[Opensc-commits] [OpenSC/OpenSC] 889d59: asn1: Initialize values to avoid comparison with g...

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 889d598bcd242447b4bd7db22106b008b605a849
      https://github.com/OpenSC/OpenSC/commit/889d598bcd242447b4bd7db22106b008b605a849
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/asn1.c

  Log Message:
  -----------
  asn1: Initialize values to avoid comparison with garbage

Reported by clang analyzer:

src/libopensc/asn1.c:2115:14: warning: The right operand of '<' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]

        if (halflen < r_len || halflen < s_len)   {

  Commit: 544d576b0076dcb96b78e502e2c05906486ba357
      https://github.com/OpenSC/OpenSC/commit/544d576b0076dcb96b78e502e2c05906486ba357
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/asn1.c

  Log Message:
  -----------
  asn1: Do not pass null argument to memcpy

Reported by clang analyzer:

src/libopensc/asn1.c:1080:2: note: Null pointer passed as an argument to a 'nonnull' parameter

        memcpy(p, data, datalen);

  Commit: 459e4ecc377353df54be12c29b214949afdaac31
      https://github.com/OpenSC/OpenSC/commit/459e4ecc377353df54be12c29b214949afdaac31
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/card-piv.c

  Log Message:
  -----------
  piv: Avoid insane allocations in fuzzer

  Commit: 5e9e5b232cc9fed099da1136e71186f10625c5dd
      https://github.com/OpenSC/OpenSC/commit/5e9e5b232cc9fed099da1136e71186f10625c5dd
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/card-piv.c

  Log Message:
  -----------
  card-piv: Fix indentation

  Commit: ff893d22245695917e88f7b6d4488165803c5717
      https://github.com/OpenSC/OpenSC/commit/ff893d22245695917e88f7b6d4488165803c5717
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/pkcs15.c

  Log Message:
  -----------
  pkcs15: Remove unused code

  Commit: 6ef0ac6e678a4710198bc109a126fa1ad0e1d53e
      https://github.com/OpenSC/OpenSC/commit/6ef0ac6e678a4710198bc109a126fa1ad0e1d53e
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/asn1.c

  Log Message:
  -----------
  asn1: Correctly parse negative integers

The negative integers were parsed uterly wrong, resulting in undefined
shift overflows as reported by oss-fuzz.

The current implementation takes negated values (properly masked) and
calculates two's complement in the end, which results in correct values
and correct data handling.

https://oss-fuzz.com/testcase-detail/5125815506829312

  Commit: 62049ea18c622fe96bcbe3664f1b3f5f95f878cc
      https://github.com/OpenSC/OpenSC/commit/62049ea18c622fe96bcbe3664f1b3f5f95f878cc
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/card-mcrd.c

  Log Message:
  -----------
  Avoid memory leaks from file selection

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17106

  Commit: 630d6adf32cecaab0ee184618f56497bd50400fb
      https://github.com/OpenSC/OpenSC/commit/630d6adf32cecaab0ee184618f56497bd50400fb
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/pkcs15-prkey.c

  Log Message:
  -----------
  pkcs15-prkey: Avoid memory leak

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16625

  Commit: 1be013d08e381b2bea21fa97fa5b3584e1245f6d
      https://github.com/OpenSC/OpenSC/commit/1be013d08e381b2bea21fa97fa5b3584e1245f6d
  Author: Jakub Jelen <jj...@re...>
  Date:   2019-10-22 (Tue, 22 Oct 2019)

  Changed paths:
    M src/libopensc/asn1.c

  Log Message:
  -----------
  asn1: Fix undefined shift in OID parser

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16618

Compare: https://github.com/OpenSC/OpenSC/compare/01678e871e4b...1be013d08e38

[Opensc-commits] [OpenSC/OpenSC] 889d59: asn1: Initialize values to avoid comparison with g...

OpenSC - tools and libraries for smart cards

[Opensc-commits] [OpenSC/OpenSC] 889d59: asn1: Initialize values to avoid comparison with g...