File opensc-0_13_0-CVE-2020-26571.patch of Package opensc.18766

Index: opensc-0.13.0/src/libopensc/pkcs15-gemsafeGPK.c
===================================================================
--- opensc-0.13.0.orig/src/libopensc/pkcs15-gemsafeGPK.c
+++ opensc-0.13.0/src/libopensc/pkcs15-gemsafeGPK.c
@@ -205,7 +205,7 @@ static int sc_pkcs15emu_gemsafeGPK_init(
 
 	u8 sysrec[7];
 	int num_keyinfo = 0;
-	keyinfo kinfo[8]; /* will loook for 8 keys */
+	keyinfo kinfo[9]; /* will loook for 9 keys */
 	u8 modulus_buf[ 1 + 1024 / 8]; /* tag+modulus */
 	u8 *cp;
 	char buf[256];
@@ -253,9 +253,9 @@ static int sc_pkcs15emu_gemsafeGPK_init(
 
 	/* There may be more then one key in the directory. */
 	/* we need to find them so we can associate them with the */
-	/* the certificate.  The files are 0007 to 000f */
+	/* the certificate.  The files are 0007 to 000F */
 
-	for (i = 7; i < 16; i++) {
+	for (i = 0x7; i <= 0xF; i++) {
 		path.value[0] = 0x00;
 		path.value[1] = i;
 		path.len = 2;	
@@ -295,7 +295,7 @@ static int sc_pkcs15emu_gemsafeGPK_init(
 		while (j--) 
 			*cp++ =  modulus_buf[j + 1];
 		num_keyinfo++;
-	} 
+	}
 
 	/* Get the gemsafe data with the cert */
 	 sc_format_path("3F000200004", &path);
openSUSE Build Service is sponsored by