[Pcsclite-muscle] [PATCH] ContextThread: SCARD_TRANSMIT: work around CT API recv buffer size of 64k

Ludovic Rousseau ludovic.rousseau at gmail.com
Tue Dec 8 20:04:22 UTC 2015


Hello,

Why can't you fix the problem in the CT-API ifdhandler?
You can use the same patch in IFDHTransmitToICC() [1] of your driver.

I don't think the problem is on the pcsc-lite side.
Please fix your IFDHandler driver.

Regards,

[1]
https://pcsclite.alioth.debian.org/api/group__IFDHandler.html#gac86e07f01d11accda93fb80d3935eeed

2015-12-08 13:39 GMT+01:00 Marc Kleine-Budde <mkl at pengutronix.de>:

> In commit:
>
>     8eb9ea1b354b SCardTransmit() may return SCARD_E_INSUFFICIENT_BUFFER
>
> the recv buffer size, passed to the SCardTransmit() function, is set
> unconditionally to "sizeof pbRecvBuffer", which is 64k + 12. This leads to
> problems when the CT API is used in the lower layers, as the CT API
> implements
> a maximum recv buffer size of 64k.
>
> This leads to the truncation of the recv buffer size to 12. If the client
> has
> supplied a buffer of >12 bytes, resulting in truncated reads. This patch
> tries
> to work around the problem, by not unconditionally passing the recv buffer
> size
> of "sizeof pbRecvBuffer" (64k + 12), but increasing the client supplied
> buffer
> by one, keeping the "sizeof pbRecvBuffer" as an upper bound. This way a too
> small recv buffer passed by the client can still be detected, but the CT
> API
> limit of 64k is not exceeded if the buffer is below 64k.
>
> Cc: Marcin Cieslak <saper at saper.info>
> ---
>  src/winscard_svc.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
>
> diff --git a/src/winscard_svc.c b/src/winscard_svc.c
> index 75e4c8e4e8e1..a623fd60f631 100644
> --- a/src/winscard_svc.c
> +++ b/src/winscard_svc.c
> @@ -636,7 +636,20 @@ static void ContextThread(LPVOID newContext)
>                                 ioSendPci.cbPciLength =
> trStr.ioSendPciLength;
>                                 ioRecvPci.dwProtocol =
> trStr.ioRecvPciProtocol;
>                                 ioRecvPci.cbPciLength =
> trStr.ioRecvPciLength;
> +                               /* The CT API implements a max recv buffer
> size of 64k,
> +                                * while "sizeof pbRecvBuffer" is "64k +
> 12". This leads
> +                                * to trunkation of max recv buffer size
> to "12" when
> +                                * using "sizeof pbRecvBuffer", even if
> the client
> +                                * specifies a much smaller recv buffer.
> +                                *
> +                                * Here we increase the client buffer by
> one
> +                                * (but keeping "sizeof pbRecvBuffer" as
> maximum),
> +                                * so that we can detect a too small
> client buffer
> +                                * later.
> +                                */
>                                 cbRecvLength = sizeof pbRecvBuffer;
> +                               if (cbRecvLength > trStr.pcbRecvLength + 1)
> +                                       cbRecvLength = trStr.pcbRecvLength
> + 1;
>
>                                 trStr.rv = SCardTransmit(trStr.hCard,
> &ioSendPci,
>                                         pbSendBuffer, trStr.cbSendLength,
> &ioRecvPci,
> --
> 2.6.2
>
>
> _______________________________________________
> Pcsclite-muscle mailing list
> Pcsclite-muscle at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pcsclite-muscle
>



-- 
 Dr. Ludovic Rousseau
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pcsclite-muscle/attachments/20151208/89299bc1/attachment.html>


More information about the Pcsclite-muscle mailing list