forked from pool/opensc
58d3215b4a
- Security Fix: [CVE-2023-40661, bsc#1215761]
* opensc: multiple memory issues with pkcs15-init (enrollment tool)
* Add patches:
- opensc-CVE-2023-40661-1of12.patch
- opensc-CVE-2023-40661-2of12.patch
- opensc-CVE-2023-40661-3of12.patch
- opensc-CVE-2023-40661-4of12.patch
- opensc-CVE-2023-40661-5of12.patch
- opensc-CVE-2023-40661-6of12.patch
- opensc-CVE-2023-40661-7of12.patch
- opensc-CVE-2023-40661-8of12.patch
- opensc-CVE-2023-40661-9of12.patch
- opensc-CVE-2023-40661-10of12.patch
- opensc-CVE-2023-40661-11of12.patch
- opensc-CVE-2023-40661-12of12.patch
- Security Fix: [CVE-2023-4535, bsc#1215763]
* Add patches:
- opensc-CVE-2023-4535.patch
- opensc-NULL_pointer_fix.patch
- Security Fix: [CVE-2023-40660, bsc#1215762]
* opensc: PIN bypass when card tracks its own login state
* Add patches:
- opensc-CVE-2023-40660-1of2.patch
- opensc-CVE-2023-40660-2of2.patch
OBS-URL: https://build.opensuse.org/request/show/1116477
OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=75
26 lines
874 B
Diff
26 lines
874 B
Diff
From 440ca666eff10cc7011901252d20f3fc4ea23651 Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Thu, 17 Aug 2023 13:41:36 +0200
|
|
Subject: [PATCH] setcos: Avoid buffer underflow
|
|
|
|
Thanks oss-fuzz
|
|
|
|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60672
|
|
---
|
|
src/pkcs15init/pkcs15-setcos.c | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
--- a/src/pkcs15init/pkcs15-setcos.c
|
|
+++ b/src/pkcs15init/pkcs15-setcos.c
|
|
@@ -349,6 +349,10 @@ setcos_create_key(sc_profile_t *profile,
|
|
|
|
/* Replace the path of instantiated key template by the path from the object data. */
|
|
memcpy(&file->path, &key_info->path, sizeof(file->path));
|
|
+ if (file->path.len < 2) {
|
|
+ sc_file_free(file);
|
|
+ LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "Invalid path");
|
|
+ }
|
|
file->id = file->path.value[file->path.len - 2] * 0x100
|
|
+ file->path.value[file->path.len - 1];
|
|
|