From ee23d262768e7e54ed0fc554bc0b869c65868ace Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?= Date: Tue, 16 Apr 2013 10:19:34 +0700 Subject: [PATCH 16/26] OpenPGP: Correct parameter checking. --- src/libopensc/card-openpgp.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c index 4d0500d..beeee83 100644 --- a/src/libopensc/card-openpgp.c +++ b/src/libopensc/card-openpgp.c @@ -1223,6 +1223,8 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length) LOG_TEST_RET(card->ctx, r, "APDU transmit failed"); /* Check response */ r = sc_check_sw(card, apdu.sw1, apdu.sw2); + if (r < 0) + LOG_FUNC_RETURN(card->ctx, r); LOG_FUNC_RETURN(card->ctx, length); } @@ -2446,6 +2448,11 @@ gnuk_delete_key(sc_card_t *card, u8 key_id) LOG_FUNC_CALLED(ctx); + if (key_id < 1 || key_id > 3) { + sc_log(ctx, "Key ID %d is invalid. Should be 1, 2 or 3.", key_id); + LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS); + } + /* Delete fingerprint */ sc_log(ctx, "Delete fingerprints"); r = pgp_put_data(card, 0xC6 + key_id, NULL, 0); @@ -2464,8 +2471,6 @@ gnuk_delete_key(sc_card_t *card, u8 key_id) data = "\x4D\x02\xB8"; else if (key_id == 3) data = "\x4D\x02\xA4"; - else - LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS); r = pgp_put_data(card, 0x4D, data, strlen(data) + 1); -- 2.1.3