IASECC: error when getting access to 2F00 #2231
Comments
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
|
The current patch does not revert the memmove() since it seems to be required for some cards ; but it skips it only for the CPX cards. |
|
For the records, CVE-2018-16426 https://vuldb.com/?id.123550 |
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
|
what does it mean to fail from time to time? can you reliably reproduce this, is this related to a specific object? If not, this may be due to path caching. If so, path caching should be disabled instead... |
|
I tried both with and without cache, I faced the same issue. "from time to time" means that over a long sequence of APDUs including this command, I do not have the return'd values |
|
So can you reproduce the result reliably by issuing the same long sequence of commands, or not? please note that with cache, I mean card->cache, which cannot be disabled by the configuration file. it is not related to the file cache from opensc.conf |
|
I'll check this |
|
card->cache remembers which path has been selected previously to avoid unnecessary commands. If some other process accesses the card while it is unlocked, this path may get invalidated without being noticed. That's why, I think, the concept of keeping card->cache is a misconception in a concurrent environment... Unfortunately I never had the time to go for a generic fix, but you may need to disable it here for your card to avoid these kinds of problems. |
|
If concurrency is the reason for your problems while selecting the path, you can also lock the card once you start the selection process:
This avoids being interrupted by a different process. You need to take care to catch all error cases to correctly unlock the card. |
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
Few years ago, the commit 0362844 did squash the 3F00nnnn path to nnnn. For instance, 3F002F00 becomes 2F00. It is an issue such as: 00000200 [139681798813440] APDU: 00 A4 09 04 02 2F 00 00029790 [139681798813440] SW: 6A 82 Fix: issue OpenSC#2231
|
merged => fixed. |
Problem Description
From time to time, openSC fails with the APDU sequence:
In order to reproduce this issue, I need to dump all the objects of a CPX card using C_GetAttributeValue(). Then, on some objects, I get an error because we get the SW
6A 82.The text was updated successfully, but these errors were encountered: