[Pcsclite-cvs-commit] r4715 - /trunk/PCSC/src/winscard.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Fri Feb 5 15:00:42 UTC 2010
Author: rousseau
Date: Fri Feb 5 15:00:37 2010
New Revision: 4715
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4715
Log:
SCardGetAttrib(): check for buffer overflow with
SCARD_ATTR_DEVICE_FRIENDLY_NAME
Thanks to Jean-Luc Giraud for complete SCARD_ATTR_DEVICE_FRIENDLY_NAME
patch
Modified:
trunk/PCSC/src/winscard.c
Modified: trunk/PCSC/src/winscard.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/PCSC/src/winscard.c?rev=4715&op=diff
==============================================================================
--- trunk/PCSC/src/winscard.c (original)
+++ trunk/PCSC/src/winscard.c Fri Feb 5 15:00:37 2010
@@ -1474,10 +1474,18 @@
*/
if (dwAttrId == SCARD_ATTR_DEVICE_FRIENDLY_NAME)
{
- *pcbAttrLen = strlen(rContext->lpcReader)+1;
-
- (void)strlcpy((char *)pbAttr, rContext->lpcReader, *pcbAttrLen);
- rv = SCARD_S_SUCCESS;
+ int len = strlen(rContext->lpcReader)+1;
+
+ *pcbAttrLen = len;
+ if (len > pcbAttrLen)
+ rv = SCARD_E_INSUFFICIENT_BUFFER;
+ else
+ {
+ (void)strlcpy((char *)pbAttr, rContext->lpcReader,
+ *pcbAttrLen);
+ rv = SCARD_S_SUCCESS;
+ }
+
}
else
rv = SCARD_E_UNSUPPORTED_FEATURE;
More information about the Pcsclite-cvs-commit
mailing list