authentic: Avoid accessing behind buffers
Thanks oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26900 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26860
This commit is contained in:
parent
445c651549
commit
65461e4eb5
|
@ -672,12 +672,12 @@ authentic_reduce_path(struct sc_card *card, struct sc_path *path)
|
|||
cur_path = card->cache.current_df->path;
|
||||
|
||||
if (!memcmp(cur_path.value, "\x3F\x00", 2) && memcmp(in_path.value, "\x3F\x00", 2)) {
|
||||
memmove(in_path.value + 2, in_path.value, in_path.len);
|
||||
memmove(in_path.value + 2, in_path.value, (in_path.len - 2));
|
||||
memcpy(in_path.value, "\x3F\x00", 2);
|
||||
in_path.len += 2;
|
||||
}
|
||||
|
||||
for (offs=0; offs < in_path.len && offs < cur_path.len; offs += 2) {
|
||||
for (offs = 0; (offs + 1) < in_path.len && (offs + 1) < cur_path.len; offs += 2) {
|
||||
if (cur_path.value[offs] != in_path.value[offs])
|
||||
break;
|
||||
if (cur_path.value[offs + 1] != in_path.value[offs + 1])
|
||||
|
|
Loading…
Reference in New Issue