Hello,
I propose the attached patch.
The idea is to not directly return if sc_apdu_set_resp() returns an
error but release the allocated memory first.
reader-openct.c does NOT have this bug and contains:
/* set response */
r = sc_apdu_set_resp(reader->ctx, apdu, rbuf, rsize);
out:
if (sbuf != NULL) {
sc_mem_clear(sbuf, ssize);
free(sbuf);
}
if (rbuf != NULL) {
sc_mem_clear(rbuf, rbuflen);
free(rbuf);
}
return r;
}
I propose to use the same code for reader-pcsc.c and reader-ctapi.c.
A better solution would be to have the code of *_transmit() only once
since it is very similar among the 3 files. Code duplication is bad
:-)
Bye
--
Dr Ludovic Rousseau
Index: reader-pcsc.c
===================================================================
--- reader-pcsc.c (révision 2918)
+++ reader-pcsc.c (copie de travail)
@@ -243,8 +243,6 @@ static int pcsc_transmit(sc_reader_t *re
#endif
/* set response */
r = sc_apdu_set_resp(reader->ctx, apdu, rbuf, rsize);
- if (r != SC_SUCCESS)
- return r;
out:
if (sbuf != NULL) {
sc_mem_clear(sbuf, ssize);
Index: reader-ctapi.c
===================================================================
--- reader-ctapi.c (révision 2918)
+++ reader-ctapi.c (copie de travail)
@@ -349,8 +349,6 @@ static int ctapi_transmit(sc_reader_t *r
#endif
/* set response */
r = sc_apdu_set_resp(reader->ctx, apdu, rbuf, rsize);
- if (r != SC_SUCCESS)
- return r;
out:
if (sbuf != NULL) {
sc_mem_clear(sbuf, ssize);
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
