Andreas Jellinghaus wrote:
...
more TODO items:
in card-oberthur.c SC_TEST_RET needs to free(key_file), too.
of course SC_TEST_RET can't free anything and hence this macro
shouldn't be used when memory needs to be freed on return
sc-test.c assumes sc_detect_card_presence returns 0 or 1
I think it can also return 2 or 3 (card changed flag).
thus the current code might not set opt_reader,
but use it as index in an array and [-1] is not healthy.
profile.c:sc_profile_addfile: file == NULL test is too late.
not really, if sc_file_dup() the first parameter will be set to
NULL and hence this should only check whether or not sc_file_dup()
has failed (of course a return value would have been better ...)
Index: src/tools/pkcs15-init.c
Index: src/tools/eidenv.c
ok
Index: src/pkcs11/framework-pkcs15.c
===================================================================
--- src/pkcs11/framework-pkcs15.c (revision 2919)
+++ src/pkcs11/framework-pkcs15.c (working copy)
@@ -2345,6 +2345,7 @@
sc_debug(context, "data_len %i\n", data->data_len);
check_attribute_buffer(attr, data->data_len);
memcpy(attr->pValue, data->data, data->data_len);
+ free(data);
}
break;
default:
don't know
Index: src/pkcs15init/pkcs15-lib.c
===================================================================
--- src/pkcs15init/pkcs15-lib.c (revision 2919)
+++ src/pkcs15init/pkcs15-lib.c (working copy)
@@ -512,14 +512,14 @@
int r = 0, nfids;
char pbuf[SC_MAX_PATH_STRING_SIZE];
+ if (df == NULL)
+ return SC_ERROR_INTERNAL;
r = sc_path_print(pbuf, sizeof(pbuf), &df->path);
if (r != SC_SUCCESS)
pbuf[0] = '\0';
sc_debug(card->ctx, "sc_pkcs15init_rmdir(%s)\n", pbuf);
- if (df == NULL)
- return SC_ERROR_INTERNAL;
if (df->type == SC_FILE_TYPE_DF) {
r = sc_pkcs15init_authenticate(profile, card, df,
SC_AC_OP_LIST_FILES);
@@ -758,10 +758,14 @@
SC_PKCS15_AODF, NULL);
}
- if (r >= 0)
+ if (r >= 0) {
r = sc_pkcs15init_update_dir(p15spec, profile, app);
- if (r >= 0)
- r = sc_pkcs15init_update_tokeninfo(p15spec, profile);
+
+ if (r >= 0)
+ r = sc_pkcs15init_update_tokeninfo(p15spec, profile);
+ } else {
+ free(app); /* unused */
+ }
hmm, if sc_pkcs15init_update_dir() fails we still have a possible memory
leak (unfortunately it's not clear whether we need to free app or not when
sc_pkcs15init_update() returns an error)
Index: src/libopensc/card-oberthur.c
Index: src/libopensc/pkcs15-gemsafe.c
ok
Index: src/libopensc/apdu.c
===================================================================
--- src/libopensc/apdu.c (revision 2919)
+++ src/libopensc/apdu.c (working copy)
@@ -222,14 +222,15 @@
}
/* set the SW1 and SW2 status bytes (the last two bytes of
* the response */
- apdu->sw1 = (unsigned int)buf[len - 2];
- apdu->sw2 = (unsigned int)buf[len - 1];
+ apdu->sw1 = buf[len - 2];
+ apdu->sw2 = buf[len - 1];
the casts here should suppress a warning when turning on some gcc
warning options afaik
len -= 2;
/* set output length and copy the returned data if necessary */
- if (apdu->resplen >= len) {
+ if (len <= apdu->resplen)
apdu->resplen = len;
+
+ if (apdu->resplen != 0)
memcpy(apdu->resp, buf, apdu->resplen);
- }
return SC_SUCCESS;
}
Index: src/libopensc/log.c
===================================================================
--- src/libopensc/log.c (revision 2919)
+++ src/libopensc/log.c (working copy)
@@ -98,8 +98,8 @@
}
if (file != NULL) {
- r = snprintf(buf, sizeof(buf)-1, "%s:%d:%s: ", file, line, func ? func :
"");
- if (r < 0 || (unsigned int)r >= sizeof(buf))
+ r = snprintf(buf, sizeof(buf), "%s:%d:%s: ", file, line, func ? func :
"");
+ if (r < 0 || (unsigned int)r > sizeof(buf))
return;
should we really discard the debug data when the printed value has been
truncated ?
Cheers,
Nils
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
