opensc/opensc-gcc11.patch

diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
index 41e620a..57f8a79 100644
--- a/src/tools/opensc-explorer.c
+++ b/src/tools/opensc-explorer.c
@@ -1839,6 +1839,12 @@ static int do_apdu(int argc, char **argv)
 	if (argc < 1)
 		return usage(do_apdu);
 
+	/* gcc-11 complains about BUF potentially being used without being
+	   initialized.  I can't convince myself that the calls to
+	   parse_string_or_hexdata will fully initialize it, so we just
+	   initialize it here.  */
+	memset (buf, 0, sizeof (buf));
+
 	/* loop over the args and parse them, making sure the result fits into buf[] */
 	for (i = 0, len = 0; i < (unsigned) argc && len < sizeof(buf); i++)   {
 		size_t len0 = sizeof(buf) - len;
commit 1680b3a1fb15319e41dbe3214ef8c4a4c215d529
Author: Jakub Jelen <jjelen@redhat.com>
Date:   Tue Feb 23 19:57:02 2021 +0100

    Fix build on gcc11
    
    This made most of the applications crashing in Fedora 34 when
    smart card was plugged in.
    
    The suggested patch makes the code path more obvious for gcc to
    handle.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1930652
Accepting request 1224304 from home:mnhauke - Update to version 0.26.0 Security * CVE-2024-45615: Usage of uninitialized values in libopensc# and pkcs15init (#3225). * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc (#3225) * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (#3225) * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (#3225) * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (#3225) * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (#3225) * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (#3219) General improvements * Fix reselection of DF after error in PKCS#15 layer (#3067) * Unify OpenSSL logging throughout code (#2922) * Extend the p11test to support kryoptic (#3141) * Fix for error in PCSC reconnection (#3150) * Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer PKCS#15 * Documentation for PKCS#15 profile files (#3132) minidriver * Support PinCacheAlwaysPrompt usable for PIV cards (#3167) pkcs11-tool * Show URI when listing token information (#3125) and objects * Do not limit size of objects to 5000 bytes (#3174) OBS-URL: https://build.opensuse.org/request/show/1224304 OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=90 2024-11-18 11:30:20 +00:00			`diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c`
			`index 41e620a..57f8a79 100644`
			`--- a/src/tools/opensc-explorer.c`
			`+++ b/src/tools/opensc-explorer.c`
			`@@ -1839,6 +1839,12 @@ static int do_apdu(int argc, char **argv)`
			`if (argc < 1)`
			`return usage(do_apdu);`

			`+ /* gcc-11 complains about BUF potentially being used without being`
			`+ initialized. I can't convince myself that the calls to`
			`+ parse_string_or_hexdata will fully initialize it, so we just`
			`+ initialize it here. */`
			`+ memset (buf, 0, sizeof (buf));`
			`+`
			`/* loop over the args and parse them, making sure the result fits into buf[] */`
			`for (i = 0, len = 0; i < (unsigned) argc && len < sizeof(buf); i++) {`
			`size_t len0 = sizeof(buf) - len;`
			`commit 1680b3a1fb15319e41dbe3214ef8c4a4c215d529`
			`Author: Jakub Jelen <jjelen@redhat.com>`
			`Date: Tue Feb 23 19:57:02 2021 +0100`

			`Fix build on gcc11`

			`This made most of the applications crashing in Fedora 34 when`
			`smart card was plugged in.`

			`The suggested patch makes the code path more obvious for gcc to`
			`handle.`

			`https://bugzilla.redhat.com/show_bug.cgi?id=1930652`