Aktiv Co. Aleksey Samsonov:
Patches for trunk revision 3698 are in attachment.
Sorry for inconvenience caused.
Patches for trunk revision 3698 are in attachment.
diff -u -r opensc-trunk-r3698/src/libopensc/iso7816.c
new/opensc-trunk-r3698/src/libopensc/iso7816.c
--- opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25 15:00:55.000000000
+0400
+++ new/opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25
15:57:27.000000000 +0400
@@ -446,11 +446,9 @@
apdu.resp = buf;
apdu.resplen = sizeof(buf);
apdu.le = 256;
- } else {
- apdu.resplen = 0;
- apdu.le = 0;
- apdu.cse = SC_APDU_CASE_3_SHORT;
- }
+ } else
+ apdu.cse = (apdu.lc == 0) ? SC_APDU_CASE_1 :
SC_APDU_CASE_3_SHORT;
+
r = sc_transmit_apdu(card, &apdu);
SC_TEST_RET(card->ctx, r, "APDU transmit failed");
if (file_out == NULL) {
diff -u -r opensc-trunk-r3698/src/libopensc/iso7816.c
new/opensc-trunk-r3698/src/libopensc/iso7816.c
--- opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25 15:00:55.000000000
+0400
+++ new/opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25
15:22:55.000000000 +0400
@@ -463,6 +463,8 @@
if (r)
SC_FUNC_RETURN(card->ctx, 2, r);
+ if (apdu.resplen < 2)
+ SC_FUNC_RETURN(card->ctx, 2, SC_ERROR_UNKNOWN_DATA_RECEIVED);
switch (apdu.resp[0]) {
case 0x6F:
file = sc_file_new();
@@ -473,7 +475,7 @@
sc_file_free(file);
SC_FUNC_RETURN(card->ctx, 2, SC_ERROR_NOT_SUPPORTED);
}
- if (apdu.resp[1] <= apdu.resplen)
+ if ((size_t)apdu.resp[1] + 2 <= apdu.resplen)
card->ops->process_fci(card, file, apdu.resp+2,
apdu.resp[1]);
*file_out = file;
break;
diff -u -r opensc-trunk-r3698/src/libopensc/iso7816.c
new/opensc-trunk-r3698/src/libopensc/iso7816.c
--- opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25 15:00:55.000000000
+0400
+++ new/opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25
15:29:52.000000000 +0400
@@ -519,17 +519,20 @@
{
u8 *p = out;
u8 buf[64];
-
+
+ if (*outlen < 2)
+ return SC_ERROR_BUFFER_TOO_SMALL;
*p++ = 0x6F;
p++;
buf[0] = (file->size >> 8) & 0xFF;
buf[1] = file->size & 0xFF;
- sc_asn1_put_tag(0x81, buf, 2, p, 16, &p);
+ sc_asn1_put_tag(0x81, buf, 2, p, *outlen - (p - out), &p);
if (file->type_attr_len) {
memcpy(buf, file->type_attr, file->type_attr_len);
- sc_asn1_put_tag(0x82, buf, file->type_attr_len, p, 16, &p);
+ sc_asn1_put_tag(0x82, buf, file->type_attr_len,
+ p, *outlen - (p - out), &p);
} else {
buf[0] = file->shareable ? 0x40 : 0;
switch (file->type) {
@@ -544,19 +547,21 @@
default:
return SC_ERROR_NOT_SUPPORTED;
}
- sc_asn1_put_tag(0x82, buf, 1, p, 16, &p);
+ sc_asn1_put_tag(0x82, buf, 1, p, *outlen - (p - out), &p);
}
buf[0] = (file->id >> 8) & 0xFF;
buf[1] = file->id & 0xFF;
- sc_asn1_put_tag(0x83, buf, 2, p, 16, &p);
+ sc_asn1_put_tag(0x83, buf, 2, p, *outlen - (p - out), &p);
/* 0x84 = DF name */
if (file->prop_attr_len) {
memcpy(buf, file->prop_attr, file->prop_attr_len);
