[pkg-opensc-commit] [opensc] 204/295: Add session handle uniqueness check to PKCS#11 C_OpenSession()

Eric Dorland eric at moszumanska.debian.org
Sat Jun 24 21:11:32 UTC 2017 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit df35d739ee6e8b4d65d410541801fecdf46d4348
Author: Maciej S. Szmigiero <mail at maciej.szmigiero.name>
Date:   Thu Aug 25 19:35:52 2016 +0200

    Add session handle uniqueness check to PKCS#11 C_OpenSession()
    
    C_OpenSession() creates a long int session handle from address of allocated
    session struct, however it has to be taken into consideration that on Win64
    long int is still 32-bit, so the address is going to be truncated and
    because of that not guaranteed to be unique.
    
    Add session handle uniqueness check to catch when there is already a
    session with the same handle present.
    
    This also fixes a warning when building on 64-bit mingw.
    
    Signed-off-by: Maciej S. Szmigiero <mail at maciej.szmigiero.name>
---
 src/pkcs11/pkcs11-session.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/pkcs11/pkcs11-session.c b/src/pkcs11/pkcs11-session.c
index 270e1c3..af42b30 100644
--- a/src/pkcs11/pkcs11-session.c
+++ b/src/pkcs11/pkcs11-session.c
@@ -20,6 +20,7 @@
 
 #include "config.h"
 
+#include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -72,12 +73,22 @@ CK_RV C_OpenSession(CK_SLOT_ID slotID,	/* the slot's ID */
 		goto out;
 	}
 
+	/* make session handle from pointer and check its uniqueness */
+	session->handle = (CK_SESSION_HANDLE)(uintptr_t)session;
+	if (list_seek(&sessions, &session->handle) != NULL) {
+		sc_log(context, "C_OpenSession handle 0x%lx already exists", session->handle);
+
+		free(session);
+
+		rv = CKR_HOST_MEMORY;
+		goto out;
+	}
+
 	session->slot = slot;
 	session->notify_callback = Notify;
 	session->notify_data = pApplication;
 	session->flags = flags;
 	slot->nsessions++;
-	session->handle = (CK_SESSION_HANDLE) session;	/* cast a pointer to long */
 	list_append(&sessions, session);
 	*phSession = session->handle;
 	sc_log(context, "C_OpenSession handle: 0x%lx", session->handle);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git

More information about the pkg-opensc-commit mailing list