From eac516fd41c62fe7166c2054666267993d85cc3d Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 1 Oct 2019 11:54:56 +0200
Subject: [PATCH] dir: Avoid insane allocations

Resolves:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17449
---
 src/libopensc/dir.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libopensc/dir.c b/src/libopensc/dir.c
index 895ad65a..d458000c 100644
--- a/src/libopensc/dir.c
+++ b/src/libopensc/dir.c
@@ -29,6 +29,8 @@
 #include "internal.h"
 #include "asn1.h"
 
+#define MAX_FILE_SIZE 65535
+
 struct app_entry {
 	const u8 *aid;
 	size_t aid_len;
@@ -185,6 +187,8 @@ int sc_enum_apps(sc_card_t *card)
 		file_size = card->ef_dir->size;
 		if (file_size == 0)
 			LOG_FUNC_RETURN(ctx, 0);
+		if (file_size > MAX_FILE_SIZE)
+			LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_DATA);
 
 		buf = malloc(file_size);
 		if (buf == NULL)