fix an old overflow bug
we need to do 8 - new_len, not 16 - new_len which overflows the indata buffer
This commit is contained in:
@@ -1013,7 +1013,7 @@ static bool change_pin(ykpiv_state *state, enum enum_action action, const char *
|
|||||||
}
|
}
|
||||||
memcpy(indata + 8, new_pin, new_len);
|
memcpy(indata + 8, new_pin, new_len);
|
||||||
if(new_len < 8) {
|
if(new_len < 8) {
|
||||||
memset(indata + 8 + new_len, 0xff, 16 - new_len);
|
memset(indata + 8 + new_len, 0xff, 8 - new_len);
|
||||||
}
|
}
|
||||||
if(ykpiv_transfer_data(state, templ, indata, sizeof(indata), data, &recv_len, &sw) != YKPIV_OK) {
|
if(ykpiv_transfer_data(state, templ, indata, sizeof(indata), data, &recv_len, &sw) != YKPIV_OK) {
|
||||||
return false;
|
return false;
|
||||||
|
|||||||
Reference in New Issue
Block a user