a9f61c5855
- Update to version 0.26.0
Security
* CVE-2024-45615: Usage of uninitialized values in libopensc#
and pkcs15init (#3225).
* CVE-2024-45616: Uninitialized values after incorrect check or
usage of APDU response values in libopensc (#3225)
* CVE-2024-45617: Uninitialized values after incorrect or missing
checking return values of functions in libopensc (#3225)
* CVE-2024-45618: Uninitialized values after incorrect or missing
checking return values of functions in pkcs15init (#3225)
* CVE-2024-45619: Incorrect handling length of buffers or files
in libopensc (#3225)
* CVE-2024-45620: Incorrect handling of the length of buffers or
files in pkcs15init (#3225)
* CVE-2024-8443: Heap buffer overflow in OpenPGP driver when
generating key (#3219)
General improvements
* Fix reselection of DF after error in PKCS#15 layer (#3067)
* Unify OpenSSL logging throughout code (#2922)
* Extend the p11test to support kryoptic (#3141)
* Fix for error in PCSC reconnection (#3150)
* Fixed various issues reported by OSS-Fuzz and Coverity in
drivers, PKCS#11 and PKCS#15 layer
PKCS#15
* Documentation for PKCS#15 profile files (#3132)
minidriver
* Support PinCacheAlwaysPrompt usable for PIV cards (#3167)
pkcs11-tool
* Show URI when listing token information (#3125) and objects
* Do not limit size of objects to 5000 bytes (#3174)
OBS-URL: https://build.opensuse.org/request/show/1224304
OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=90
32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
|
|
index 41e620a..57f8a79 100644
|
|
--- a/src/tools/opensc-explorer.c
|
|
+++ b/src/tools/opensc-explorer.c
|
|
@@ -1839,6 +1839,12 @@ static int do_apdu(int argc, char **argv)
|
|
if (argc < 1)
|
|
return usage(do_apdu);
|
|
|
|
+ /* gcc-11 complains about BUF potentially being used without being
|
|
+ initialized. I can't convince myself that the calls to
|
|
+ parse_string_or_hexdata will fully initialize it, so we just
|
|
+ initialize it here. */
|
|
+ memset (buf, 0, sizeof (buf));
|
|
+
|
|
/* loop over the args and parse them, making sure the result fits into buf[] */
|
|
for (i = 0, len = 0; i < (unsigned) argc && len < sizeof(buf); i++) {
|
|
size_t len0 = sizeof(buf) - len;
|
|
commit 1680b3a1fb15319e41dbe3214ef8c4a4c215d529
|
|
Author: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Tue Feb 23 19:57:02 2021 +0100
|
|
|
|
Fix build on gcc11
|
|
|
|
This made most of the applications crashing in Fedora 34 when
|
|
smart card was plugged in.
|
|
|
|
The suggested patch makes the code path more obvious for gcc to
|
|
handle.
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1930652
|
|
|