- sc_asn1_put_tag(0x85, buf, file->prop_attr_len, p, 18, &p);
+ sc_asn1_put_tag(0x85, buf, file->prop_attr_len,
+ p, *outlen - (p - out), &p);
}
if (file->sec_attr_len) {
memcpy(buf, file->sec_attr, file->sec_attr_len);
- sc_asn1_put_tag(0x86, buf, file->sec_attr_len, p, 18, &p);
+ sc_asn1_put_tag(0x86, buf, file->sec_attr_len,
+ p, *outlen - (p - out), &p);
}
out[1] = p - out - 2;
diff -u -r opensc-trunk-r3698/src/libopensc/iso7816.c
new/opensc-trunk-r3698/src/libopensc/iso7816.c
--- opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25 15:00:55.000000000
+0400
+++ new/opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25
15:35:46.000000000 +0400
@@ -528,6 +528,7 @@
sc_asn1_put_tag(0x81, buf, 2, p, 16, &p);
if (file->type_attr_len) {
+ assert(sizeof(buf) >= file->type_attr_len);
memcpy(buf, file->type_attr, file->type_attr_len);
sc_asn1_put_tag(0x82, buf, file->type_attr_len, p, 16, &p);
} else {
@@ -551,10 +552,12 @@
sc_asn1_put_tag(0x83, buf, 2, p, 16, &p);
/* 0x84 = DF name */
if (file->prop_attr_len) {
+ assert(sizeof(buf) >= file->prop_attr_len);
memcpy(buf, file->prop_attr, file->prop_attr_len);
sc_asn1_put_tag(0x85, buf, file->prop_attr_len, p, 18, &p);
}
if (file->sec_attr_len) {
+ assert(sizeof(buf) >= file->sec_attr_len);
memcpy(buf, file->sec_attr, file->sec_attr_len);
sc_asn1_put_tag(0x86, buf, file->sec_attr_len, p, 18, &p);
}
@@ -687,6 +690,7 @@
if (env->flags & SC_SEC_ENV_FILE_REF_PRESENT) {
*p++ = 0x81;
*p++ = env->file_ref.len;
+ assert(sizeof(sbuf) - (p - sbuf) >= env->file_ref.len);
memcpy(p, env->file_ref.value, env->file_ref.len);
p += env->file_ref.len;
}
@@ -696,6 +700,7 @@
else
*p++ = 0x84;
*p++ = env->key_ref_len;
+ assert(sizeof(sbuf) - (p - sbuf) >= env->key_ref_len);
memcpy(p, env->key_ref, env->key_ref_len);
p += env->key_ref_len;
}
diff -u -r opensc-trunk-r3698/src/libopensc/iso7816.c
new/opensc-trunk-r3698/src/libopensc/iso7816.c
--- opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25 15:00:55.000000000
+0400
+++ new/opensc-trunk-r3698/src/libopensc/iso7816.c 2009-06-25
15:50:27.000000000 +0400
@@ -664,20 +664,17 @@
int r, locked = 0;
assert(card != NULL && env != NULL);
- sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x22, 0, 0);
+ sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x22, 0x41, 0);
switch (env->operation) {
case SC_SEC_OPERATION_DECIPHER:
- apdu.p1 = 0x41;
apdu.p2 = 0xB8;
break;
case SC_SEC_OPERATION_SIGN:
- apdu.p1 = 0x41;
apdu.p2 = 0xB6;
break;
default:
return SC_ERROR_INVALID_ARGUMENTS;
}
- apdu.le = 0;
p = sbuf;
if (env->flags & SC_SEC_ENV_ALG_REF_PRESENT) {
*p++ = 0x80; /* algorithm reference */
@@ -703,7 +700,6 @@
apdu.lc = r;
apdu.datalen = r;
apdu.data = sbuf;
- apdu.resplen = 0;
if (se_num > 0) {
r = sc_lock(card);
SC_TEST_RET(card->ctx, r, "sc_lock() failed");
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
