fixed possible NULL pointer dereference
This commit is contained in:
parent
53954e9ff1
commit
e4a01643a6
|
@ -548,7 +548,7 @@ static int gids_get_pin_status(sc_card_t *card, int pinreference, int *tries_lef
|
||||||
}
|
}
|
||||||
p = sc_asn1_find_tag(card->ctx, buffer, buffersize , GIDS_TRY_LIMIT_TAG, &datasize);
|
p = sc_asn1_find_tag(card->ctx, buffer, buffersize , GIDS_TRY_LIMIT_TAG, &datasize);
|
||||||
if (p && datasize == 1) {
|
if (p && datasize == 1) {
|
||||||
if (tries_left)
|
if (max_tries)
|
||||||
*max_tries = p[0];
|
*max_tries = p[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -928,14 +928,16 @@ static int gids_select_file(sc_card_t *card, const struct sc_path *in_path,
|
||||||
data->currentEFID = in_path->value[1] + (in_path->value[0]<<8);
|
data->currentEFID = in_path->value[1] + (in_path->value[0]<<8);
|
||||||
data->currentDO = in_path->value[3] + (in_path->value[2]<<8);
|
data->currentDO = in_path->value[3] + (in_path->value[2]<<8);
|
||||||
|
|
||||||
file = sc_file_new();
|
if (file_out) {
|
||||||
if (file == NULL)
|
file = sc_file_new();
|
||||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
if (file == NULL)
|
||||||
file->path = *in_path;
|
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||||
file->type = SC_FILE_TYPE_WORKING_EF;
|
file->path = *in_path;
|
||||||
file->ef_structure = SC_FILE_EF_TRANSPARENT;
|
file->type = SC_FILE_TYPE_WORKING_EF;
|
||||||
file->size = SC_MAX_EXT_APDU_BUFFER_SIZE;
|
file->ef_structure = SC_FILE_EF_TRANSPARENT;
|
||||||
*file_out = file;
|
file->size = SC_MAX_EXT_APDU_BUFFER_SIZE;
|
||||||
|
*file_out = file;
|
||||||
|
}
|
||||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||||
} else if (in_path->len == 4 && in_path->value[0] == 0x3F && in_path->value[1] == 0xFF && in_path->type == SC_PATH_TYPE_PATH) {
|
} else if (in_path->len == 4 && in_path->value[0] == 0x3F && in_path->value[1] == 0xFF && in_path->type == SC_PATH_TYPE_PATH) {
|
||||||
// GIDS does not allow a select with a path containing a DF
|
// GIDS does not allow a select with a path containing a DF
|
||||||
|
|
|
@ -216,14 +216,17 @@ int mscfs_loadFileInfo(mscfs_t* fs, const u8 *path, int pathlen, mscfs_file_t **
|
||||||
mscfs_check_cache(fs);
|
mscfs_check_cache(fs);
|
||||||
if(idx) *idx = -1;
|
if(idx) *idx = -1;
|
||||||
for(x = 0; x < fs->cache.size; x++) {
|
for(x = 0; x < fs->cache.size; x++) {
|
||||||
msc_id objectId;
|
|
||||||
*file_data = &fs->cache.array[x];
|
*file_data = &fs->cache.array[x];
|
||||||
objectId = (*file_data)->objectId;
|
if (*file_data) {
|
||||||
if(0 == memcmp(objectId.id, fullPath.id, 4)) {
|
msc_id objectId;
|
||||||
if(idx) *idx = x;
|
objectId = (*file_data)->objectId;
|
||||||
break;
|
if(0 == memcmp(objectId.id, fullPath.id, 4)) {
|
||||||
|
if (idx)
|
||||||
|
*idx = x;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
*file_data = NULL;
|
||||||
}
|
}
|
||||||
*file_data = NULL;
|
|
||||||
}
|
}
|
||||||
if(*file_data == NULL && (0 == memcmp("\x3F\x00\x00\x00", fullPath.id, 4) || 0 == memcmp("\x3F\x00\x50\x15", fullPath.id, 4 ) || 0 == memcmp("\x3F\x00\x3F\x00", fullPath.id, 4))) {
|
if(*file_data == NULL && (0 == memcmp("\x3F\x00\x00\x00", fullPath.id, 4) || 0 == memcmp("\x3F\x00\x50\x15", fullPath.id, 4 ) || 0 == memcmp("\x3F\x00\x3F\x00", fullPath.id, 4))) {
|
||||||
static mscfs_file_t ROOT_FILE;
|
static mscfs_file_t ROOT_FILE;
|
||||||
|
|
|
@ -346,7 +346,7 @@ static int get_key(unsigned int usage, sc_pkcs15_object_t **result)
|
||||||
* a crypto operation. Card drivers can test for SC_AC_CONTEXT_SPECIFIC
|
* a crypto operation. Card drivers can test for SC_AC_CONTEXT_SPECIFIC
|
||||||
* to do any special handling.
|
* to do any special handling.
|
||||||
*/
|
*/
|
||||||
if (key->user_consent) {
|
if (key->user_consent && pin && pin->data) {
|
||||||
int auth_meth_saved;
|
int auth_meth_saved;
|
||||||
struct sc_pkcs15_auth_info *pinfo = (struct sc_pkcs15_auth_info *) pin->data;
|
struct sc_pkcs15_auth_info *pinfo = (struct sc_pkcs15_auth_info *) pin->data;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue