[pkg-opensc-commit] [SCM] OpenSC packaging branch, master, updated. 70dcae02e96340afe3b94add604b7f9c68b46706

Tue May 31 07:29:11 UTC 2011

The following commit has been merged in the master branch:
commit 2a6201f2f98692db7cc39fd2b2d1bddb7668365b
Author: Eric Dorland <eric at debian.org>
Date:   Mon Apr 4 01:51:54 2011 -0400

    debian/patches/CVE-2010-4523, debian/patches/min-max-macros, debian/patches/series: Remove now unnecessary patches.

diff --git a/debian/changelog b/debian/changelog
index 25fd665..99f2365 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,8 @@ opensc (0.12.0-1) unstable; urgency=low
   * debian/rules: Changelog no longer in a weird place.
   * debian/source/options, debian/source/patch-header: Remove unnecessary
     single-debian-patch setting.
+  * debian/patches/CVE-2010-4523, debian/patches/min-max-macros,
+    debian/patches/series: Remove now unnecessary patches.
 
  --
 
diff --git a/debian/patches/CVE-2010-4523 b/debian/patches/CVE-2010-4523
deleted file mode 100644
index 9c0757d..0000000
--- a/debian/patches/CVE-2010-4523
+++ /dev/null
@@ -1,46 +0,0 @@
-Description: protect against possible buffer overflows from rogue cards
- (CVE-2010-4523)
-Origin: https://www.opensc-project.org/opensc/changeset/4913
-Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427
-Forwarded: not-needed
-Last-Update: 2010-12-22
-
---- opensc-0.11.13.orig/src/libopensc/card-acos5.c
-+++ opensc-0.11.13/src/libopensc/card-acos5.c
-@@ -140,8 +140,8 @@
- 	/*
- 	 * Cache serial number.
- 	 */
--	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
--	card->serialnr.len = apdu.resplen;
-+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- 
- 	/*
- 	 * Copy and return serial number.
---- opensc-0.11.13.orig/src/libopensc/card-atrust-acos.c
-+++ opensc-0.11.13/src/libopensc/card-atrust-acos.c
-@@ -853,8 +853,8 @@
- 	if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
- 		return SC_ERROR_INTERNAL;
- 	/* cache serial number */
--	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
--	card->serialnr.len = apdu.resplen;
-+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- 	/* copy and return serial number */
- 	memcpy(serial, &card->serialnr, sizeof(*serial));
- 	return SC_SUCCESS;
---- opensc-0.11.13.orig/src/libopensc/card-starcos.c
-+++ opensc-0.11.13/src/libopensc/card-starcos.c
-@@ -1289,8 +1289,8 @@
- 	if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
- 		return SC_ERROR_INTERNAL;
- 	/* cache serial number */
--	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
--	card->serialnr.len = apdu.resplen;
-+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- 	/* copy and return serial number */
- 	memcpy(serial, &card->serialnr, sizeof(*serial));
- 	return SC_SUCCESS;
diff --git a/debian/patches/min-max-macros b/debian/patches/min-max-macros
deleted file mode 100644
index ea8804a..0000000
--- a/debian/patches/min-max-macros
+++ /dev/null
@@ -1,38 +0,0 @@
-Description: move MIN/MAX macros from muscle.c to internal.h (needed for
- patch CVE-2010-4523)
-Origin: https://www.opensc-project.org/opensc/changeset/4912
-Forwarded: not-needed
-Last-Update: 2010-12-22
-
---- opensc-0.11.13.orig/src/libopensc/internal.h
-+++ opensc-0.11.13/src/libopensc/internal.h
-@@ -50,6 +50,13 @@
- #define sleep(t)	Sleep((t) * 1000)
- #endif
- 
-+#ifndef MAX
-+#define MAX(x, y) (((x) > (y)) ? (x) : (y))
-+#endif
-+#ifndef MIN
-+#define MIN(x, y) (((x) < (y)) ? (x) : (y))
-+#endif
-+
- struct sc_atr_table {
- 	/* The atr fields are required to
- 	 * be in aa:bb:cc hex format. */
---- opensc-0.11.13.orig/src/libopensc/muscle.c
-+++ opensc-0.11.13/src/libopensc/muscle.c
-@@ -28,13 +28,6 @@
- #define MSC_DSA_PUBLIC		0x04
- #define MSC_DSA_PRIVATE 	0x05
- 
--#ifndef MAX
--#define MAX(x, y) (((x) > (y)) ? (x) : (y))
--#endif
--#ifndef MIN
--#define MIN(x, y) (((x) < (y)) ? (x) : (y))
--#endif
--
- static msc_id inputId = { { 0xFF, 0xFF, 0xFF, 0xFF } };
- static msc_id outputId = { { 0xFF, 0xFF, 0xFF, 0xFE } };
- 
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 0b02b2e..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1,2 +0,0 @@
-min-max-macros
-CVE-2010-4523

-- 
OpenSC packaging

