giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

avoid out of bounds read

This commit is contained in:
Frank Morgner 2018-06-21 14:47:05 +02:00
parent 03c5280626
commit 6184c1fbab
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libopensc/card-piv.c
View File

@ -898,7 +898,7 @@ static int piv_read_obj_from_file(sc_card_t * card, char * filename,
goto err;
}
memcpy(*buf, tagbuf, len); /* copy first or only part */
if (rbuflen > len) {
if (rbuflen > len + sizeof(tagbuf)) {
len = read(f, *buf + sizeof(tagbuf), rbuflen - sizeof(tagbuf)); /* read rest */
if (len != rbuflen - sizeof(tagbuf)) {
r = SC_ERROR_INVALID_ASN1_OBJECT;

2
src/libopensc/muscle.c
View File

@ -617,6 +617,8 @@ int msc_extract_rsa_public_key(sc_card_t *card,
if(!*modulus) SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
memcpy(*modulus, buffer, *modLength);
*expLength = (buffer[*modLength] << 8) | buffer[*modLength + 1];
if (*expLength > sizeof buffer)
return SC_ERROR_OUT_OF_MEMORY;
r = msc_read_object(card, inputId, fileLocation, buffer, *expLength);
if(r < 0) {
free(*modulus); *modulus = NULL;