diff --git a/src/libopensc/card-epass2003.c b/src/libopensc/card-epass2003.c index 39e46f40..897271dd 100644 --- a/src/libopensc/card-epass2003.c +++ b/src/libopensc/card-epass2003.c @@ -209,7 +209,7 @@ des3_encrypt_ecb(const unsigned char *key, int keysize, static int -des3_encrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[8], +des3_encrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[EVP_MAX_IV_LENGTH], const unsigned char *input, size_t length, unsigned char *output) { unsigned char bKey[24] = { 0 }; @@ -244,7 +244,7 @@ des3_decrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[EVP_MAX static int -des_encrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[8], +des_encrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[EVP_MAX_IV_LENGTH], const unsigned char *input, size_t length, unsigned char *output) { return openssl_enc(EVP_des_cbc(), key, iv, input, length, output); @@ -252,7 +252,7 @@ des_encrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[8], static int -des_decrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[8], +des_decrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[EVP_MAX_IV_LENGTH], const unsigned char *input, size_t length, unsigned char *output) { return openssl_dec(EVP_des_cbc(), key, iv, input, length, output); diff --git a/src/libopensc/card-myeid.c b/src/libopensc/card-myeid.c index f9181ae3..54a26f80 100644 --- a/src/libopensc/card-myeid.c +++ b/src/libopensc/card-myeid.c @@ -407,7 +407,7 @@ static int encode_file_structure(sc_card_t *card, const sc_file_t *file, case SC_FILE_TYPE_DF: buf[8] = 0x38; - if(file->namelen > 0 && file->namelen <= 16) + if(file->namelen > 0 && file->namelen < 16) { buf[25] = 0x84; buf[26] = (u8)file->namelen; diff --git a/src/libopensc/card-oberthur.c b/src/libopensc/card-oberthur.c index f6a4d335..99352e26 100644 --- a/src/libopensc/card-oberthur.c +++ b/src/libopensc/card-oberthur.c @@ -2014,7 +2014,7 @@ write_publickey (struct sc_card *card, unsigned int offset, sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "write_publickey in %d bytes :\n%s", count, debug_buf); - if (offset > sizeof(rsa_der)) + if (1+offset > sizeof(rsa_der)) SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_ARGUMENTS, "Invalid offset value"); len = offset+count > sizeof(rsa_der) ? sizeof(rsa_der) - offset : count; @@ -2113,7 +2113,7 @@ auth_read_binary(struct sc_card *card, unsigned int offset, if (auth_current_ef->magic==SC_FILE_MAGIC && auth_current_ef->ef_structure == SC_CARDCTL_OBERTHUR_KEY_RSA_PUBLIC) { int jj; - unsigned char resp[0x100], *out = NULL; + unsigned char resp[SC_MAX_APDU_BUFFER_SIZE], *out = NULL; size_t resp_len, out_len; struct sc_pkcs15_bignum bn[2]; struct sc_pkcs15_pubkey_rsa key; diff --git a/src/libopensc/ctbcs.c b/src/libopensc/ctbcs.c index 04420421..16c43369 100644 --- a/src/libopensc/ctbcs.c +++ b/src/libopensc/ctbcs.c @@ -58,7 +58,7 @@ ctbcs_build_perform_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *d prompt = data->pin1.prompt; if (prompt && *prompt) { len = strlen(prompt); - if (count + len + 2 > buflen || len > 255) + if (count + len + 2 > buflen || len > 254) return SC_ERROR_BUFFER_TOO_SMALL; buf[count++] = CTBCS_TAG_PROMPT; buf[count++] = len; @@ -126,7 +126,7 @@ ctbcs_build_modify_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *da prompt = data->pin1.prompt; if (prompt && *prompt) { len = strlen(prompt); - if (count + len + 2 > buflen || len > 255) + if (count + len + 2 > buflen || len > 254) return SC_ERROR_BUFFER_TOO_SMALL; buf[count++] = CTBCS_TAG_PROMPT; buf[count++] = len; diff --git a/src/libopensc/pkcs15-postecert.c b/src/libopensc/pkcs15-postecert.c index 9288b511..a62edd3a 100644 --- a/src/libopensc/pkcs15-postecert.c +++ b/src/libopensc/pkcs15-postecert.c @@ -221,7 +221,7 @@ static int sc_pkcs15emu_postecert_init(sc_pkcs15_card_t * p15card) count_cert[o] = (*(certi + i + 2) << 8) + *(certi + i + 3) + 4; o++; - if (o > 4) + if (o >= 4) break; i += (*(certi + i + 2) << 8) + *(certi + i + 3); } diff --git a/src/pkcs15init/pkcs15-asepcos.c b/src/pkcs15init/pkcs15-asepcos.c index ddc72f52..7904fb5a 100644 --- a/src/pkcs15init/pkcs15-asepcos.c +++ b/src/pkcs15init/pkcs15-asepcos.c @@ -512,7 +512,7 @@ static int asepcos_do_create_key(sc_card_t *card, size_t ksize, int fileid, sc_file_t *nfile = NULL; u8 buf[1024], *p = buf; - if (sizeof(buf) < kdlen + 11) + if (sizeof(buf) < kdlen + 12) return SC_ERROR_BUFFER_TOO_SMALL; *p++ = 0x85; diff --git a/src/pkcs15init/profile.c b/src/pkcs15init/profile.c index 9f87fc9c..a6a952e2 100644 --- a/src/pkcs15init/profile.c +++ b/src/pkcs15init/profile.c @@ -1301,7 +1301,7 @@ do_fileid(struct state *cur, int argc, char **argv) parse_error(cur, "No path/fileid set for parent DF\n"); return 1; } - if (df->path.len + 2 > sizeof(df->path)) { + if (df->path.len + 2 > sizeof(df->path.value)) { parse_error(cur, "File path too long\n"); return 1; } diff --git a/src/tests/lottery.c b/src/tests/lottery.c index eab40364..c64f093c 100644 --- a/src/tests/lottery.c +++ b/src/tests/lottery.c @@ -49,7 +49,7 @@ int main(int argc, char *argv[]) printf("Lottery: "); for (i = 0; i < 7; i++) { unsigned short s = buf[2 * i] + (buf[2 * i + 1] << 8); - int lot = s % (left + 1); + int lot = s % left; int num = nbuf[lot]; nbuf[lot] = nbuf[left - 1]; diff --git a/src/tools/cryptoflex-tool.c b/src/tools/cryptoflex-tool.c index ea1e6a43..8cbbd856 100644 --- a/src/tools/cryptoflex-tool.c +++ b/src/tools/cryptoflex-tool.c @@ -642,7 +642,7 @@ static int read_rsa_privkey(RSA **rsa_out) static int encode_private_key(RSA *rsa, u8 *key, size_t *keysize) { - u8 buf[512], *p = buf; + u8 buf[1024], *p = buf; u8 bnbuf[256]; int base = 0; int r;