[pkg-opensc-commit] [opensc] 161/295: iso7816: Parse TL using ASN1 parser to avoid (possibly) wrong assumptions about length of both parts

[Eric Dorland]

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit 92765f612efd8567c7de9e28c74bc128c8836555
Author: Jakub Jelen <jjelen at redhat.com>
Date:   Thu Jan 26 10:52:43 2017 +0100

    iso7816: Parse TL using ASN1 parser to avoid (possibly) wrong assumptions about length of both parts
---
 src/libopensc/iso7816.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/libopensc/iso7816.c b/src/libopensc/iso7816.c
index c60e26c..296cf69 100644
--- a/src/libopensc/iso7816.c
+++ b/src/libopensc/iso7816.c
@@ -452,6 +452,9 @@ iso7816_select_file(struct sc_card *card, const struct sc_path *in_path, struct
 	int r, pathlen, pathtype;
 	int select_mf = 0;
 	struct sc_file *file = NULL;
+	const u8 *buffer;
+	size_t buffer_len;
+	unsigned int cla, tag;
 
 	assert(card != NULL && in_path != NULL);
 	ctx = card->ctx;
@@ -577,8 +580,10 @@ iso7816_select_file(struct sc_card *card, const struct sc_path *in_path, struct
 			sc_file_free(file);
 			LOG_FUNC_RETURN(ctx, SC_ERROR_NOT_SUPPORTED);
 		}
-		if ((size_t)apdu.resp[1] + 2 <= apdu.resplen)
-			card->ops->process_fci(card, file, apdu.resp+2, apdu.resp[1]);
+		buffer = apdu.resp;
+		r = sc_asn1_read_tag(&buffer, apdu.resplen, &cla, &tag, &buffer_len);
+		if (r == SC_SUCCESS)
+			card->ops->process_fci(card, file, buffer, buffer_len);
 		*file_out = file;
 		break;
 	case 0x00: /* proprietary coding */

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git