Check-in [ce07b4406e]
Overview
Comment:Fix dereferencing of cackey_pin_command when it is NULL and ensure printed buffers are truncated
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: ce07b4406ed341c3455db5edc8b66bd0cb377fe5
User & Date: rkeene on 2019-01-30 17:23:52
Other Links: manifest | tags
Context
2019-01-30
17:24
Only display extended key usage if it is present in the certificate check-in: 731ccabde6 user: rkeene tags: trunk
17:23
Fix dereferencing of cackey_pin_command when it is NULL and ensure printed buffers are truncated check-in: ce07b4406e user: rkeene tags: trunk
17:21
Use patched version of libpcsc check-in: 4aa7799e7f user: rkeene tags: trunk
Changes

Modified cackey.c from [911e072212] to [50819dda69].

224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
	unsigned long idx; \
	int snprintf_ret; \
	TMPBUF = (unsigned char *) (x); \
	buf_user[0] = 0; \
	buf_user[2] = 0; \
	buf_user_p = buf_user; \
	buf_user_size = sizeof(buf_user); \
	for (idx = 0; idx < (y); idx++) { \
		if (buf_user_size <= 0) { \
			break; \
		}; \
		snprintf_ret = snprintf(buf_user_p, buf_user_size, ", %02x", TMPBUF[idx]); \
		if (snprintf_ret <= 0) { \
			break; \
		}; \







|







224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
	unsigned long idx; \
	int snprintf_ret; \
	TMPBUF = (unsigned char *) (x); \
	buf_user[0] = 0; \
	buf_user[2] = 0; \
	buf_user_p = buf_user; \
	buf_user_size = sizeof(buf_user); \
	for (idx = 0; idx < MIN((y), sizeof(buf_user)); idx++) { \
		if (buf_user_size <= 0) { \
			break; \
		}; \
		snprintf_ret = snprintf(buf_user_p, buf_user_size, ", %02x", TMPBUF[idx]); \
		if (snprintf_ret <= 0) { \
			break; \
		}; \
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
		cackey_pin_command = strdup(getenv("CACKEY_PIN_COMMAND"));
	}

	if (getenv("CACKEY_PIN_COMMAND_XONLY") != NULL && getenv("DISPLAY") != NULL) {
		cackey_pin_command = strdup(getenv("CACKEY_PIN_COMMAND_XONLY"));
	}

	if (strcmp(cackey_pin_command, "") == 0) {
		free(cackey_pin_command);
		cackey_pin_command = NULL;
	}

#ifdef CACKEY_READERS_INCLUDE_ONLY_DEFAULT
	cackey_readers_include_only = strdup(CACKEY_MACRO_DEFAULT_XSTR(CACKEY_READERS_INCLUDE_ONLY_DEFAULT));
#endif







|







4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
		cackey_pin_command = strdup(getenv("CACKEY_PIN_COMMAND"));
	}

	if (getenv("CACKEY_PIN_COMMAND_XONLY") != NULL && getenv("DISPLAY") != NULL) {
		cackey_pin_command = strdup(getenv("CACKEY_PIN_COMMAND_XONLY"));
	}

	if (cackey_pin_command && strcmp(cackey_pin_command, "") == 0) {
		free(cackey_pin_command);
		cackey_pin_command = NULL;
	}

#ifdef CACKEY_READERS_INCLUDE_ONLY_DEFAULT
	cackey_readers_include_only = strdup(CACKEY_MACRO_DEFAULT_XSTR(CACKEY_READERS_INCLUDE_ONLY_DEFAULT));
#endif