diff options
Diffstat (limited to 'meta-oe/recipes-support/opensc/opensc/CVE-2019-19479.patch')
-rw-r--r-- | meta-oe/recipes-support/opensc/opensc/CVE-2019-19479.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2019-19479.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19479.patch new file mode 100644 index 000000000..73222ee1a --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19479.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | From c3f23b836e5a1766c36617fe1da30d22f7b63de2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Frank Morgner <frankmorgner@gmail.com> | ||
3 | Date: Sun, 3 Nov 2019 04:45:28 +0100 | ||
4 | Subject: [PATCH] fixed UNKNOWN READ | ||
5 | |||
6 | Upstream-Status: Accepted <or Backport> | ||
7 | CVE: CVE-2019-19479 | ||
8 | |||
9 | Reported by OSS-Fuzz | ||
10 | https://oss-fuzz.com/testcase-detail/5681169970757632 | ||
11 | |||
12 | Reference to upstream patch: | ||
13 | https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2 | ||
14 | --- | ||
15 | src/libopensc/card-setcos.c | 2 +- | ||
16 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
17 | |||
18 | diff --git a/src/libopensc/card-setcos.c b/src/libopensc/card-setcos.c | ||
19 | index 4cf328ad6a..1b4e8f3e23 100644 | ||
20 | --- a/src/libopensc/card-setcos.c | ||
21 | +++ b/src/libopensc/card-setcos.c | ||
22 | @@ -868,7 +868,7 @@ static void parse_sec_attr_44(sc_file_t *file, const u8 *buf, size_t len) | ||
23 | } | ||
24 | |||
25 | /* Encryption key present ? */ | ||
26 | - iPinCount = iACLen - 1; | ||
27 | + iPinCount = iACLen > 0 ? iACLen - 1 : 0; | ||
28 | |||
29 | if (buf[iOffset] & 0x20) { | ||
30 | int iSC; | ||