[Pcsclite-muscle] Instances of Undefined behavior in CCID

Ludovic Rousseau ludovic.rousseau at gmail.com
Sat Aug 8 11:32:32 EDT 2020


Le jeu. 6 août 2020 à 19:54, Maksim Ivanov <emaxx at google.com> a écrit :
>
> Hello,

Hello Maksim,

> I found a couple of issues using the Clang's UBSan
> (https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html) in the
> CCID driver implementation:
>
> 1. The dw2i() macro doesn't cast the shifted operands to |unsigned
> int|, which means that the compiler will use |int| for those
> intermediate expressions - but that leads to hitting Undefined
> Behavior if the values overflow the (signed) int.

Fixed in 4385c302b2bb203db40dc509d62a5d800c778b2e

> 2. Undefined behavior due to calling memcpy() with a null |src|
> argument in CCID_Transmit(). (It's called with a zero |n| in this
> case, nonetheless such calls seem to be forbidden by the C Standard.)

Fixed in 1931e55b864d883d309e6c1c4064a63c84ad3fc7

Thanks.

Please continue running your tools to find new potential problems.
Bye

-- 
 Dr. Ludovic Rousseau



More information about the pcsclite-muscle mailing list