Freeze-exception for pcsc-cyberjack 3.99.5final.sp09-2
Hi Release Team,
Frank and I would like to see RC bug #926103 fixed in Debian 10. Please approve the attached debdiff, so that I can upload the fixed package to unstable.
Thank you for your consideration.
Best,
Reinhard
diff -Nru pcsc-cyberjack-3.99.5final.sp09/debian/changelog pcsc-cyberjack-3.99.5final.sp09/debian/changelog
--- pcsc-cyberjack-3.99.5final.sp09/debian/changelog 2017-05-29 14:33:13.000000000 -0400
+++ pcsc-cyberjack-3.99.5final.sp09/debian/changelog 2019-04-08 17:58:31.000000000 -0400
@@ -1,3 +1,11 @@
+pcsc-cyberjack (3.99.5final.sp09-2) unstable; urgency=medium
+
+ * Acknoledge NMU.
+ * Bug fix: "driver breaks with pcsc-lite versions >= 1.8.21", thanks
+ to Peter Wienemann (Closes: #926103).
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 08 Apr 2019 17:58:31 -0400
+
pcsc-cyberjack (3.99.5final.sp09-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru pcsc-cyberjack-3.99.5final.sp09/debian/patches/series pcsc-cyberjack-3.99.5final.sp09/debian/patches/series
--- pcsc-cyberjack-3.99.5final.sp09/debian/patches/series 2017-05-29 14:33:11.000000000 -0400
+++ pcsc-cyberjack-3.99.5final.sp09/debian/patches/series 2019-04-08 17:58:31.000000000 -0400
@@ -1 +1,2 @@
enable_pinpad_ecom.patch
+work-with-newer-pcsc-lite.patch
diff -Nru pcsc-cyberjack-3.99.5final.sp09/debian/patches/work-with-newer-pcsc-lite.patch pcsc-cyberjack-3.99.5final.sp09/debian/patches/work-with-newer-pcsc-lite.patch
--- pcsc-cyberjack-3.99.5final.sp09/debian/patches/work-with-newer-pcsc-lite.patch 1969-12-31 19:00:00.000000000 -0500
+++ pcsc-cyberjack-3.99.5final.sp09/debian/patches/work-with-newer-pcsc-lite.patch 2019-04-08 17:58:31.000000000 -0400
@@ -0,0 +1,58 @@
+commit 8ab61acfa0a8efc3c65098d4c621d761b7e05da1
+Author: Frank Neuber <fn@kernelport.com>
+Date: Fri Apr 27 11:09:24 2018 +0200
+
+ correct the large buffer problem with newer versions of pcscd
+
+--- a/cjeca32/EC30Reader.cpp
++++ b/cjeca32/EC30Reader.cpp
+@@ -162,21 +162,23 @@ CJ_RESULT CEC30Reader::CtApplicationData
+ {
+ int Res;
+ uint32_t Len;
+- uint16_t wLenRsp=0;
+- uint16_t wLenErr=0;
++ uint32_t wLenRsp=0;
++ uint32_t wLenErr=0;
+ if(ResponseLen!=0)
+- wLenRsp=(uint16_t)*ResponseLen;
++ wLenRsp=*ResponseLen;
+ if(ApplicationErrorLength!=NULL)
+- wLenErr=(uint16_t)*ApplicationErrorLength;
+- if(m_nApplicationResponseLength<(uint32_t)wLenRsp+wLenErr+4)
++ wLenErr=*ApplicationErrorLength;
++ Len=4+wLenRsp+wLenErr;
++ if(m_nApplicationResponseLength<Len)
+ {
+ if(m_pApplicationResponse!=NULL)
+ delete m_pApplicationResponse;
+- m_nApplicationResponseLength=wLenRsp+wLenErr+4+1024;
++ m_nApplicationResponseLength=Len+1024;
+ m_pApplicationResponse=new uint8_t[m_nApplicationResponseLength];
+ }
+- Len=4+wLenRsp+wLenErr;
+
++ if (Len>0xFFFFFFFB) // overflow or bigger than 0xFFFFFFFF - 4
++ return CJ_ERR_WRONG_PARAMETER;
+
+ if((Res=Escape(ApplicationID,Function,InputData,InputLen,Result,m_pApplicationResponse,&Len,Slot)))
+ {
+@@ -186,10 +188,14 @@ CJ_RESULT CEC30Reader::CtApplicationData
+ *ApplicationErrorLength=0;
+ return Res;
+ }
+- memcpy(&wLenRsp,m_pApplicationResponse,sizeof(wLenRsp));
+- wLenRsp=ReaderToHostShort(wLenRsp);
+- memcpy(&wLenErr,m_pApplicationResponse+2,sizeof(wLenErr));
+- wLenErr=ReaderToHostShort(wLenErr);
++
++ uint16_t wLenRsp16 = 0;
++ uint16_t wLenErr16 = 0;
++ memcpy(&wLenRsp16,m_pApplicationResponse,sizeof(wLenRsp16));
++ wLenRsp=ReaderToHostShort(wLenRsp16);
++ memcpy(&wLenErr16,m_pApplicationResponse+2,sizeof(wLenErr16));
++ wLenErr=ReaderToHostShort(wLenErr16);
++
+ if(ApplicationErrorLength)
+ {
+ if(wLenErr>*ApplicationErrorLength)
Reply to: