#259 memory fault when getting error-code instead of an APDU

[Anonymous]

When sending an APDU to the card which should return data, but giving an error (eg PIN needed), rdesktop is killed by a memeory-fault.

The following solves the problem

regards
valentan

R.Valentan@solid.co.at

[Nobody/Anonymous]

patch

[Jan Kiszka]

Logged In: YES
user_id=666222
Originator: NO

Infact, there are more cases where the pioRecvPci copy-back code causes segfaults. Reason: Several card reader drivers do not care about this structure and return total nonsense. And as we do not propagate the content anyway, disabling the copy-back is for now the best solution:

---
scard.c | 4 ++++
1 file changed, 4 insertions(+)

Index: rdesktop/scard.c

--- rdesktop.orig/scard.c
+++ rdesktop/scard.c
@@ -1413,6 +1413,7 @@ TS_SCardEndTransaction(STREAM in, STREAM
}

+#if 0
static void
copyIORequest_MyPCSCToServer(MYPCSC_LPSCARD_IO_REQUEST src, SERVER_LPSCARD_IO_REQUEST dst)
{
@@ -1425,6 +1426,7 @@ copyIORequest_MyPCSCToServer(MYPCSC_LPSC
- sizeof(MYPCSC_SCARD_IO_REQUEST) + sizeof(SERVER_SCARD_IO_REQUEST));
memcpy(dstBytes, srcBytes, bytesToCopy);
}
+#endif

static void
copyIORequest_ServerToMyPCSC(SERVER_LPSCARD_IO_REQUEST src, MYPCSC_LPSCARD_IO_REQUEST dst)
@@ -1576,6 +1578,7 @@ TS_SCardTransmit(STREAM in, STREAM out)
cbRecvLength = 448;
}

+#if 0
if (pioRecvPci)
{
/*
@@ -1585,6 +1588,7 @@ TS_SCardTransmit(STREAM in, STREAM out)
if (myPioRecvPci->cbPciLength >= sizeof(MYPCSC_SCARD_IO_REQUEST))
copyIORequest_MyPCSCToServer(myPioRecvPci, pioRecvPci);
}
+#endif

if \(rv \!= SCARD\_S\_SUCCESS\)
\{