From 384460281117b444193f82a9d4ae35b6967d7af7 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Mon, 21 Aug 2023 20:50:46 +0200 Subject: [PATCH] ePass: Do not return positive exit code when the digest is not supported The code paths for the ECDSA signatures provide SHA1 and SHA256 padding. Any other padding should return an error as unsopported operation, but given that the variable r was reused for some temporary calculation it returned positive value, which was handled by the calling code as a success. Moreover, the calling code in use_key() function skipped the key operation with this return value causing returning the uninitialized memory to the calling process. --- src/libopensc/card-epass2003.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libopensc/card-epass2003.c b/src/libopensc/card-epass2003.c index 13cd1a2384..2985a88355 100644 --- a/src/libopensc/card-epass2003.c +++ b/src/libopensc/card-epass2003.c @@ -2204,6 +2204,7 @@ epass2003_set_security_env(struct sc_card *card, const sc_security_env_t * env, } else { + r = SC_ERROR_NOT_SUPPORTED; sc_log(card->ctx, "%0x Alg Not Support! ", env->algorithm_flags); goto err; }