Fixed issue with GetAttr where the result buffer was not allocated

This commit is contained in:
akallabeth 2021-02-07 18:48:59 +01:00
parent 5342f351ea
commit 38ae006db9
4 changed files with 20 additions and 17 deletions

View File

@ -1813,23 +1813,24 @@ static LONG smartcard_GetAttrib_Call(SMARTCARD_DEVICE* smartcard, SMARTCARD_OPER
if (!call->fpbAttrIsNULL)
{
autoAllocate = (call->cbAttrLen == SCARD_AUTOALLOCATE) ? TRUE : FALSE;
pbAttr = autoAllocate ? (LPBYTE) & (ret.pbAttr) : ret.pbAttr;
cbAttrLen = call->cbAttrLen;
}
if (cbAttrLen && !autoAllocate)
{
ret.pbAttr = (BYTE*)malloc(cbAttrLen);
if (cbAttrLen && !autoAllocate)
{
ret.pbAttr = (BYTE*)malloc(cbAttrLen);
if (!ret.pbAttr)
return SCARD_E_NO_MEMORY;
}
if (!ret.pbAttr)
return SCARD_E_NO_MEMORY;
pbAttr = autoAllocate ? (LPBYTE) & (ret.pbAttr) : ret.pbAttr;
}
ret.ReturnCode = SCardGetAttrib(operation->hCard, call->dwAttrId, pbAttr, &cbAttrLen);
log_status_error(TAG, "SCardGetAttrib", ret.ReturnCode);
ret.cbAttrLen = cbAttrLen;
status = smartcard_pack_get_attrib_return(smartcard, irp->output, &ret, call->dwAttrId);
status = smartcard_pack_get_attrib_return(smartcard, irp->output, &ret, call->dwAttrId,
call->cbAttrLen);
if (autoAllocate)
SCardFreeMemory(operation->hContext, ret.pbAttr);

View File

@ -2791,7 +2791,8 @@ LONG smartcard_unpack_get_attrib_call(SMARTCARD_DEVICE* smartcard, wStream* s, G
}
LONG smartcard_pack_get_attrib_return(SMARTCARD_DEVICE* smartcard, wStream* s,
const GetAttrib_Return* ret, DWORD dwAttrId)
const GetAttrib_Return* ret, DWORD dwAttrId,
DWORD cbAttrCallLen)
{
LONG status;
DWORD cbAttrLen;
@ -2802,10 +2803,12 @@ LONG smartcard_pack_get_attrib_return(SMARTCARD_DEVICE* smartcard, wStream* s,
return SCARD_F_INTERNAL_ERROR;
cbAttrLen = ret->cbAttrLen;
if (ret->ReturnCode == SCARD_E_INSUFFICIENT_BUFFER)
if (ret->ReturnCode != SCARD_S_SUCCESS)
cbAttrLen = 0;
if (cbAttrLen == SCARD_AUTOALLOCATE)
cbAttrLen = 0;
if (cbAttrCallLen < cbAttrLen)
cbAttrLen = cbAttrCallLen;
Stream_Write_UINT32(s, cbAttrLen); /* cbAttrLen (4 bytes) */
if (!smartcard_ndr_pointer_write(s, &index, cbAttrLen))
return SCARD_E_NO_MEMORY;

View File

@ -140,7 +140,8 @@ LONG smartcard_unpack_get_attrib_call(SMARTCARD_DEVICE* smartcard, wStream* s,
GetAttrib_Call* call);
LONG smartcard_pack_get_attrib_return(SMARTCARD_DEVICE* smartcard, wStream* s,
const GetAttrib_Return* ret, DWORD dwAttrId);
const GetAttrib_Return* ret, DWORD dwAttrId,
DWORD cbAttrCallLen);
LONG smartcard_unpack_set_attrib_call(SMARTCARD_DEVICE* smartcard, wStream* s,
SetAttrib_Call* call);

View File

@ -2287,8 +2287,8 @@ static LONG WINAPI PCSC_SCardGetAttrib_FriendlyName(SCARDHANDLE hCard, DWORD dwA
{
size_t length = 0;
char* namePCSC = NULL;
DWORD cbAttrLen = 0;
char* pbAttrA = NULL;
DWORD cbAttrLen = 0;
WCHAR* pbAttrW = NULL;
SCARDCONTEXT hContext;
LONG status = SCARD_S_SUCCESS;
@ -2312,7 +2312,6 @@ static LONG WINAPI PCSC_SCardGetAttrib_FriendlyName(SCARDHANDLE hCard, DWORD dwA
if (status != SCARD_S_SUCCESS)
{
pbAttrA = NULL;
*pcbAttrLen = SCARD_AUTOALLOCATE;
status = PCSC_SCardGetAttrib_Internal(hCard, SCARD_ATTR_DEVICE_FRIENDLY_NAME_W,
(LPBYTE)&pbAttrW, pcbAttrLen);
@ -2320,9 +2319,8 @@ static LONG WINAPI PCSC_SCardGetAttrib_FriendlyName(SCARDHANDLE hCard, DWORD dwA
if (status != SCARD_S_SUCCESS)
return status;
ConvertFromUnicode(CP_UTF8, 0, (WCHAR*)pbAttrW, (int)*pcbAttrLen, (char**)&pbAttrA, 0, NULL,
NULL);
namePCSC = pbAttrA;
ConvertFromUnicode(CP_UTF8, 0, (WCHAR*)pbAttrW, (int)*pcbAttrLen, (char**)&namePCSC, 0,
NULL, NULL);
PCSC_SCardFreeMemory_Internal(hContext, pbAttrW);
}
else
@ -2382,7 +2380,7 @@ static LONG WINAPI PCSC_SCardGetAttrib_FriendlyName(SCARDHANDLE hCard, DWORD dwA
status = SCARD_E_INSUFFICIENT_BUFFER;
else
{
CopyMemory(pbAttr, (BYTE*)namePCSC, length + 1);
CopyMemory(pbAttr, namePCSC, length + 1);
*pcbAttrLen = length;
}
free(namePCSC);