[Pcsclite-muscle] SCardConnect behavior with invalid contexts
Ludovic Rousseau
ludovic.rousseau at gmail.com
Wed Aug 5 12:11:40 EDT 2020
Le mar. 28 juil. 2020 à 15:11, Maksim Ivanov <emaxx at google.com> a écrit :
>
> Hello,
Hello Maksim,
> I believe that there's a potential problem with the SCardConnect
> implementation that it doesn't check the received SCARDCONTEXT
> *before* executing the command. This might result in an unexpected
> state, where the SCardConnect() caller receives an error code
> meanwhile the connection to the card is actually established (which,
> for example, might be an exclusive connection that prevents anyone
> else from connecting to the card).
>
> In detail, the ContextThread() function in winscard_svc.c, when
> receiving the SCARD_CONNECT command, calls first SCardConnect() from
> winscard.c, and then MSGAddHandle(). The former ignores SCARDCONTEXT
> and, if possible, establishes a connection to the card. The latter
> does check the SCARDCONTEXT value, but this happens after the
> connection is already established, and its error is just returned to
> the caller (without closing the just-opened connection).
>
> Would it make sense to add a check of SCARDCONTEXT before calling
> SCardConnect(), and/or to call SCardDisconnect() if MSGAddHandle()
> fails?
Exact.
Fixed in https://salsa.debian.org/rousseau/PCSC/-/commit/36bc9446b40fa3c6ac12312b934f4d7131659087
Do you think it is a good idea to publish my exploitation (reproduction) code?
Is someone interested in such a code? And why?
Thanks
--
Dr. Ludovic Rousseau
More information about the pcsclite-muscle
mailing list