lib: resolves potential reads of uninitialized data
This commit is contained in:
+2
-1
@@ -274,8 +274,9 @@ ykpiv_rc ykpiv_util_list_keys(ykpiv_state *state, uint8_t *key_count, ykpiv_key
|
||||
|
||||
for (i = 0; i < sizeof(SLOTS); i++) {
|
||||
cbBuf = sizeof(buf);
|
||||
res = _read_certificate(state, SLOTS[i], buf, &cbBuf);
|
||||
|
||||
if (YKPIV_OK == (res = _read_certificate(state, SLOTS[i], buf, &cbBuf))) {
|
||||
if ((res == YKPIV_OK) && (cbBuf > 0)) {
|
||||
// add current slot to result, grow result buffer if necessary
|
||||
|
||||
cbRealloc = (sizeof(ykpiv_key) + cbBuf - 1) > (cbData - offset) ? MAX((sizeof(ykpiv_key) + cbBuf - 1) - (cbData - offset), CB_PAGE) : 0;
|
||||
|
||||
+11
@@ -1044,6 +1044,12 @@ static ykpiv_rc _ykpiv_get_version(ykpiv_state *state, ykpiv_version_t *p_versio
|
||||
if((res = _send_data(state, &apdu, data, &recv_len, &sw)) != YKPIV_OK) {
|
||||
return res;
|
||||
} else if(sw == SW_SUCCESS) {
|
||||
|
||||
/* check that we received enough data for the verson number */
|
||||
if (recv_len < 3) {
|
||||
return YKPIV_SIZE_ERROR;
|
||||
}
|
||||
|
||||
state->ver.major = data[0];
|
||||
state->ver.minor = data[1];
|
||||
state->ver.patch = data[2];
|
||||
@@ -1182,6 +1188,11 @@ static ykpiv_rc _ykpiv_get_serial(ykpiv_state *state, uint32_t *p_serial, bool f
|
||||
}
|
||||
}
|
||||
|
||||
/* check that we received enough data for the serial number */
|
||||
if (recv_len < 4) {
|
||||
return YKPIV_SIZE_ERROR;
|
||||
}
|
||||
|
||||
p_temp = (uint8_t*)(&state->serial);
|
||||
|
||||
*p_temp++ = data[3];
|
||||
|
||||
Reference in New Issue
Block a user