diff options
| author | shannonjr <shannonjr@pkgsrc.org> | 2010-12-17 17:00:35 +0000 |
|---|---|---|
| committer | shannonjr <shannonjr@pkgsrc.org> | 2010-12-17 17:00:35 +0000 |
| commit | 88a125ab5b384d9703b240ac80bfb7ae69bf9e8d (patch) | |
| tree | cf295ade439c46d6a60525da91a7242cd0229619 /security | |
| parent | 62a90292f4aed8a7dce780ab77fca1992274382d (diff) | |
| download | pkgsrc-88a125ab5b384d9703b240ac80bfb7ae69bf9e8d.tar.gz | |
Backported security fix from Version 1.6.6 of pcsc-lite. The fix bounds the
value of a pointer, prior to a memcpy(), to prevent a buffer overflow.
Diffstat (limited to 'security')
| -rw-r--r-- | security/pcsc-lite/Makefile | 4 | ||||
| -rw-r--r-- | security/pcsc-lite/distinfo | 3 | ||||
| -rw-r--r-- | security/pcsc-lite/patches/patch-ac | 18 |
3 files changed, 22 insertions, 3 deletions
diff --git a/security/pcsc-lite/Makefile b/security/pcsc-lite/Makefile index cd1e65bf3b0..5981282562f 100644 --- a/security/pcsc-lite/Makefile +++ b/security/pcsc-lite/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.8 2009/10/02 12:36:13 hasso Exp $ +# $NetBSD: Makefile,v 1.9 2010/12/17 17:00:35 shannonjr Exp $ # DISTNAME= pcsc-lite-1.5.5 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= security MASTER_SITES= http://alioth.debian.org/frs/download.php/3082/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/pcsc-lite/distinfo b/security/pcsc-lite/distinfo index fc38ac3cc85..bc85129a8a0 100644 --- a/security/pcsc-lite/distinfo +++ b/security/pcsc-lite/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.8 2009/10/02 12:36:13 hasso Exp $ +$NetBSD: distinfo,v 1.9 2010/12/17 17:00:35 shannonjr Exp $ SHA1 (pcsc-lite-1.5.5.tar.bz2) = 6791a8bd07f69972f708d4bdd03d6b1056c7af3e RMD160 (pcsc-lite-1.5.5.tar.bz2) = 99f56839483d7364426e0d70ec6825f551b4c49e Size (pcsc-lite-1.5.5.tar.bz2) = 465947 bytes SHA1 (patch-aa) = a30db3af5181f7d37d16c25d2679070e2fdf6652 SHA1 (patch-ab) = 3fe33345975fcd61611dae8d7aaf9b6ee5329d9e +SHA1 (patch-ac) = 1abf0c4bb7199998fb8d81ef8514f8f80f460ccc diff --git a/security/pcsc-lite/patches/patch-ac b/security/pcsc-lite/patches/patch-ac new file mode 100644 index 00000000000..94de59ca4f0 --- /dev/null +++ b/security/pcsc-lite/patches/patch-ac @@ -0,0 +1,18 @@ +$NetBSD: patch-ac,v 1.5 2010/12/17 17:00:35 shannonjr Exp $ + +--- src/atrhandler.c.orig 2009-07-28 20:57:07.000000000 +0000 ++++ src/atrhandler.c +@@ -239,6 +239,13 @@ short ATRDecodeAtr(PSMARTCARD_EXTENSION + if (psExtension->CardCapabilities.AvailableProtocols & SCARD_PROTOCOL_T1) + TCK = pucAtr[p++]; + ++ /* ++ * The following 2 lines were backported from PCSC-lite version 1.6.6 ++ * to correct buffer overflow vulnerability. ++ */ ++ if (p > MAX_ATR_SIZE) ++ return 0; /** @retval 0 Maximum attribute size */ ++ + memcpy(psExtension->ATR.Value, pucAtr, p); + psExtension->ATR.Length = p; /* modified from p-1 */ + |