Re: [Muscle] muscleTool: Formatting token [**] : Failed (Invalid parameter)

Wed, 01 Sep 2004 12:28:46 -0700 

Le Wednesday 01 September 2004 � 12:58:54, Bruce Barnett a �crit:
> This uses the  muscleCFlexKey which is defined to be 
> static MSCUChar8 muscleCFlexKey[8]  = {'M', 'u', 's', 'c', 'l', 'e', '0', '0'};
> The length of this is determines by strlen(muscleCFlexKey).
> The problem is, this string is never explicitly null-terminated. The length 
> depends upon the next character in storage.
> On my system, the value of strlen(muscleCFlexKey) is 9.

Ouch! Thanks.

I used sizeof() to know the array size.

> This patch fixes the problem and two minor documentation issues:
> 
>  1) It also changes muscleCFlexKey to be muscleDefaultKey, as this 
>     parameter has nothing to do with the CryptoFLex cards.

Applied

>  2) Changes the documentation on choice #1 to indicate that it is the default key 
> for the 
>     Axalto CyberFlex card, and not the generic "faactory."

Applied

> @@ -1739,14 +1740,14 @@
>    memcpy(initParams.transportKey, adminKey, adminKeyLength);
>    initParams.transportKeyLen   = adminKeyLength;
>   
> -  memcpy(initParams.newTransportKey, newAdmin, strlen(newAdmin));
> -  initParams.newTransportKeyLen   = strlen(newAdmin);
> +  memcpy(initParams.newTransportKey, newAdmin, STRLEN(newAdmin));
> +  initParams.newTransportKeyLen   = STRLEN(newAdmin);
>   
> -  memcpy(initParams.defaultCHV, userPIN, strlen(userPIN));
> -  initParams.defaultCHVLen = strlen(userPIN);
> +  memcpy(initParams.defaultCHV, userPIN, STRLEN(userPIN));
> +  initParams.defaultCHVLen = STRLEN(userPIN);
>   
> -  memcpy(initParams.defaultCHVUnblock, userUnblock, strlen(userUnblock));
> -  initParams.defaultCHVUnblockSize = strlen(userUnblock);
> +  memcpy(initParams.defaultCHVUnblock, userUnblock, STRLEN(userUnblock));
> +  initParams.defaultCHVUnblockSize = STRLEN(userUnblock);

Why do you do this? newAdmin, userPIN and userUnblock are text strings
and not binary arrays.

I agree that the code is subject to lots of buffer overflows (scanf
should be replaced) and that memcpy() is not the best way to copy text
strings. Patches appreciated.


Thanks for this very detailed bug report and patch.

Regards,

-- 
 Dr. Ludovic Rousseau                        [EMAIL PROTECTED]
 -- Normaliser Unix c'est comme pasteuriser le camembert, L.R. --
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to