[Pcsclite-cvs-commit] r5905 - /trunk/Drivers/ccid/src/commands.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Wed Aug 24 09:00:46 UTC 2011
Author: rousseau
Date: Wed Aug 24 09:00:46 2011
New Revision: 5905
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=5905
Log:
SecurePINVerify(): use a variable-length array
Use a VLA instead of static size of 65572 to limit stack consumption
Coverity: stack_use_local: Local variable "cmd" stack use: 65572
bytes -> 65588 bytes total.
stack_use_overflow: The maximum stack use of 32768 bytes is exceeded.
Modified:
trunk/Drivers/ccid/src/commands.c
Modified: trunk/Drivers/ccid/src/commands.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/Drivers/ccid/src/commands.c?rev=5905&op=diff
==============================================================================
--- trunk/Drivers/ccid/src/commands.c (original)
+++ trunk/Drivers/ccid/src/commands.c Wed Aug 24 09:00:46 2011
@@ -287,7 +287,7 @@
unsigned char TxBuffer[], unsigned int TxLength,
unsigned char RxBuffer[], unsigned int *RxLength)
{
- unsigned char cmd[11+14+CMD_BUF_SIZE];
+ unsigned char cmd[11+14+TxLength];
unsigned int a, b;
PIN_VERIFY_STRUCTURE *pvs;
_ccid_descriptor *ccid_descriptor = get_ccid_descriptor(reader_index);
@@ -302,14 +302,6 @@
cmd[8] = 0; /* wLevelParameter */
cmd[9] = 0;
cmd[10] = 0; /* bPINOperation: PIN Verification */
-
- /* 19 is the size of the PCSCv2 PIN verify structure
- * The equivalent CCID structure is only 14-bytes long */
- if (TxLength > 19+CMD_BUF_SIZE) /* command too large? */
- {
- DEBUG_INFO3("Command too long: %d > %d", TxLength, 19+CMD_BUF_SIZE);
- return IFD_NOT_SUPPORTED;
- }
if (TxLength < 19+4 /* 4 = APDU size */) /* command too short? */
{
More information about the Pcsclite-cvs-commit
mailing list