From e47f1c8b80442affdf84b94fcba3ef5273934156 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Mon, 19 Jan 2015 12:04:23 -0500 Subject: [PATCH] channels/smartcard: minor robustness fixes --- .../smartcard/client/smartcard_operations.c | 85 ++++++++++++------- channels/smartcard/client/smartcard_pack.c | 2 +- 2 files changed, 54 insertions(+), 33 deletions(-) diff --git a/channels/smartcard/client/smartcard_operations.c b/channels/smartcard/client/smartcard_operations.c index c0e80e5ce..7c981a041 100644 --- a/channels/smartcard/client/smartcard_operations.c +++ b/channels/smartcard/client/smartcard_operations.c @@ -412,16 +412,21 @@ static UINT32 smartcard_GetStatusChangeA_Call(SMARTCARD_DEVICE* smartcard, SMART GetStatusChange_Return ret; LPSCARD_READERSTATEA rgReaderState = NULL; IRP* irp = operation->irp; - status = ret.ReturnCode = SCardGetStatusChangeA(operation->hContext, call->dwTimeOut, call->rgReaderStates, call->cReaders); + + status = ret.ReturnCode = SCardGetStatusChangeA(operation->hContext, + call->dwTimeOut, call->rgReaderStates, call->cReaders); if (status && (status != SCARD_E_TIMEOUT) && (status != SCARD_E_CANCELLED)) { - call->cReaders=0; + call->cReaders = 0; } ret.cReaders = call->cReaders; ret.rgReaderStates = (ReaderState_Return*) calloc(ret.cReaders, sizeof(ReaderState_Return)); + if (!ret.rgReaderStates) + return STATUS_NO_MEMORY; + for (index = 0; index < ret.cReaders; index++) { ret.rgReaderStates[index].dwCurrentState = call->rgReaderStates[index].dwCurrentState; @@ -484,6 +489,9 @@ static UINT32 smartcard_GetStatusChangeW_Call(SMARTCARD_DEVICE* smartcard, SMART ret.cReaders = call->cReaders; ret.rgReaderStates = (ReaderState_Return*) calloc(ret.cReaders, sizeof(ReaderState_Return)); + if (!ret.rgReaderStates) + return STATUS_NO_MEMORY; + for (index = 0; index < ret.cReaders; index++) { ret.rgReaderStates[index].dwCurrentState = call->rgReaderStates[index].dwCurrentState; @@ -878,9 +886,12 @@ static UINT32 smartcard_Transmit_Decode(SMARTCARD_DEVICE* smartcard, SMARTCARD_O return STATUS_NO_MEMORY; status = smartcard_unpack_transmit_call(smartcard, irp->input, call); + smartcard_trace_transmit_call(smartcard, call); + operation->hContext = smartcard_scard_context_native_from_redir(smartcard, &(call->hContext)); operation->hCard = smartcard_scard_handle_native_from_redir(smartcard, &(call->hCard)); + return status; } @@ -899,11 +910,14 @@ static UINT32 smartcard_Transmit_Call(SMARTCARD_DEVICE* smartcard, SMARTCARD_OPE ret.cbRecvLength = call->cbRecvLength; ret.pbRecvBuffer = (BYTE*) malloc(ret.cbRecvLength); + + if (!ret.pbRecvBuffer) + return STATUS_NO_MEMORY; } ret.pioRecvPci = call->pioRecvPci; status = ret.ReturnCode = SCardTransmit(operation->hCard, call->pioSendPci, call->pbSendBuffer, - call->cbSendLength, ret.pioRecvPci, ret.pbRecvBuffer, &(ret.cbRecvLength)); + call->cbSendLength, ret.pioRecvPci, ret.pbRecvBuffer, &(ret.cbRecvLength)); smartcard_trace_transmit_return(smartcard, &ret); status = smartcard_pack_transmit_return(smartcard, irp->output, &ret); @@ -1087,47 +1101,51 @@ static UINT32 smartcard_LocateCardsByATRA_Decode(SMARTCARD_DEVICE* smartcard, SM static UINT32 smartcard_LocateCardsByATRA_Call(SMARTCARD_DEVICE* smartcard, SMARTCARD_OPERATION* operation, LocateCardsByATRA_Call* call) { LONG status; - DWORD index, index2, index3; BOOL equal; + DWORD i, j, k; GetStatusChange_Return ret; - LPSCARD_READERSTATEA rgReaderState2 = NULL; + LPSCARD_READERSTATEA state = NULL; LPSCARD_READERSTATEA states = NULL; IRP* irp = operation->irp; - states = calloc(call->cReaders, sizeof(SCARD_READERSTATEA)); - for (index = 0; index < call->cReaders; index++) - { - states[index].szReader = (LPCSTR) call->rgReaderStates[index].szReader; - states[index].dwCurrentState = call->rgReaderStates[index].Common.dwCurrentState; - states[index].dwEventState = call->rgReaderStates[index].Common.dwEventState; - states[index].cbAtr = call->rgReaderStates[index].Common.cbAtr; - CopyMemory(&(states[index].rgbAtr), &(call->rgReaderStates[index].Common.rgbAtr), 36); - } + states = (LPSCARD_READERSTATEA) calloc(call->cReaders, sizeof(SCARD_READERSTATEA)); + if (!states) + return STATUS_NO_MEMORY; + + for (i = 0; i < call->cReaders; i++) + { + states[i].szReader = (LPCSTR) call->rgReaderStates[i].szReader; + states[i].dwCurrentState = call->rgReaderStates[i].Common.dwCurrentState; + states[i].dwEventState = call->rgReaderStates[i].Common.dwEventState; + states[i].cbAtr = call->rgReaderStates[i].Common.cbAtr; + CopyMemory(&(states[i].rgbAtr), &(call->rgReaderStates[i].Common.rgbAtr), 36); + } status = ret.ReturnCode = SCardGetStatusChangeA(operation->hContext, 0x000001F4, states, call->cReaders); if (status && (status != SCARD_E_TIMEOUT) && (status != SCARD_E_CANCELLED)) { - call->cReaders=0; + call->cReaders = 0; } - for (index = 0; index < call->cAtrs; index++) + for (i = 0; i < call->cAtrs; i++) { - for (index2 = 0; index2 < call->cReaders; index2++) + for (j = 0; j < call->cReaders; j++) { equal = TRUE; - for (index3 = 0; index3 < call->rgAtrMasks[index].cbAtr; index3++) + + for (k = 0; k < call->rgAtrMasks[i].cbAtr; k++) { - if ((call->rgAtrMasks[index].rgbAtr[index3] & call->rgAtrMasks[index].rgbMask[index3]) != - (states[index2].rgbAtr[index3] & call->rgAtrMasks[index].rgbMask[index3])) + if ((call->rgAtrMasks[i].rgbAtr[k] & call->rgAtrMasks[i].rgbMask[k]) != + (states[j].rgbAtr[k] & call->rgAtrMasks[i].rgbMask[k])) { equal = FALSE; break; } if (equal) { - states[index2].dwEventState |= SCARD_STATE_ATRMATCH; + states[j].dwEventState |= SCARD_STATE_ATRMATCH; } } } @@ -1136,13 +1154,16 @@ static UINT32 smartcard_LocateCardsByATRA_Call(SMARTCARD_DEVICE* smartcard, SMAR ret.cReaders = call->cReaders; ret.rgReaderStates = (ReaderState_Return*) calloc(ret.cReaders, sizeof(ReaderState_Return)); - for (index = 0; index < ret.cReaders; index++) + if (!ret.rgReaderStates) + return STATUS_NO_MEMORY; + + for (i = 0; i < ret.cReaders; i++) { - rgReaderState2 = &states[index]; - ret.rgReaderStates[index].dwCurrentState = rgReaderState2->dwCurrentState; - ret.rgReaderStates[index].dwEventState = rgReaderState2->dwEventState; - ret.rgReaderStates[index].cbAtr = rgReaderState2->cbAtr; - CopyMemory(&(ret.rgReaderStates[index].rgbAtr), &(rgReaderState2->rgbAtr), 32); + state = &states[i]; + ret.rgReaderStates[i].dwCurrentState = state->dwCurrentState; + ret.rgReaderStates[i].dwEventState = state->dwEventState; + ret.rgReaderStates[i].cbAtr = state->cbAtr; + CopyMemory(&(ret.rgReaderStates[i].rgbAtr), &(state->rgbAtr), 32); } free(states); @@ -1154,13 +1175,13 @@ static UINT32 smartcard_LocateCardsByATRA_Call(SMARTCARD_DEVICE* smartcard, SMAR if (call->rgReaderStates) { - for (index = 0; index < call->cReaders; index++) + for (i = 0; i < call->cReaders; i++) { - rgReaderState2 = (LPSCARD_READERSTATEA) &call->rgReaderStates[index]; + state = (LPSCARD_READERSTATEA) &call->rgReaderStates[i]; - if (rgReaderState2->szReader) { - free((void*) rgReaderState2->szReader); - rgReaderState2->szReader = NULL; + if (state->szReader) { + free((void*) state->szReader); + state->szReader = NULL; } } diff --git a/channels/smartcard/client/smartcard_pack.c b/channels/smartcard/client/smartcard_pack.c index bb39c7815..edce82411 100644 --- a/channels/smartcard/client/smartcard_pack.c +++ b/channels/smartcard/client/smartcard_pack.c @@ -2246,7 +2246,7 @@ UINT32 smartcard_unpack_transmit_call(SMARTCARD_DEVICE* smartcard, wStream* s, T if (ioRecvPci.cbExtraBytes > 1024) { WLog_Print(smartcard->log, WLOG_WARN, "Transmit_Call ioRecvPci.cbExtraBytes is out of bounds: %d (max: %d)", - (int) ioSendPci.cbExtraBytes, 1024); + (int) ioRecvPci.cbExtraBytes, 1024); return STATUS_INVALID_PARAMETER; }