Skip to content
Permalink
Browse files

8163251: Hard coded loop limit prevents reading of smart card data gr…

…eater than 8k

Reviewed-by: valeriep, rriggs
  • Loading branch information
Ivan Gerasimov
Ivan Gerasimov committed Feb 18, 2020
1 parent 5d9c59f commit 8aff5bda80c112cc3a758239cb90ddc459b8c673
Showing with 5 additions and 3 deletions.
  1. +5 −3 src/java.smartcardio/share/classes/sun/security/smartcardio/ChannelImpl.java
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -150,6 +150,7 @@ private static boolean getBooleanProperty(String name, boolean def) {
return res;
}
private final static int RESPONSE_ITERATIONS = 256;
private final static byte[] B0 = new byte[0];
private byte[] doTransmit(byte[] command) throws CardException {
@@ -182,8 +183,9 @@ private static boolean getBooleanProperty(String name, boolean def) {
int k = 0;
byte[] result = B0;
while (true) {
if (++k >= 32) {
throw new CardException("Could not obtain response");
if (++k > RESPONSE_ITERATIONS) {
throw new CardException("Number of response iterations" +
" exceeded maximum " + RESPONSE_ITERATIONS);
}
byte[] response = SCardTransmit
(card.cardId, card.protocol, command, 0, n);

0 comments on commit 8aff5bd

Please sign in to comment.