diff options
author | drochner <drochner@pkgsrc.org> | 2010-12-16 18:00:59 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2010-12-16 18:00:59 +0000 |
commit | 4b032efd8e79c70394f410808b996eddac9d8c2f (patch) | |
tree | 27bf9b2662d241bf27aa768a1dd1aa8eabed7d33 /security/opensc | |
parent | 65dbc06625f10634ade315fc0dfee68f769d817b (diff) | |
download | pkgsrc-4b032efd8e79c70394f410808b996eddac9d8c2f.tar.gz |
add patch from upstream to protect for possible buffer overflows from
rogue cards (SA42658)
Diffstat (limited to 'security/opensc')
-rw-r--r-- | security/opensc/Makefile | 4 | ||||
-rw-r--r-- | security/opensc/distinfo | 6 | ||||
-rw-r--r-- | security/opensc/patches/patch-ae | 15 | ||||
-rw-r--r-- | security/opensc/patches/patch-af | 15 | ||||
-rw-r--r-- | security/opensc/patches/patch-ag | 15 | ||||
-rw-r--r-- | security/opensc/patches/patch-ah | 15 |
6 files changed, 68 insertions, 2 deletions
diff --git a/security/opensc/Makefile b/security/opensc/Makefile index 6a3f649c8a2..6d9ce8c8943 100644 --- a/security/opensc/Makefile +++ b/security/opensc/Makefile @@ -1,10 +1,12 @@ -# $NetBSD: Makefile,v 1.6 2010/09/01 15:59:22 drochner Exp $ +# $NetBSD: Makefile,v 1.7 2010/12/16 18:00:59 drochner Exp $ COMMENT= Smart Card drivers and middleware LICENSE= gnu-lgpl-v2.1 .include "../../security/opensc/Makefile.common" +PKGREVISION= 1 + PKG_DESTDIR_SUPPORT= user-destdir CONFIGURE_ARGS+= --disable-nsplugin diff --git a/security/opensc/distinfo b/security/opensc/distinfo index 43ca8e82f2f..a742deac56d 100644 --- a/security/opensc/distinfo +++ b/security/opensc/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.6 2010/09/01 15:59:22 drochner Exp $ +$NetBSD: distinfo,v 1.7 2010/12/16 18:00:59 drochner Exp $ SHA1 (opensc-0.11.13.tar.gz) = 408b374286004c3df15ec17856f69fd4c2a1aceb RMD160 (opensc-0.11.13.tar.gz) = cd900866e51cd64fa7c5a3287cd58193dec26528 @@ -7,3 +7,7 @@ SHA1 (patch-aa) = ad1c02161590c43170137d1deeaf5e88e7fef1ce SHA1 (patch-ab) = 6d3d055abd1b94c7024838b9b25cc6005af0d36a SHA1 (patch-ac) = 6c77415312d1ab149a9cbae9c49f4cf31c950502 SHA1 (patch-ad) = a618df0e8bc59af9ccea3f3b423b363e09ab0a4c +SHA1 (patch-ae) = 94ca059a2e9bf5689f4193587247e443213df9a4 +SHA1 (patch-af) = 3b8db1b680c833940973f11b8abb47e34fa5ecd0 +SHA1 (patch-ag) = 1d2de187008d4ce9aac1f97f829aafd035324082 +SHA1 (patch-ah) = e9a8e3aa06af5a7ce47015f8eba41fd2bb12b32d diff --git a/security/opensc/patches/patch-ae b/security/opensc/patches/patch-ae new file mode 100644 index 00000000000..993a51ca273 --- /dev/null +++ b/security/opensc/patches/patch-ae @@ -0,0 +1,15 @@ +$NetBSD: patch-ae,v 1.1 2010/12/16 18:00:59 drochner Exp $ + +--- src/libopensc/card-acos5.c.orig 2010-02-16 09:03:28.000000000 +0000 ++++ src/libopensc/card-acos5.c +@@ -140,8 +140,8 @@ static int acos5_get_serialnr(sc_card_t + /* + * Cache serial number. + */ +- memcpy(card->serialnr.value, apdu.resp, apdu.resplen); +- card->serialnr.len = apdu.resplen; ++ memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR)); ++ card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR); + + /* + * Copy and return serial number. diff --git a/security/opensc/patches/patch-af b/security/opensc/patches/patch-af new file mode 100644 index 00000000000..81d122fc066 --- /dev/null +++ b/security/opensc/patches/patch-af @@ -0,0 +1,15 @@ +$NetBSD: patch-af,v 1.1 2010/12/16 18:00:59 drochner Exp $ + +--- src/libopensc/card-atrust-acos.c.orig 2010-02-16 09:03:28.000000000 +0000 ++++ src/libopensc/card-atrust-acos.c +@@ -853,8 +853,8 @@ static int acos_get_serialnr(sc_card_t * + if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00) + return SC_ERROR_INTERNAL; + /* cache serial number */ +- memcpy(card->serialnr.value, apdu.resp, apdu.resplen); +- card->serialnr.len = apdu.resplen; ++ memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR)); ++ card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR); + /* copy and return serial number */ + memcpy(serial, &card->serialnr, sizeof(*serial)); + return SC_SUCCESS; diff --git a/security/opensc/patches/patch-ag b/security/opensc/patches/patch-ag new file mode 100644 index 00000000000..dc51e79344b --- /dev/null +++ b/security/opensc/patches/patch-ag @@ -0,0 +1,15 @@ +$NetBSD: patch-ag,v 1.1 2010/12/16 18:00:59 drochner Exp $ + +--- src/libopensc/card-starcos.c.orig 2010-02-16 09:03:28.000000000 +0000 ++++ src/libopensc/card-starcos.c +@@ -1289,8 +1289,8 @@ static int starcos_get_serialnr(sc_card_ + if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00) + return SC_ERROR_INTERNAL; + /* cache serial number */ +- memcpy(card->serialnr.value, apdu.resp, apdu.resplen); +- card->serialnr.len = apdu.resplen; ++ memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR)); ++ card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR); + /* copy and return serial number */ + memcpy(serial, &card->serialnr, sizeof(*serial)); + return SC_SUCCESS; diff --git a/security/opensc/patches/patch-ah b/security/opensc/patches/patch-ah new file mode 100644 index 00000000000..c88b2301c89 --- /dev/null +++ b/security/opensc/patches/patch-ah @@ -0,0 +1,15 @@ +$NetBSD: patch-ah,v 1.1 2010/12/16 18:00:59 drochner Exp $ + +--- src/libopensc/internal.h.orig 2010-02-16 09:03:28.000000000 +0000 ++++ src/libopensc/internal.h +@@ -39,6 +39,10 @@ extern "C" { + #include <windows.h> + #endif + ++#ifndef MIN ++#define MIN(a,b) ((a) < (b) ? (a) : (b)) ++#endif ++ + #define SC_FILE_MAGIC 0x14426950 + #define SC_CARD_MAGIC 0x27182818 + #define SC_CTX_MAGIC 0x0A550335 |