[Pcsclite-cvs-commit] Drivers/ccid/src ccid_usb.c,1.6,1.7 parse.c,1.5,1.6
rousseau@quantz.debian.org
rousseau@quantz.debian.org
Mon, 05 Jan 2004 21:54:01 +0100
Update of /cvsroot/pcsclite/Drivers/ccid/src
In directory quantz:/tmp/cvs-serv14851
Modified Files:
ccid_usb.c parse.c
Log Message:
add a test on the USB extra field length to avoid a crash and print an
error message. This occurs when the reader is _not_ CCID and the CCID
driver is used (wrong Info.plist for example).
Index: ccid_usb.c
===================================================================
RCS file: /cvsroot/pcsclite/Drivers/ccid/src/ccid_usb.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- ccid_usb.c 16 Dec 2003 10:11:09 -0000 1.6
+++ ccid_usb.c 5 Jan 2004 20:53:59 -0000 1.7
@@ -105,9 +105,7 @@
DEBUG_COMM3("OpenUSB: Lun: %X, Channel: %X", lun, Channel);
if (busses == NULL)
- {
usb_init();
- }
usb_find_busses();
usb_find_devices();
@@ -213,6 +211,12 @@
{
DEBUG_CRITICAL2("No dev->config found for %s",
device_name);
+ return STATUS_UNSUCCESSFUL;
+ }
+
+ if (dev->config->interface->altsetting->extralen < 54)
+ {
+ DEBUG_CRITICAL3("Extra field too short for %s: %d", device_name, dev->config->interface->altsetting->extralen);
return STATUS_UNSUCCESSFUL;
}
Index: parse.c
===================================================================
RCS file: /cvsroot/pcsclite/Drivers/ccid/src/parse.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- parse.c 29 Oct 2003 18:01:23 -0000 1.5
+++ parse.c 5 Jan 2004 20:53:59 -0000 1.6
@@ -143,6 +143,13 @@
printf(" iInterface: %d\n", usb_interface->iInterface);
+ if (usb_interface->extralen < 54)
+ {
+ printf("USB extra length is too short: %d\n", usb_interface->extralen);
+ printf("\n NOT A CCID DEVICE\n");
+ return TRUE;
+ }
+
/*
* CCID Class Descriptor
*/