Correctly check for reading out of file bounds, thx to Sirio Capizi
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2223 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
11526e3ccf
commit
e336488431
@ -67,7 +67,7 @@ int sc_pkcs15_read_cached_file(struct sc_pkcs15_card *p15card,
|
||||
const struct sc_path *path,
|
||||
u8 **buf, size_t *bufsize)
|
||||
{
|
||||
char fname[160];
|
||||
char fname[PATH_MAX];
|
||||
int r;
|
||||
FILE *f;
|
||||
size_t count, offset, got;
|
||||
@ -86,8 +86,7 @@ int sc_pkcs15_read_cached_file(struct sc_pkcs15_card *p15card,
|
||||
} else {
|
||||
count = path->count;
|
||||
offset = path->index;
|
||||
if (offset >= (size_t)stbuf.st_size
|
||||
|| offset + count >= (size_t)stbuf.st_size)
|
||||
if (offset + count > (size_t)stbuf.st_size)
|
||||
return SC_ERROR_FILE_NOT_FOUND; /* cache file bad? */
|
||||
}
|
||||
if (*buf == NULL) {
|
||||
|
Loading…
Reference in New Issue
Block a user