Albert Solana wrote:
Hi,
I think i've found a bug on OpenSC. Whenever I look for any certificate
on a smart card, searching by its subject, OpenSC returns no matches and
I have 3 certificates on it!
I've found that on asn1_sequence_wrapper function returns a greater
attribute buffer size than it should be.
I attach a patch created against 2941 revision that works for me.
Could anyone test it and, if it's correct, apply it to OpenSC code?
...
Index: src/pkcs11/framework-pkcs15.c
===================================================================
--- src/pkcs11/framework-pkcs15.c (revision 2941)
+++ src/pkcs11/framework-pkcs15.c (working copy)
@@ -2478,7 +2478,7 @@
size_t len2;
len2 = len;
- check_attribute_buffer(attr, len + 1 + sizeof(len));
+ check_attribute_buffer(attr, len + 1 + 1);
dest = (u8 *) attr->pValue;
*dest++ = 0x30; /* SEQUENCE tag */
I don't think your patch will work if we have "len > 127" as in
this case the length of the value part of the sequence is encoded
in more than one byte. The current code uses sizeof(len) == sizeof(size_t)
as an upper bound for the length needed for the length bytes of the
sequence (note: this is actually wrong as in case of for example
0x11223344 we need and additional fifth byte 0x84 for number of length
bytes ...) a better solution would be to calculate the exact number
of bytes needed for the length encoding, i.e. something like
(untested !!):
size_t lenb = 1;
if (len > 127) {
unsigned int i = 0;
lenb++; /* number of length bytes */
for (i = 0; (len & (0xff << i)) != 0 && (0xff << i) != 0; i++)
lenb++;
}
check_attribute_buffer(attr, 1 + lenb + len);
Cheers,
Nils
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
