Fix up incorrect checks in CVE-2010-0407.patch (#596426)
This commit is contained in:
parent
e7a10ec46f
commit
a28c7042ad
|
@ -36,7 +36,7 @@ diff -ru pcsc-lite-1.4.102.orig//src/winscard_svc.c pcsc-lite-1.4.102/src/winsca
|
|||
if (rv != 0) return rv;
|
||||
|
||||
+ /* avoids buffer overflow */
|
||||
+ if ((ctStr->cbRecvLength > sizeof(ctStr->cbRecvLength))
|
||||
+ if ((ctStr->cbRecvLength > sizeof(ctStr->pbRecvBuffer))
|
||||
+ || (ctStr->cbSendLength > sizeof(ctStr->pbSendBuffer)))
|
||||
+ {
|
||||
+ ctStr->rv = SCARD_E_INSUFFICIENT_BUFFER;
|
||||
|
@ -66,7 +66,7 @@ diff -ru pcsc-lite-1.4.102.orig//src/winscard_svc.c pcsc-lite-1.4.102/src/winsca
|
|||
if (rv != 0) return rv;
|
||||
+
|
||||
+ /* avoids buffer overflow */
|
||||
+ if (gsStr->cbAttrLen <= sizeof(gsStr->pbAttr))
|
||||
+ if (gsStr->cbAttrLen > sizeof(gsStr->pbAttr))
|
||||
+ {
|
||||
+ gsStr->rv = SCARD_E_INSUFFICIENT_BUFFER ;
|
||||
+ break;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
Name: pcsc-lite
|
||||
Version: 1.5.2
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
Summary: PC/SC Lite smart card framework and applications
|
||||
%define upstream_build 2795
|
||||
|
||||
|
@ -154,6 +154,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Sun Jul 04 2010 Kalev Lember <kalev@smartlink.ee> - 1.5.2-5
|
||||
- Fix up incorrect checks in CVE-2010-0407.patch (#596426)
|
||||
|
||||
* Tue Jun 15 2010 Kalev Lember <kalev@smartlink.ee> - 1.5.2-4
|
||||
- Patch for CVE-2010-0407
|
||||
|
||||
|
|
Loading…
Reference in New Issue