[Pcsclite-cvs-commit] r5832 - /trunk/Drivers/ccid/src/ifdhandler.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Tue Jul 5 22:07:29 UTC 2011
Author: rousseau
Date: Tue Jul 5 22:07:28 2011
New Revision: 5832
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=5832
Log:
IFDHGetCapabilities(): use strlcpy() instead of the insecure strcpy
No problem was expected since pcsc-lite uses a big buffer.
coverity: Event secure_coding: [VERY RISKY]. Using "strcpy" can cause a
buffer overflow when done incorrectly. If the destination string of a
strcpy() is not large enough then anything might happen. Use strncpy()
instead.
Modified:
trunk/Drivers/ccid/src/ifdhandler.c
Modified: trunk/Drivers/ccid/src/ifdhandler.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/Drivers/ccid/src/ifdhandler.c?rev=5832&op=diff
==============================================================================
--- trunk/Drivers/ccid/src/ifdhandler.c (original)
+++ trunk/Drivers/ccid/src/ifdhandler.c Tue Jul 5 22:07:28 2011
@@ -606,14 +606,16 @@
{
_ccid_descriptor *ccid_desc;
- /* default value: not supported */
- *Length = 0;
-
ccid_desc = get_ccid_descriptor(reader_index);
if (ccid_desc->sIFD_serial_number)
{
- strcpy((char *)Value, ccid_desc->sIFD_serial_number);
+ strlcpy((char *)Value, ccid_desc->sIFD_serial_number, *Length);
*Length = strlen((char *)Value);
+ }
+ else
+ {
+ /* not supported */
+ *Length = 0;
}
}
break;
More information about the Pcsclite-cvs-commit
mailing list