1 files changed, 34 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch
new file mode 100644
index 000000000..12c1f0b4a
--- /dev/null
+++ b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch
@@ -0,0 +1,34 @@
+From 6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Wed, 23 Oct 2019 09:22:44 +0200
+Subject: [PATCH] pkcs15-prkey: Simplify cleaning memory after failure
+https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18478
+Upstream-Status: Accepted
+CVE: CVE-2019-19480
+Reference to upstream patch:
+https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7
+---
+ src/libopensc/pkcs15-prkey.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c
+index d3eee983..4b249582 100644
+--- a/src/libopensc/pkcs15-prkey.c
+++ b/src/libopensc/pkcs15-prkey.c
+@@ -258,6 +258,10 @@ int sc_pkcs15_decode_prkdf_entry(struct sc_pkcs15_card *p15card,
+        memset(gostr3410_params, 0, sizeof(gostr3410_params));
+ 
+        r = sc_asn1_decode_choice(ctx, asn1_prkey, *buf, *buflen, buf, buflen);
+       if (r < 0) {
+               /* This might have allocated something. If so, clear it now */
+               free(info.subject.value);
+        }
+        if (r == SC_ERROR_ASN1_END_OF_CONTENTS)
+                return r;
+        LOG_TEST_RET(ctx, r, "PrKey DF ASN.1 decoding failed");
+-- 
+2.17.1

diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch new file mode 100644 index 000000000..12c1f0b4a --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch
@@ -0,0 +1,34 @@
	1	From 6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 Mon Sep 17 00:00:00 2001
	2	From: Jakub Jelen <jjelen@redhat.com>
	3	Date: Wed, 23 Oct 2019 09:22:44 +0200
	4	Subject: [PATCH] pkcs15-prkey: Simplify cleaning memory after failure
	5
	6	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18478
	7
	8	Upstream-Status: Accepted
	9	CVE: CVE-2019-19480
	10
	11	Reference to upstream patch:
	12	https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7
	13	---
	14	src/libopensc/pkcs15-prkey.c \| 4 ++++
	15	1 file changed, 4 insertions(+)
	16
	17	diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c
	18	index d3eee983..4b249582 100644
	19	--- a/src/libopensc/pkcs15-prkey.c
	20	+++ b/src/libopensc/pkcs15-prkey.c
	21	@@ -258,6 +258,10 @@ int sc_pkcs15_decode_prkdf_entry(struct sc_pkcs15_card *p15card,
	22	memset(gostr3410_params, 0, sizeof(gostr3410_params));
	23
	24	r = sc_asn1_decode_choice(ctx, asn1_prkey, buf, buflen, buf, buflen);
	25	+ if (r < 0) {
	26	+ /* This might have allocated something. If so, clear it now */
	27	+ free(info.subject.value);
	28	+ }
	29	if (r == SC_ERROR_ASN1_END_OF_CONTENTS)
	30	return r;
	31	LOG_TEST_RET(ctx, r, "PrKey DF ASN.1 decoding failed");
	32	--
	33	2.17.1
	34