search

GoogleChromeLabs / chromeos_smart_card_connector

Smart Card Connector App for Chrome OS
https://chrome.google.com/webstore/detail/smart-card-connector/khpfeaanjngmcnplbdlpegiifgpfgdco
Apache License 2.0
134 stars 49 forks source link

[ccid] Cherry-pick upstream fix for polling_transfer UaF #1099

Closed emaxx-google closed 11 months ago

emaxx-google commented 11 months ago

Cherry-pick the fix we landed into the upstream CCID repository, fixing a possible use-after-free and memory corruption due to race conditions.

One particular scenario seems to be card insertion/removal happening at roughly the same times as SCardConnect/SCardDisconnect calls from clients.

This fixes #1098.

github-actions[bot] commented 11 months ago

Continuous Integration: All tests passed. C/C++ test coverage: 73.10% lines.