[Pcsclite-muscle] Instances of Undefined behavior in CCID
Maksim Ivanov
emaxx at google.com
Thu Aug 6 13:52:59 EDT 2020
Hello,
I found a couple of issues using the Clang's UBSan
(https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html) in the
CCID driver implementation:
1. The dw2i() macro doesn't cast the shifted operands to |unsigned
int|, which means that the compiler will use |int| for those
intermediate expressions - but that leads to hitting Undefined
Behavior if the values overflow the (signed) int.
2. Undefined behavior due to calling memcpy() with a null |src|
argument in CCID_Transmit(). (It's called with a zero |n| in this
case, nonetheless such calls seem to be forbidden by the C Standard.)
Regards,
Maksim
More information about the pcsclite-muscle
mailing list