meta-oe/recipes-support/opensc/opensc/CVE-2019-19479.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

From c3f23b836e5a1766c36617fe1da30d22f7b63de2 Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Sun, 3 Nov 2019 04:45:28 +0100
Subject: [PATCH] fixed  UNKNOWN READ

Upstream-Status: Accepted <or Backport>
CVE: CVE-2019-19479 
   
Reported by OSS-Fuzz
https://oss-fuzz.com/testcase-detail/5681169970757632

Reference to upstream patch:
https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2
---
 src/libopensc/card-setcos.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libopensc/card-setcos.c b/src/libopensc/card-setcos.c
index 4cf328ad6a..1b4e8f3e23 100644
--- a/src/libopensc/card-setcos.c
+++ b/src/libopensc/card-setcos.c
@@ -868,7 +868,7 @@ static void parse_sec_attr_44(sc_file_t *file, const u8 *buf, size_t len)
 			}
 
 			/* Encryption key present ? */
-			iPinCount = iACLen - 1;		
+			iPinCount = iACLen > 0 ? iACLen - 1 : 0;
 
 			if (buf[iOffset] & 0x20) {
 				int iSC;