File opensc-0_19_0-CVE-2020-26572.patch of Package opensc.26104

Index: opensc-0.19.0/src/libopensc/card-tcos.c
===================================================================
--- opensc-0.19.0.orig/src/libopensc/card-tcos.c
+++ opensc-0.19.0/src/libopensc/card-tcos.c
@@ -628,6 +628,8 @@ static int tcos_decipher(sc_card_t *card
 	apdu.data = sbuf;
 	apdu.lc = apdu.datalen = crgram_len+1;
 	sbuf[0] = tcos3 ? 0x00 : ((data->pad_flags & SC_ALGORITHM_RSA_PAD_PKCS1) ? 0x81 : 0x02);
+	if (sizeof sbuf - 1 < crgram_len)
+		return SC_ERROR_INVALID_ARGUMENTS;
 	memcpy(sbuf+1, crgram, crgram_len);
 
 	r = sc_transmit_apdu(card, &apdu);

Places

File opensc-0_19_0-CVE-2020-26572.patch of Package opensc.26104

Places