Check-in [0c4b467640]
Overview
Comment:Fix issue with buffer being undersized
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:0c4b46764022afe4d7b73eeba7e3110d628431c7
User & Date: roykeene on 2021-10-30 19:47:11
Other Links: manifest | tags
Context
2021-10-30
20:27
CACKey 0.7.11 check-in: e6b5859a01 user: rkeene tags: trunk, 0.7.11
19:47
Fix issue with buffer being undersized check-in: 0c4b467640 user: roykeene tags: trunk
2019-11-15
15:07
Integrated RFC 6234 SHA1 implementation changes check-in: fa9ae90eae user: rkeene tags: trunk, 0.7.10
Changes

Modified cackey.c from [11f5663297] to [e8309dfff8].

  1916   1916   static ssize_t cackey_get_data(struct cackey_slot *slot, unsigned char *buffer, size_t buffer_len, unsigned char oid[3]) {
  1917   1917   	unsigned char cmd[] = {0x5C, 0x03, 0x00, 0x00, 0x00};
  1918   1918   	unsigned char *buffer_p;
  1919   1919   	size_t init_buffer_len, size;
  1920   1920   	uint16_t respcode;
  1921   1921   	int send_ret;
  1922   1922   
  1923         -	CACKEY_DEBUG_PRINTF("Called.");
         1923  +	CACKEY_DEBUG_PRINTF("Called with buffer_len = %llu", (unsigned long long) buffer_len);
  1924   1924   
  1925   1925   	init_buffer_len = buffer_len;
  1926   1926   
  1927   1927   	cmd[2] = oid[0];
  1928   1928   	cmd[3] = oid[1];
  1929   1929   	cmd[4] = oid[2];
  1930   1930   
................................................................................
  1955   1955   
  1956   1956   	if (buffer_len < 2) {
  1957   1957   		CACKEY_DEBUG_PRINTF("APDU GET DATA returned %lu bytes, which is too short for a BER-TLV response", (unsigned long) buffer_len);
  1958   1958   
  1959   1959   		return(-1);
  1960   1960   	}
  1961   1961   
  1962         -	size = buffer_len;
         1962  +	size = init_buffer_len;
  1963   1963   	buffer_p = cackey_read_bertlv_tag(buffer, &buffer_len, 0x53, NULL, &size);
  1964   1964   
  1965   1965   	if (buffer_p == NULL) {
  1966   1966   		CACKEY_DEBUG_PRINTF("Tag decoding failed, returning in error.");
  1967   1967   
  1968   1968   		return(-1);
  1969   1969   	}
................................................................................
  2599   2599    */
  2600   2600   static struct cackey_pcsc_identity *cackey_read_certs(struct cackey_slot *slot, struct cackey_pcsc_identity *certs, unsigned long *count) {
  2601   2601   	cackey_pcsc_id_type check_id_type;
  2602   2602   	struct cackey_pcsc_identity *curr_id;
  2603   2603   	struct cackey_tlv_entity *ccc_tlv, *ccc_curr, *app_tlv, *app_curr;
  2604   2604   	unsigned char *piv_oid, piv_oid_pivauth[] = {NISTSP800_73_3_OID_PIVAUTH}, piv_oid_signature[] = {NISTSP800_73_3_OID_SIGNATURE}, piv_oid_keymgt[] = {NISTSP800_73_3_OID_KEYMGT};
  2605   2605   	unsigned char curr_aid[7];
  2606         -	unsigned char buffer[8192], *buffer_p, *tmpbuf;
         2606  +	unsigned char buffer[1024 * 32], *buffer_p, *tmpbuf;
  2607   2607   	unsigned long outidx = 0;
  2608   2608   	char *piv_label;
  2609   2609   	cackey_ret transaction_ret;
  2610   2610   	ssize_t read_ret;
  2611   2611   	size_t buffer_len, tmpbuflen;
  2612   2612   	int certs_resizable;
  2613   2613   	int send_ret, select_ret;