[Pcsclite-muscle] SCardConnect behavior with invalid contexts
Maksim Ivanov
emaxx at google.com
Tue Jul 28 09:09:17 EDT 2020
Hello,
I believe that there's a potential problem with the SCardConnect
implementation that it doesn't check the received SCARDCONTEXT
*before* executing the command. This might result in an unexpected
state, where the SCardConnect() caller receives an error code
meanwhile the connection to the card is actually established (which,
for example, might be an exclusive connection that prevents anyone
else from connecting to the card).
In detail, the ContextThread() function in winscard_svc.c, when
receiving the SCARD_CONNECT command, calls first SCardConnect() from
winscard.c, and then MSGAddHandle(). The former ignores SCARDCONTEXT
and, if possible, establishes a connection to the card. The latter
does check the SCARDCONTEXT value, but this happens after the
connection is already established, and its error is just returned to
the caller (without closing the just-opened connection).
Would it make sense to add a check of SCARDCONTEXT before calling
SCardConnect(), and/or to call SCardDisconnect() if MSGAddHandle()
fails?
Regards,
Maksim
More information about the pcsclite-muscle
mailing list