[Pcsclite-cvs-commit] r5906 - /trunk/Drivers/ccid/src/commands.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Wed Aug 24 09:03:57 UTC 2011
Author: rousseau
Date: Wed Aug 24 09:03:56 2011
New Revision: 5906
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=5906
Log:
SecurePINModify(): use a variable-length array
Use a VLA instead of static size of 65576 to limit stack consumption
Coverity: stack_use_local: Local variable "cmd" stack use: 65576 bytes
-> 65592 bytes total.
stack_use_overflow: The maximum stack use of 32768 bytes is exceeded.
Modified:
trunk/Drivers/ccid/src/commands.c
Modified: trunk/Drivers/ccid/src/commands.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/Drivers/ccid/src/commands.c?rev=5906&op=diff
==============================================================================
--- trunk/Drivers/ccid/src/commands.c (original)
+++ trunk/Drivers/ccid/src/commands.c Wed Aug 24 09:03:56 2011
@@ -510,7 +510,7 @@
unsigned char TxBuffer[], unsigned int TxLength,
unsigned char RxBuffer[], unsigned int *RxLength)
{
- unsigned char cmd[11+19+CMD_BUF_SIZE];
+ unsigned char cmd[11+19+TxLength];
unsigned int a, b;
PIN_MODIFY_STRUCTURE *pms;
_ccid_descriptor *ccid_descriptor = get_ccid_descriptor(reader_index);
@@ -528,14 +528,6 @@
cmd[8] = 0; /* wLevelParameter */
cmd[9] = 0;
cmd[10] = 1; /* bPINOperation: PIN Modification */
-
- /* 24 is the size of the PCSC PIN modify structure
- * The equivalent CCID structure is only 18 or 19-bytes long */
- if (TxLength > 24+CMD_BUF_SIZE) /* command too large? */
- {
- DEBUG_INFO3("Command too long: %d > %d", TxLength, 24+CMD_BUF_SIZE);
- return IFD_NOT_SUPPORTED;
- }
if (TxLength < 24+4 /* 4 = APDU size */) /* command too short? */
{
More information about the Pcsclite-cvs-commit
mailing list