[Pcsclite-muscle] SCardControl() should return SCARD_E_INSUFFICIENT_BUFFER similar to SCardTransmit()

Maximilian Stein maximilian.stein at secunet.com
Fri Feb 17 19:24:27 UTC 2017


Hello,

I think SCardControl() should work similar to SCardTransmit() regarding
client application buffer size as in commit [1]. Depending on the
underlying IFD handler the current implementation might cause the same
incorrect behaviour as described in [1].

If the underlying IFD Handler is not correctly checking the buffer size,
the current implementation could even cause a buffer overflow in the
client application.

The attached patch solves this similar to the fix in [1].


Kind regards
Maximilian Stein

[1] 8eb9ea1b354b050f997d003cf3b0c5b56f29f9f7 - SCardTransmit() may
return SCARD_E_INSUFFICIENT_BUFFER
-------------- next part --------------
A non-text attachment was scrubbed...
Name: scardcontrol_insufficient_buffer.patch
Type: text/x-patch
Size: 1670 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pcsclite-muscle/attachments/20170217/afe99fee/attachment.bin>


More information about the Pcsclite-muscle mailing list