packages/opensc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
opensc/backport-0004-CVE-2021-42782-iasecc-Prevent-stack-buffer.patch
Hugel cc6c8abfff fix CVE-2021-42782
2022-05-09 19:39:53 +08:00

27 lines
923 B
Diff
Raw Blame History

From ae1cf0be90396fb6c0be95829bf0d3eecbd2fd1c Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 11 Feb 2021 11:22:54 +0100
Subject: [PATCH] iasecc: Prevent stack buffer overflow when empty ACL is
returned
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800
---
src/libopensc/card-iasecc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libopensc/card-iasecc.c b/src/libopensc/card-iasecc.c
index 166bc307bc..0eec63363a 100644
--- a/src/libopensc/card-iasecc.c
+++ b/src/libopensc/card-iasecc.c
@@ -1171,7 +1171,7 @@ iasecc_process_fci(struct sc_card *card, struct sc_file *file,
else
acls = sc_asn1_find_tag(ctx, buf, buflen, IASECC_DOCP_TAG_ACLS_CONTACT, &taglen);
- if (!acls) {
+ if (!acls || taglen < 7) {
sc_log(ctx,
"ACLs not found in data(%"SC_FORMAT_LEN_SIZE_T"u) %s",
buflen, sc_dump_hex(buf, buflen));
Reference in New Issue View Git Blame Copy Permalink