1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

scd: Restrict use of DEVINFO --watch command for socket connection.

* scd/app.c (app_send_devinfo): Return GPG_ERR_INV_HANDLE when
it's not socket when KEEP_LOOPING != 0.

--

GnuPG-bug-id: 7151
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2024-06-26 11:13:05 +09:00
parent f4e3ee61b8
commit d98521b934
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054

View File

@ -484,7 +484,7 @@ app_dump_state (void)
*
* With KEEP_LOOPING=0, it only outputs once.
* With KEEP_LOOPING<0, it keeps looping, until it detects no device.
* With KEEP_LOOPING>0, it keeps looping forever.
* With KEEP_LOOPING>0, it keeps looping forever (until connection close).
*/
gpg_error_t
app_send_devinfo (ctrl_t ctrl, int keep_looping)
@ -493,6 +493,13 @@ app_send_devinfo (ctrl_t ctrl, int keep_looping)
app_t a;
int no_device;
/* The connection from client should be by a socket. This is needed
for Windows using the select function. And it's not good to use
the primary pipe connection of gpg-agent for watching
devinfo. */
if (keep_looping && ctrl->thread_startup.fd == GNUPG_INVALID_FD)
return gpg_error (GPG_ERR_INV_HANDLE);
card_list_w_lock ();
while (1)
{