[Pcsclite-muscle] Missing checks of ATRDecodeAtr returns
Ludovic Rousseau
ludovic.rousseau at gmail.com
Sat Aug 8 09:22:25 EDT 2020
Le ven. 31 juil. 2020 à 18:06, Maksim Ivanov <emaxx at google.com> a écrit :
>
> Hello,
Hello Maksim,
> The callers of the ATRDecodeAtr() function (SCardConnect() and
> SCardReconnect() in winscard.c) don't check its return value, which
> might potentially cause reads of uninitialized variables
> |availableProtocols| and |defaultProtocol| and unexpected side
> effects.
This problem should be fixed with
https://salsa.debian.org/rousseau/PCSC/-/commit/a706455f31178ab35f07e3e6e76bd4a35d7ef3da
The only case where |availableProtocols| and |defaultProtocol| where
not initialized was if the ATR length is smaller than 2 bytes.
I don't think a "normal" smart card reader would ever report an ATR of
0 or 1 byte. The reader should report an error or the driver/reader is
malicious.
Thanks for the bug report.
--
Dr. Ludovic Rousseau
More information about the pcsclite-muscle
mailing list