78 lines
2.6 KiB
Diff
78 lines
2.6 KiB
Diff
From 9c91a4327e6db579f7f964f147fd6e94a0e1b85e Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Wed, 3 Feb 2021 21:34:52 +0100
|
|
Subject: [PATCH] oberthur: Free another read data on failure paths
|
|
|
|
---
|
|
src/libopensc/pkcs15-oberthur.c | 21 ++++++++++++++++-----
|
|
1 file changed, 16 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/src/libopensc/pkcs15-oberthur.c b/src/libopensc/pkcs15-oberthur.c
|
|
index fa823be..d3236a9 100644
|
|
--- a/src/libopensc/pkcs15-oberthur.c
|
|
+++ b/src/libopensc/pkcs15-oberthur.c
|
|
@@ -876,14 +876,18 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card,
|
|
rv = sc_oberthur_read_file(p15card, ch_tmp, &info_blob, &info_len, 1);
|
|
LOG_TEST_RET(ctx, rv, "Failed to add data: read oberthur file error");
|
|
|
|
- if (info_len < 2)
|
|
+ if (info_len < 2) {
|
|
+ free(info_blob);
|
|
LOG_TEST_RET(ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED, "Failed to add certificate: no 'tag'");
|
|
+ }
|
|
flags = *(info_blob + 0) * 0x100 + *(info_blob + 1);
|
|
offs = 2;
|
|
|
|
/* Label */
|
|
- if (offs > info_len)
|
|
+ if (offs > info_len) {
|
|
+ free(info_blob);
|
|
LOG_TEST_RET(ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED, "Failed to add data: no 'label'");
|
|
+ }
|
|
label = info_blob + offs + 2;
|
|
label_len = *(info_blob + offs + 1) + *(info_blob + offs) * 0x100;
|
|
if (label_len > sizeof(dobj.label) - 1)
|
|
@@ -891,8 +895,10 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card,
|
|
offs += 2 + *(info_blob + offs + 1);
|
|
|
|
/* Application */
|
|
- if (offs > info_len)
|
|
+ if (offs > info_len) {
|
|
+ free(info_blob);
|
|
LOG_TEST_RET(ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED, "Failed to add data: no 'application'");
|
|
+ }
|
|
app = info_blob + offs + 2;
|
|
app_len = *(info_blob + offs + 1) + *(info_blob + offs) * 0x100;
|
|
if (app_len > sizeof(dinfo.app_label) - 1)
|
|
@@ -900,13 +906,17 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card,
|
|
offs += 2 + app_len;
|
|
|
|
/* OID encode like DER(ASN.1(oid)) */
|
|
- if (offs > info_len)
|
|
+ if (offs > info_len) {
|
|
+ free(info_blob);
|
|
LOG_TEST_RET(ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED, "Failed to add data: no 'OID'");
|
|
+ }
|
|
oid_len = *(info_blob + offs + 1) + *(info_blob + offs) * 0x100;
|
|
if (oid_len) {
|
|
oid = info_blob + offs + 2;
|
|
- if (*oid != 0x06 || (*(oid + 1) != oid_len - 2))
|
|
+ if (*oid != 0x06 || (*(oid + 1) != oid_len - 2)) {
|
|
+ free(info_blob);
|
|
LOG_TEST_RET(ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED, "Failed to add data: invalid 'OID' format");
|
|
+ }
|
|
oid += 2;
|
|
oid_len -= 2;
|
|
}
|
|
@@ -933,6 +943,7 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card,
|
|
|
|
rv = sc_pkcs15emu_add_data_object(p15card, &dobj, &dinfo);
|
|
|
|
+ free(info_blob);
|
|
LOG_FUNC_RETURN(p15card->card->ctx, rv);
|
|
}
|
|
|
|
--
|
|
1.8.3.1
|
|
|