packages/opensc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
opensc/backport-0002-CVE-2021-42782-coolkey-Initialize-potentially.patch
Hugel cc6c8abfff fix CVE-2021-42782
2022-05-09 19:39:53 +08:00

27 lines
897 B
Diff
Raw Permalink Blame History

From 7114fb71b54ddfe06ce5dfdab013f4c38f129d14 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 24 Mar 2021 10:57:27 +0100
Subject: [PATCH] coolkey: Initialize potentially uninitialized memory
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28855
---
src/libopensc/pkcs15-coolkey.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/libopensc/pkcs15-coolkey.c b/src/libopensc/pkcs15-coolkey.c
index 373ec7a5a9..586475ddee 100644
--- a/src/libopensc/pkcs15-coolkey.c
+++ b/src/libopensc/pkcs15-coolkey.c
@@ -425,7 +425,8 @@ coolkey_get_public_key_from_certificate(sc_pkcs15_card_t *p15card, sc_cardctl_co
sc_pkcs15_pubkey_t *key = NULL;
int r;
- cert_info.value.value = NULL;
+ memset(&cert_info, 0, sizeof(cert_info));
+
r = coolkey_get_certificate(p15card->card, obj, &cert_info.value);
if (r < 0) {
goto fail;
Reference in New Issue View Git Blame Copy Permalink