From b7be3be4b447c297e817c2b9e59544e1f35f4ae1 Mon Sep 17 00:00:00 2001 From: Alessio Di Mauro Date: Thu, 5 Nov 2015 17:14:04 +0100 Subject: [PATCH] YKCS11: add check on buffer length. --- ykcs11/objects.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ykcs11/objects.c b/ykcs11/objects.c index e0a4214..7b52286 100644 --- a/ykcs11/objects.c +++ b/ykcs11/objects.c @@ -985,6 +985,9 @@ CK_BBOOL is_private_object(ykcs11_session_t *s, CK_OBJECT_HANDLE obj) { CK_RV get_available_certificate_ids(ykcs11_session_t *s, piv_obj_id_t *cert_ids, CK_ULONG n_certs) { CK_ULONG i, j; + if (n_certs > s->slot->token->n_objects) + return CKR_BUFFER_TOO_SMALL; + j = 0; for (i = 0; i < s->slot->token->n_objects; i++) if (IS_CERT(s->slot->token->objects[i]) == CK_TRUE)