$OpenBSD: patch-src_libopensc_card-atrust-acos_c,v 1.1 2010/12/27 15:30:11 jasper Exp $

Security fix for SA42658
OpenSC Serial Number Processing Buffer Overflow Vulnerabilities.

Patch from upstream svn:
https://www.opensc-project.org/opensc/changeset/4913

--- src/libopensc/card-atrust-acos.c.orig	Mon Dec 27 13:04:23 2010
+++ src/libopensc/card-atrust-acos.c	Mon Dec 27 13:04:46 2010
@@ -853,8 +853,8 @@ static int acos_get_serialnr(sc_card_t *card, sc_seria
 	if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
 		return SC_ERROR_INTERNAL;
 	/* cache serial number */
-	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
-	card->serialnr.len = apdu.resplen;
+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
 	/* copy and return serial number */
 	memcpy(serial, &card->serialnr, sizeof(*serial));
 	return SC_SUCCESS;
