[Pcsclite-cvs-commit] r5066 - /trunk/PCSC/src/readerfactory.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Thu Jul 8 20:35:04 UTC 2010
Author: rousseau
Date: Thu Jul 8 20:35:03 2010
New Revision: 5066
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=5066
Log:
fix crash with empty config dir
Thanks to Kalev Lember for the patch
http://archives.neohapsis.com/archives/dev/muscle/2010-q3/0017.html
pcscd attempts to read uninitialized memory and free an invalid
pointer when its configuration directory is empty.
The patch fixes this by initializing reader_list to NULL.
==2658== Conditional jump or move depends on uninitialised value(s)
==2658== at 0x40A2EF: RFStartSerialReaders (readerfactory.c:1324)
==2658== by 0x40743F: main (pcscdaemon.c:522)
==2658== ==2658== Use of uninitialised value of size 8
==2658== at 0x40A2F5: RFStartSerialReaders (readerfactory.c:1327)
==2658== by 0x40743F: main (pcscdaemon.c:522)
==2658== ==2658== Conditional jump or move depends on uninitialised
value(s)
==2658== at 0x4C26D25: free (vg_replace_malloc.c:325)
==2658== by 0x40A404: RFStartSerialReaders (readerfactory.c:1348)
==2658== by 0x40743F: main (pcscdaemon.c:522)
==2658== ==2658== Invalid free() / delete / delete[]
==2658== at 0x4C26D72: free (vg_replace_malloc.c:325)
==2658== by 0x40A404: RFStartSerialReaders (readerfactory.c:1348)
==2658== by 0x40743F: main (pcscdaemon.c:522)
==2658== Address 0x4222148 is not stack'd, malloc'd or (recently)
free'd
--- pcsc-lite-1.6.1/src/readerfactory.c.orig2010-07-04
23:42:14.000000000 +0300
+++ pcsc-lite-1.6.1/src/readerfactory.configuration2010-07-04
23:42:23.000000000 +0300
@@ -1312,7 +1312,7 @@ void RFCleanupReaders(void)
#ifdef USE_SERIAL
int RFStartSerialReaders(const char *readerconf)
{
-readerconfSerialReader *reader_list;
+reader_listSerialReader *reader_list = NULL;
int i, rv;
/* remember the configuration filename for
* RFReCheckReaderConf() */
Modified:
trunk/PCSC/src/readerfactory.c
Modified: trunk/PCSC/src/readerfactory.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/PCSC/src/readerfactory.c?rev=5066&op=diff
==============================================================================
--- trunk/PCSC/src/readerfactory.c (original)
+++ trunk/PCSC/src/readerfactory.c Thu Jul 8 20:35:03 2010
@@ -1291,7 +1291,7 @@
#ifdef USE_SERIAL
int RFStartSerialReaders(const char *readerconf)
{
- SerialReader *reader_list;
+ SerialReader *reader_list = NULL;
int i, rv;
/* remember the configuration filename for RFReCheckReaderConf() */
@@ -1331,7 +1331,7 @@
void RFReCheckReaderConf(void)
{
- SerialReader *reader_list;
+ SerialReader *reader_list = NULL;
int i, crc;
(void)DBGetReaderListDir(ConfigFile, &reader_list);
More information about the Pcsclite-cvs-commit
mailing list