security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity
gnupg/scd
History
Werner Koch b4ec909186 scd: Fix possible NULL deref in apdu.c 
* scd/apdu.c (control_pcsc_direct): Take care of BUFLEN being NULL.
(control_pcsc_wrapped): Ditto.
--

pcsc_vendor_specific_init calls the above with BUFFER and BUFLEN as
NULL.

Reported by Stack 0.3:

  bug: anti-dce
  model: |
    control_pcsc.exit77:
    %retval.0.i.i76 = phi i32 [ %rc.0.i.i.i73, \
            %pcsc_error_to_sw.exit.i.i74 ], [ 0, %if.end.i.i75 ]
    %tobool198 = icmp ne i32 %retval.0.i.i76, 0, !dbg !728
    br i1 %tobool198, label %if.then199, label %if.end200, !dbg !728
  stack:
    - /home/wk/s/gnupg/scd/apdu.c:1882:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/scd/apdu.c:1309:0
      - buffer overflow

(backported from 2.1 commit ef0a3abf73)
2015-04-15 16:06:06 +09:00
..
apdu.c scd: Fix possible NULL deref in apdu.c 2015-04-15 16:06:06 +09:00
apdu.h scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00
app-common.h More support for Netkey cards. 2009-05-08 15:07:45 +00:00
app-dinsig.c scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00
app-geldkarte.c Fix for extended length Le in decipher 2009-09-03 10:57:23 +00:00
app-help.c More support for Netkey cards. 2009-05-08 15:07:45 +00:00
app-nks.c scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00
app-openpgp.c Use inline functions to convert buffer data to scalars. 2015-02-12 20:34:44 +01:00
app-p15.c A bunch of minor changes 2009-12-21 16:19:09 +00:00
app.c scd: Skip S/N reading for the "undefined" application. 2014-03-12 15:03:57 +01:00
atr.c Change default gpgsm cipher back to 3DES. 2009-02-09 10:25:41 +00:00
atr.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
card-common.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
card-dinsig.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
card-p15.c Use bin2hex if possible. 2008-11-03 10:54:18 +00:00
card.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
ccid-driver.c Use inline functions to convert buffer data to scalars. 2015-02-12 20:34:44 +01:00
ccid-driver.h scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-02 19:28:02 +01:00
command.c scd: Avoid double-free on error condition in scd 2015-01-13 10:52:22 +09:00
iso7816.c scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00
iso7816.h scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00
Makefile.am Improve configure option --with-libgpg-error-prefix 2014-06-24 10:36:15 +02:00
pcsc-wrapper.c Use inline functions to convert buffer data to scalars. 2015-02-12 20:34:44 +01:00
sc-copykeys.c SCD: API cleanup for keypad handling. 2013-02-05 14:09:47 +09:00
scdaemon-w32info.rc w32: Add icons and version information. 2013-05-07 21:17:04 +02:00
scdaemon.c Remove thread callbacks for libgcrypt >= 1.6. 2014-06-24 10:56:19 +02:00
scdaemon.h scd: Rename 'keypad' to 'pinpad'. 2013-02-08 09:20:43 +09:00