From 1fbddc46bd563a8d81d98ea6b5da574442496181 Mon Sep 17 00:00:00 2001
From: Jesse Keating <jkeating@fedoraproject.org>
Date: Wed, 17 Feb 2010 02:17:33 +0000
Subject: [PATCH 1/3] Initialize branch F-13 for opensc

---
 branch | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 branch

diff --git a/branch b/branch
new file mode 100644
index 0000000..baa94ef
--- /dev/null
+++ b/branch
@@ -0,0 +1 @@
+F-13

From 626e30c09bc237ff86cc1070acc18e22c5c62919 Mon Sep 17 00:00:00 2001
From: Fedora Release Engineering <rel-eng@lists.fedoraproject.org>
Date: Thu, 29 Jul 2010 05:14:58 +0000
Subject: [PATCH 2/3] dist-git conversion

---
 .cvsignore => .gitignore |  0
 Makefile                 | 21 ---------------------
 branch                   |  1 -
 3 files changed, 22 deletions(-)
 rename .cvsignore => .gitignore (100%)
 delete mode 100644 Makefile
 delete mode 100644 branch

diff --git a/.cvsignore b/.gitignore
similarity index 100%
rename from .cvsignore
rename to .gitignore
diff --git a/Makefile b/Makefile
deleted file mode 100644
index 12edb61..0000000
--- a/Makefile
+++ /dev/null
@@ -1,21 +0,0 @@
-# Makefile for source rpm: opensc
-# $Id$
-NAME := opensc
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attept a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)
diff --git a/branch b/branch
deleted file mode 100644
index baa94ef..0000000
--- a/branch
+++ /dev/null
@@ -1 +0,0 @@
-F-13

From d65ffb9ccd2231f2c058f8dc00a3fe842c2cbe0d Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Tue, 21 Dec 2010 21:30:04 +0100
Subject: [PATCH 3/3] - fix buffer overflow on rogue card serial numbers

---
 opensc-0.11.13-serial-overflow.patch | 71 ++++++++++++++++++++++++++++
 opensc.spec                          | 12 ++++-
 2 files changed, 82 insertions(+), 1 deletion(-)
 create mode 100644 opensc-0.11.13-serial-overflow.patch

diff --git a/opensc-0.11.13-serial-overflow.patch b/opensc-0.11.13-serial-overflow.patch
new file mode 100644
index 0000000..6d492e5
--- /dev/null
+++ b/opensc-0.11.13-serial-overflow.patch
@@ -0,0 +1,71 @@
+Index: /trunk/src/libopensc/muscle.c
+===================================================================
+--- /trunk/src/libopensc/muscle.c	(revision 4350)
++++ /trunk/src/libopensc/muscle.c	(revision 4912)
+@@ -31,11 +31,4 @@
+ #define MSC_DSA_PUBLIC		0x04
+ #define MSC_DSA_PRIVATE 	0x05
+-
+-#ifndef MAX
+-#define MAX(x, y) (((x) > (y)) ? (x) : (y))
+-#endif
+-#ifndef MIN
+-#define MIN(x, y) (((x) < (y)) ? (x) : (y))
+-#endif
+ 
+ static msc_id inputId = { { 0xFF, 0xFF, 0xFF, 0xFF } };
+Index: /trunk/src/libopensc/internal.h
+===================================================================
+--- /trunk/src/libopensc/internal.h	(revision 4902)
++++ /trunk/src/libopensc/internal.h	(revision 4912)
+@@ -48,4 +48,11 @@
+ #define msleep(t)	Sleep(t)
+ #define sleep(t)	Sleep((t) * 1000)
++#endif
++
++#ifndef MAX
++#define MAX(x, y) (((x) > (y)) ? (x) : (y))
++#endif
++#ifndef MIN
++#define MIN(x, y) (((x) < (y)) ? (x) : (y))
+ #endif
+ 
+Index: /trunk/src/libopensc/card-atrust-acos.c
+===================================================================
+--- /trunk/src/libopensc/card-atrust-acos.c	(revision 4706)
++++ /trunk/src/libopensc/card-atrust-acos.c	(revision 4913)
+@@ -843,6 +843,6 @@
+ 		return SC_ERROR_INTERNAL;
+ 	/* cache serial number */
+-	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
+-	card->serialnr.len = apdu.resplen;
++	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
++	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
+ 	/* copy and return serial number */
+ 	memcpy(serial, &card->serialnr, sizeof(*serial));
+Index: /trunk/src/libopensc/card-starcos.c
+===================================================================
+--- /trunk/src/libopensc/card-starcos.c	(revision 4706)
++++ /trunk/src/libopensc/card-starcos.c	(revision 4913)
+@@ -1280,6 +1280,6 @@
+ 		return SC_ERROR_INTERNAL;
+ 	/* cache serial number */
+-	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
+-	card->serialnr.len = apdu.resplen;
++	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
++	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
+ 	/* copy and return serial number */
+ 	memcpy(serial, &card->serialnr, sizeof(*serial));
+Index: /trunk/src/libopensc/card-acos5.c
+===================================================================
+--- /trunk/src/libopensc/card-acos5.c	(revision 4118)
++++ /trunk/src/libopensc/card-acos5.c	(revision 4913)
+@@ -139,6 +139,6 @@
+ 	 * Cache serial number.
+ 	 */
+-	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
+-	card->serialnr.len = apdu.resplen;
++	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
++	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
+ 
+ 	/*
diff --git a/opensc.spec b/opensc.spec
index 53a4b83..ee8a367 100644
--- a/opensc.spec
+++ b/opensc.spec
@@ -2,7 +2,7 @@
 
 Name:           opensc
 Version:        0.11.13
-Release:        5%{?dist}
+Release:        6%{?dist}
 Summary:        Smart card library and applications
 
 Group:          System Environment/Libraries
@@ -13,11 +13,14 @@ Patch1:         %{name}-0.11.7-develconfig.patch
 Patch2:         %{name}-0.11.12-no-add-needed.patch
 Patch3:         opensc-0.11.13-libassuan1.patch
 Patch4:         opensc-0.11.13-build-readerstate.patch
+Patch5:         opensc-0.11.13-serial-overflow.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  pcsc-lite-devel
 BuildRequires:  readline-devel
+%if 0%{?fedora} || 0%{?rhel} > 5
 BuildRequires:  openct-devel
+%endif
 BuildRequires:  openssl-devel
 BuildRequires:  libtool-ltdl-devel
 BuildRequires:  libtool
@@ -62,6 +65,8 @@ OpenSC development files.
 %setup -q
 %patch1 -p1 -b .config
 %patch2 -p1 -b .no-add-needed
+%patch5 -p2 -b .overflow
+
 sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure # lib64 rpaths
 cp -p src/pkcs15init/README ./README.pkcs15init
 cp -p src/scconf/README.scconf .
@@ -81,7 +86,9 @@ rm -f m4/libassuan.m4
 %configure  --disable-static \
   --enable-nsplugin \
   --enable-pcsc \
+%if 0%{?fedora} || 0%{?rhel} > 5
   --enable-openct \
+%endif
   --enable-doc \
   --with-pcsc-provider=libpcsclite.so.1 \
   --with-plugindir=%{plugindir} \
@@ -171,6 +178,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Tue Dec 21 2010 Tomas Mraz <tmraz@redhat.com> - 0.11.13-6
+- fix buffer overflow on rogue card serial numbers
+
 * Tue Oct 19 2010 Tomas Mraz <tmraz@redhat.com> - 0.11.13-5
 - own the _libdir/pkcs11 subdirectory (#644527)