Secure PIN Entry/Modification Fails with PCSC-Lite 1.8.9 and newer #2
Comments
|
Sounds good. Since you seam to have already identified the code lines to change, I would be glad to merge a pull request with your changes! |
|
Hi Lars, Thanks for your reply. Sorry but can't comply for fear of breaking something and for lack of more time to analyze miscellaneous problems that I seem to be having with forking, cloning, and compiling this version on my CentOS system. (The version that worked for me and that I used to analyze this issue is from the ReinerSCT CD entitled pcsc-cyberjack_3.99.5final.SP03.tar.gz.) In summary, there are 3 files that need changing: Please let me know if I can be of more help I will try my best to comply. Best regards, |
In PCSC-Lite 1.8.9, the structure
PIN_VERIFY_STRUCTUREdefinesabDataas a zero-size array. SoPIN_VERIFY_STRUCTUREends up being 19 bytes long. In 1.8.8 and earlier, it is defined as a 1-byte array. SoPIN_VERIFY_STRUCTUREends up being 20 bytes long. See https://alioth.debian.org/frs/download.php/latestfile/39/pcsc-lite-1.8.9.tar.bz2 in file pcsc-lite-1.8.9.tar-1/pcsc-lite-1.8.9/src/PCSC/reader.hThis driver's code (e.g.
cjeca32/CCIDReader.cpp) assumes the 1-byte array definition, and will not work with 1.8.9 and newer. For example, the following code behave incorrectly when compiled with PCSC-Lite 1.8.9 and newer:if(InputLength!=sizeof(PIN_VERIFY_STRUCTURE)-sizeof(uint8_t)+((PIN_VERIFY_STRUCTURE *)Input)->ulDataLength) { ...A proposed fix for this issue is to change the code as follows so that it work correctly with both definitions of
PIN_VERIFY_STRUCTURE:if(InputLength!=sizeof(PIN_VERIFY_STRUCTURE)-sizeof(((PIN_VERIFY_STRUCTURE*)(0))->abData)+((PIN_VERIFY_STRUCTURE *)Input)->ulDataLength) { ...I.e., the key to this proposed fix is to replace
sizeof(uint8_t)which always evaluates to
1, withsizeof(((PIN_VERIFY_STRUCTURE*)(0))->abData)which evaluates to either
1or0depending on the definition ofPIN_VERIFY_STRUCTURE.The text was updated successfully, but these errors were encountered: