[Pcsclite-muscle] found possible bug

[Wolfgang Pichler]

Hi all,

struggling with my gemalto stick (as in my previous mail) - i found a possible bug - for which i now created a workaround - because i don?t know the exact source for the problem.

In libccid-1.4.22

in src/ccid_usb.c - in the ReadUSB Function

For whatever Reason - it got called for my stick with a value of 65556 (the main thing here will be to find out why it does like to read that many bytes?)

The call to libusb_bulk_transfer did failed then - but did not return something negative - only 0 bytes.

libusb_bulk_transfer is defined with the length as int (not unsigend int !) - for whatever reason

so the unsigned int value will get a negative value - so the libusb_bulk_transfer will return with 0 bytes because it can not read negative number of bytes (this sound clear to me)

So - quick and dirty - i added a check if the value is greater than 4096 - then make the length=4096 - and do read

--- ccid-1.4.22/src/ccid_usb.c	2016-01-10 13:26:09.000000000 +0000
+++ ccid-1.4.22-patched/src/ccid_usb.c	2017-02-18 18:02:40.225678226 +0000
@@ -800,7 +800,9 @@
 read_again:
 	(void)snprintf(debug_header, sizeof(debug_header), "<- %06X ",
 		(int)reader_index);
-
+	if (*length > 4096) {
+		*length = 4096;
+	}
 	rv = libusb_bulk_transfer(usbDevice[reader_index].dev_handle,
 		usbDevice[reader_index].bulk_in, buffer, *length,
 		&actual_length, usbDevice[reader_index].ccid.readTimeout);


At the start it does throw this failure

00000020 ccid.c:212:set_gemalto_firmware_features() GET_FIRMWARE_FEATURES failed: 612, len=0

Maybe because of this it does not know the max size which it could read from the device ?

br,
Wolfgang