- SECURITY: Fixed buffer overflow
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@263 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
88553f6bfc
commit
f39f2244bb
|
@ -536,7 +536,12 @@ int sc_pkcs15_bind(struct sc_card *card,
|
|||
err = sc_select_file(card, &tmppath, &p15card->file_odf);
|
||||
if (err) /* FIXME: finish writing error reporting stuff */
|
||||
goto error;
|
||||
err = sc_read_binary(card, 0, buf, p15card->file_odf->size, 0);
|
||||
|
||||
/* XXX: fix buffer overflow. Silently truncate ODF if it
|
||||
* is too large. --okir */
|
||||
if ((len = p15card->file_odf->size) > sizeof(buf))
|
||||
len = sizeof(buf);
|
||||
err = sc_read_binary(card, 0, buf, len, 0);
|
||||
if (err < 0)
|
||||
goto error;
|
||||
if (err < 2) {
|
||||
|
|
Loading…
Reference in New Issue