File opensc-oberthur-return-values.patch of Package opensc.26104
From 1db88374bb7706a115d5c3617c6f16115c33bf27 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 7 Jan 2021 14:20:31 +0100
Subject: [PATCH] oberthur: Correctly check for return values
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
---
src/libopensc/pkcs15-oberthur.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
Index: opensc-0.19.0/src/libopensc/pkcs15-oberthur.c
===================================================================
--- opensc-0.19.0.orig/src/libopensc/pkcs15-oberthur.c
+++ opensc-0.19.0/src/libopensc/pkcs15-oberthur.c
@@ -299,15 +299,21 @@ sc_oberthur_read_file(struct sc_pkcs15_c
if (verify_pin && rv == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED) {
struct sc_pkcs15_object *objs[0x10], *pin_obj = NULL;
const struct sc_acl_entry *acl = sc_file_get_acl_entry(file, SC_AC_OP_READ);
- int ii;
+ int ii, nobjs;
- rv = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_AUTH_PIN, objs, 0x10);
- LOG_TEST_RET(ctx, rv, "Cannot read oberthur file: get AUTH objects error");
+ nobjs = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_AUTH_PIN, objs, 0x10);
+ if (nobjs < 1) {
+ sc_file_free(file);
+ free(*out);
+ *out = NULL;
+ LOG_TEST_RET(ctx, SC_ERROR_DATA_OBJECT_NOT_FOUND,
+ "Cannot read oberthur file: get AUTH objects error");
+ }
- for (ii=0; ii<rv; ii++) {
+ for (ii = 0; ii < nobjs; ii++) {
struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) objs[ii]->data;
sc_log(ctx, "compare PIN/ACL refs:%i/%i, method:%i/%i",
- auth_info->attrs.pin.reference, acl->key_ref, auth_info->auth_method, acl->method);
+ auth_info->attrs.pin.reference, acl->key_ref, auth_info->auth_method, acl->method);
if (auth_info->attrs.pin.reference == (int)acl->key_ref && auth_info->auth_method == (unsigned)acl->method) {
pin_obj = objs[ii];
break;