[Pcsclite-muscle] SCardConnect: socketcall.sendto(msg) points to uninitialized byte(s)

Ludovic Rousseau ludovic.rousseau at gmail.com
Wed Apr 13 16:37:49 UTC 2016 

2016-04-08 20:50 GMT+02:00 Andrey R <andrey.roussev at gmail.com>:

> Hi.
>

Hello,


> Valgrind detected usage of uninitialized memory in SCardConnect:
>
> ==19635== Memcheck, a memory error detector
> ==19635== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
> ==19635== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
> ==19635== Command: /usr/rtests/bin/Pkcs11UnitTest.X64 pkcs11_common
> ==19635==
> Running pkcs11_common
> pkcs11_common::testGetInfo==19635== Syscall param socketcall.sendto(msg)
> points to uninitialised byte(s)
> ==19635== at 0x605A1F7: send (send.c:32)
> ==19635== by 0xBC47CE6: ??? (in /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0)
> ==19635== by 0xBC47E22: ??? (in /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0)
> ==19635== by 0xBC43BBE: SCardConnect (in
> /lib/x86_64-linux-gnu/libpcsclite.so.1.0.0)
> ...
>
> connect_struct.szReader involved. Patch for resolving the problem:
> root at test-x64-ub13:/tmp# diff -u
> pcsc-lite-1.8.16/src/winscard_clnt.c{,.patched}
> --- pcsc-lite-1.8.16/src/winscard_clnt.c 2016-03-12 23:03:09.000000000
> +0400
> +++ pcsc-lite-1.8.16/src/winscard_clnt.c.patched 2016-04-07
> 16:20:28.193294111 +0400
> @@ -764,7 +764,7 @@
> LPDWORD pdwActiveProtocol)
> {
> LONG rv;
> - struct connect_struct scConnectStruct;
> + struct connect_struct scConnectStruct = { 0 };
> SCONTEXTMAP * currentContextMap;
>
> PROFILE_START
>
>
Fixed in
https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=2269f10c2d2c5be1308d59469722024650a19b6d

I modified your patch since it generated a compiler warning:
winscard_clnt.c:767:46: warning: missing field 'szReader' initializer
      [-Wmissing-field-initializers]
        struct connect_struct scConnectStruct = { 0 };
                                                    ^

Thanks.

-- 
 Dr. Ludovic Rousseau
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pcsclite-muscle/attachments/20160413/1bcfc3eb/attachment.html>

More information about the Pcsclite-muscle mailing list