File opensc-CVE-2023-40661-9of10.patch of Package opensc.31015

From 245efe608d083fd4e4ec96793fdefd218e26fde7 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 17 Aug 2023 13:54:42 +0200
Subject: [PATCH] pkcs15: Avoid buffer overflow when getting last update

Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60769
---
 src/libopensc/pkcs15.c |   10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

--- a/src/libopensc/pkcs15.c
+++ b/src/libopensc/pkcs15.c
@@ -528,7 +528,7 @@ sc_pkcs15_get_lastupdate(struct sc_pkcs1
 	struct sc_context *ctx  = p15card->card->ctx;
 	struct sc_file *file = NULL;
 	struct sc_asn1_entry asn1_last_update[C_ASN1_LAST_UPDATE_SIZE];
-	unsigned char *content, last_update[32];
+	unsigned char *content, last_update[32] = {0};
 	size_t lupdate_len = sizeof(last_update) - 1;
 	int r, content_len;
 	size_t size;
@@ -564,9 +564,11 @@ sc_pkcs15_get_lastupdate(struct sc_pkcs1
 	if (r < 0)
 		return NULL;
 
-	p15card->tokeninfo->last_update.gtime = strdup((char *)last_update);
-	if (!p15card->tokeninfo->last_update.gtime)
-		return NULL;
+	if (asn1_last_update[0].flags & SC_ASN1_PRESENT) {
+		p15card->tokeninfo->last_update.gtime = strdup((char *)last_update);
+		if (!p15card->tokeninfo->last_update.gtime)
+			return NULL;
+	}
 done:
 	sc_log(ctx, "lastUpdate.gtime '%s'", p15card->tokeninfo->last_update.gtime);
 	return p15card->tokeninfo->last_update.gtime;