giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cac: Correctly avoid recursion (amends 09531d72) 

Closes: #1920

Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19725
This commit is contained in:
Jakub Jelen 2020-03-02 15:34:37 +01:00 committed by Frank Morgner
parent dba0f56722
commit c69add3b64
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libopensc/card-cac.c
View File

@ -1542,7 +1542,7 @@ static int cac_process_CCC(sc_card_t *card, cac_private_data_t *priv, int depth)
size_t tl_len, val_len;
int r;
if (depth < 0) {
if (depth > CAC_MAX_CCC_DEPTH) {
sc_log(card->ctx, "Too much recursive CCC found. Exiting");
return SC_ERROR_INVALID_CARD;
}
@ -1782,7 +1782,7 @@ static int cac_find_and_initialize(sc_card_t *card, int initialize)
priv = cac_new_private_data();
if (!priv)
return SC_ERROR_OUT_OF_MEMORY;
r = cac_process_CCC(card, priv, CAC_MAX_CCC_DEPTH);
r = cac_process_CCC(card, priv, 0);
if (r == SC_SUCCESS) {
card->type = SC_CARD_TYPE_CAC_II;
card->drv_data = priv;