[Pcsclite-git-commit] [PCSC] 02/06: ContextThread(): fix a SCARD_CANCEL race bug

Fri Jan 27 20:40:56 UTC 2017

This is an automated email from the git hooks/post-receive script.

rousseau pushed a commit to branch master
in repository PCSC.

commit b662aa1ae24267150d816a08f757b1c1539411ca
Author: Ludovic Rousseau <ludovic.rousseau at free.fr>
Date:   Fri Jan 27 09:39:40 2017 +0100

    ContextThread(): fix a SCARD_CANCEL race bug
    
    From Maksim Ivanov:
    " It seems that there are still some issues with regard to the blocking
    requests cancellation functionality in PC/SC-Lite:
    
    1. Extra SCARD_E_CANCELLED events may be sent by the daemon to the
       client that was previously performing an SCardGetStatusChange call.
    
       One scenario is that two concurrent SCardCancel calls succeeding
       simultaneously, and another scenario is an SCardCancel call
       succeeding simultaneously with an event sending from the status
       handler thread.
    
       As a result, the app<->daemon communication will break.
    
    Suggested solutions:
    
    For #1, suggesting to change the SCARD_CANCEL handler to firstly do
       EHUnregisterClientForEvent, and, only if it returns success, then
       send the SCARD_E_CANCELLED event to the client. "
    
    Now MSGSignalClient() is called only if EHUnregisterClientForEvent()
    succeeds i.e. the client was still blocked in a SCardGetStatusChange().
    
    If SCardGetStatusChange() was already canceled or finished then we do not
    signal the client.
    
    Thanks to Maksim Ivanov for the bug report and solution
    "[Pcsclite-muscle] Data races related to SCardCancel"
    http://lists.alioth.debian.org/pipermail/pcsclite-muscle/Week-of-Mon-20170116/000789.html
---
 src/winscard_svc.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/winscard_svc.c b/src/winscard_svc.c
index d65550e..a8f027c 100644
--- a/src/winscard_svc.c
+++ b/src/winscard_svc.c
@@ -595,11 +595,15 @@ static void ContextThread(LPVOID newContext)
 				if (psTargetContext != NULL)
 				{
 					uint32_t fd = psTargetContext->dwClientID;
-					caStr.rv = MSGSignalClient(fd, SCARD_E_CANCELLED);
+					LONG rv;
 
 					/* the client should not receive the event
 					 * notification now the waiting has been cancelled */
-					EHUnregisterClientForEvent(fd);
+					rv = EHUnregisterClientForEvent(fd);
+
+					/* signal the client only if it was still waiting */
+					if (SCARD_S_SUCCESS == rv)
+						caStr.rv = MSGSignalClient(fd, SCARD_E_CANCELLED);
 				}
 
 				WRITE_BODY(caStr);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pcsclite/PCSC.git

