ static int asepcos_generate_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card
 		return r;

 	/* select the rsa private key */
+	memset(&tpath, 0, sizeof(sc_path_t));
 	tpath.type = SC_PATH_TYPE_FILE_ID;
 	tpath.len  = 2;
 	tpath.value[0] = kinfo->path.value[kinfo->path.len-2];
--- a/src/pkcs15init/pkcs15-starcos.c
+++ b/src/pkcs15init/pkcs15-starcos.c
@ -86,6 +86,7 @@ static int starcos_init_card(sc_profile_t *profile, sc_pkcs15_card_t *p15card)
 	sc_pkcs15_pin_info_t sopin;

 	/* test if we already have a MF */
+	memset(&tpath, 0, sizeof(sc_path_t));
 	tpath.value[0] = 0x3f;
 	tpath.value[1] = 0x00;
 	tpath.len      = 2;