[Pcsclite-cvs-commit] PKCS11/src p11x_object.c,1.40,1.41
rousseau@quantz.debian.org
rousseau@quantz.debian.org
Wed, 26 Nov 2003 21:36:25 +0100
Update of /cvsroot/muscleapps/PKCS11/src
In directory quantz:/tmp/cvs-serv29353
Modified Files:
p11x_object.c
Log Message:
dynamically allocate a conversion buffer in object_MatchAttrib().
Thanks to Ulf Möller for the patch. Closes [ #300359 ] buffer overrun
error in libmusclepkcs11
Index: p11x_object.c
===================================================================
RCS file: /cvsroot/muscleapps/PKCS11/src/p11x_object.c,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -d -r1.40 -r1.41
--- p11x_object.c 4 Oct 2003 08:30:18 -0000 1.40
+++ p11x_object.c 26 Nov 2003 20:36:23 -0000 1.41
@@ -710,15 +710,24 @@
}
else
{
- { CK_BYTE buf[4096];
+ {
+ CK_BYTE *buf;
+ buf = (CK_BYTE *)malloc((attrib->ulValueLen * 3) + 1);
+ if (buf == NULL)
+ return CKR_HOST_MEMORY;
object_BinToHex((CK_BYTE *)forward, attrib->ulValueLen, buf);
log_Log(LOG_LOW, "Orig:%s", buf);
object_BinToHex((CK_BYTE *)reverse, attrib->ulValueLen, buf);
log_Log(LOG_LOW, " Rev:%s", buf);
if (rv == CKR_OK)
- { object_BinToHex((CK_BYTE *)obj_attrib->attrib.pValue, obj_attrib->attrib.ulValueLen, buf);
- log_Log(LOG_LOW, " Obj:%s", buf); } }
+ {
+ object_BinToHex((CK_BYTE *)obj_attrib->attrib.pValue, obj_attrib->attrib.ulValueLen, buf);
+ log_Log(LOG_LOW, " Obj:%s", buf);
+ }
+
+ free(buf);
+ }
rv = 0;
}