[Pcsclite-muscle] pcsc_stringify_error thread safety

Maksim Ivanov emaxx
Tue Jan 17 11:33:36 PST 2017


Hello,

The pcsc_stringify_error function in the PC/SC-Lite implementation
uses a statically allocated buffer. This means that the buffer may be
used simultaneously when the function is called from multiple threads
concurrently.
Therefore, the returned message may be spoiled, e.g.:
"Internal error.ul"
or
"Command cancell"
In the worst-case scenario, the application may read an unbounded
string (with the terminating null character missing).


One possible solution would be to return addresses derived from the
string literals directly.
However, this won't support the dynamic message formatting, which is
currently performed for unknown error codes (though this arguably
doesn't look like a vital feature).


Regards,
Maksim




More information about the pcsclite-muscle mailing list