int main(int argc, char **argv) { int rv; char setToForeground; char HotPlug; char *newReaderConfig; struct stat fStatBuf; int customMaxThreadCounter = 0; int customMaxReaderHandles = 0; int customMaxThreadCardHandles = 0; int opt; int limited_rights = FALSE; int r; #ifdef HAVE_GETOPT_LONG int option_index = 0; static struct option long_options[] = { {"config", 1, NULL, 'c'}, {"foreground", 0, NULL, 'f'}, {"color", 0, NULL, 'T'}, {"help", 0, NULL, 'h'}, {"version", 0, NULL, 'v'}, {"apdu", 0, NULL, 'a'}, {"debug", 0, NULL, 'd'}, {"info", 0, NULL, 0}, {"error", 0, NULL, 'e'}, {"critical", 0, NULL, 'C'}, {"hotplug", 0, NULL, 'H'}, {"force-reader-polling", optional_argument, NULL, 0}, {"max-thread", 1, NULL, 't'}, {"max-card-handle-per-thread", 1, NULL, 's'}, {"max-card-handle-per-reader", 1, NULL, 'r'}, {"auto-exit", 0, NULL, 'x'}, {"reader-name-no-serial", 0, NULL, 'S'}, {"reader-name-no-interface", 0, NULL, 'I'}, {NULL, 0, NULL, 0} }; #endif #define OPT_STRING "c:fTdhvaeCHt:r:s:xSI" newReaderConfig = NULL; setToForeground = FALSE; HotPlug = FALSE; /* * test the version */ if (strcmp(PCSCLITE_VERSION_NUMBER, VERSION) != 0) { printf("BUILD ERROR: The release version number PCSCLITE_VERSION_NUMBER\n"); printf(" in pcsclite.h (%s) does not match the release version number\n", PCSCLITE_VERSION_NUMBER); printf(" generated in config.h (%s) (see configure.in).\n", VERSION); return EXIT_FAILURE; } /* * By default we create a daemon (not connected to any output) * so log to syslog to have error messages. */ DebugLogSetLogType(DEBUGLOG_SYSLOG_DEBUG); /* if the process is setuid or setgid it may have some restrictions */ limited_rights = (getgid() != getegid()) && (getuid() != 0); /* * Handle any command line arguments */ #ifdef HAVE_GETOPT_LONG while ((opt = getopt_long (argc, argv, OPT_STRING, long_options, &option_index)) != -1) { #else while ((opt = getopt (argc, argv, OPT_STRING)) != -1) { #endif switch (opt) { #ifdef HAVE_GETOPT_LONG case 0: if (strcmp(long_options[option_index].name, "force-reader-polling") == 0) HPForceReaderPolling = optarg ? abs(atoi(optarg)) : 1; break; #endif case 'c': if (limited_rights) { Log1(PCSC_LOG_CRITICAL, "Can't use a user specified config file"); return EXIT_FAILURE; } Log2(PCSC_LOG_INFO, "using new config file: %s", optarg); newReaderConfig = optarg; break; case 'f': setToForeground = TRUE; /* debug to stdout instead of default syslog */ DebugLogSetLogType(DEBUGLOG_STDOUT_DEBUG); Log1(PCSC_LOG_INFO, "pcscd set to foreground with debug send to stdout"); break; case 'T': DebugLogSetLogType(DEBUGLOG_STDOUT_COLOR_DEBUG); Log1(PCSC_LOG_INFO, "Force colored logs"); break; case 'd': DebugLogSetLevel(PCSC_LOG_DEBUG); break; case 'e': DebugLogSetLevel(PCSC_LOG_ERROR); break; case 'C': DebugLogSetLevel(PCSC_LOG_CRITICAL); break; case 'h': print_usage (argv[0]); return EXIT_SUCCESS; case 'v': print_version (); return EXIT_SUCCESS; case 'a': if (limited_rights) { Log1(PCSC_LOG_CRITICAL, "Can't log APDU (restricted)"); return EXIT_FAILURE; } (void)DebugLogSetCategory(DEBUG_CATEGORY_APDU); break; case 'H': /* debug to stdout instead of default syslog */ DebugLogSetLogType(DEBUGLOG_STDOUT_DEBUG); HotPlug = TRUE; break; case 't': customMaxThreadCounter = optarg ? atoi(optarg) : 0; if (limited_rights && (customMaxThreadCounter < PCSC_MAX_CONTEXT_THREADS)) customMaxThreadCounter = PCSC_MAX_CONTEXT_THREADS; Log2(PCSC_LOG_INFO, "setting customMaxThreadCounter to: %d", customMaxThreadCounter); break; case 'r': customMaxReaderHandles = optarg ? atoi(optarg) : 0; if (limited_rights && (customMaxReaderHandles < PCSC_MAX_READER_HANDLES)) customMaxReaderHandles = PCSC_MAX_READER_HANDLES; Log2(PCSC_LOG_INFO, "setting customMaxReaderHandles to: %d", customMaxReaderHandles); break; case 's': customMaxThreadCardHandles = optarg ? atoi(optarg) : 0; if (limited_rights && (customMaxThreadCardHandles < PCSC_MAX_CONTEXT_CARD_HANDLES)) customMaxThreadCardHandles = PCSC_MAX_CONTEXT_CARD_HANDLES; Log2(PCSC_LOG_INFO, "setting customMaxThreadCardHandles to: %d", customMaxThreadCardHandles); break; case 'x': AutoExit = TRUE; Log2(PCSC_LOG_INFO, "Auto exit after %d seconds of inactivity", TIME_BEFORE_SUICIDE); break; case 'S': Add_Serial_In_Name = FALSE; break; case 'I': Add_Interface_In_Name = FALSE; break; default: print_usage (argv[0]); return EXIT_FAILURE; } } if (argv[optind]) { printf("Unknown option: %s\n", argv[optind]); print_usage(argv[0]); return EXIT_FAILURE; } /* * Check if systemd passed us any file descriptors */ rv = sd_listen_fds(0); if (rv > 1) { Log1(PCSC_LOG_CRITICAL, "Too many file descriptors received"); return EXIT_FAILURE; } else { if (rv == 1) { SocketActivated = TRUE; Log1(PCSC_LOG_INFO, "Started by systemd"); } else SocketActivated = FALSE; } /* * test the presence of /var/run/pcscd/pcscd.comm */ rv = stat(PCSCLITE_CSOCK_NAME, &fStatBuf); if (rv == 0) { pid_t pid; /* read the pid file to get the old pid and test if the old pcscd is * still running */ pid = GetDaemonPid(); if (pid != -1) { if (HotPlug) return SendHotplugSignal(); rv = kill(pid, 0); if (0 == rv) { Log1(PCSC_LOG_CRITICAL, "file " PCSCLITE_CSOCK_NAME " already exists."); Log2(PCSC_LOG_CRITICAL, "Another pcscd (pid: %d) seems to be running.", pid); return EXIT_FAILURE; } else if (ESRCH == errno) { /* the old pcscd is dead. make some cleanup */ clean_temp_files(); } else { /* permission denied or other error */ Log2(PCSC_LOG_CRITICAL, "kill failed: %s", strerror(errno)); return EXIT_FAILURE; } } else { if (HotPlug) { Log1(PCSC_LOG_CRITICAL, "file " PCSCLITE_RUN_PID " do not exist"); Log1(PCSC_LOG_CRITICAL, "Hotplug failed"); return EXIT_FAILURE; } } } else if (HotPlug) { Log1(PCSC_LOG_CRITICAL, "Hotplug failed: pcscd is not running"); return EXIT_FAILURE; } /* like in daemon(3): changes the current working directory to the * root ("/") */ r = chdir("/"); if (r < 0) { Log2(PCSC_LOG_CRITICAL, "chdir() failed: %s", strerror(errno)); return EXIT_FAILURE; } /* * If this is set to one the user has asked it not to fork */ if (!setToForeground) { int pid; int fd; if (pipe(pipefd) == -1) { Log2(PCSC_LOG_CRITICAL, "pipe() failed: %s", strerror(errno)); return EXIT_FAILURE; } pid = fork(); if (-1 == pid) { Log2(PCSC_LOG_CRITICAL, "fork() failed: %s", strerror(errno)); return EXIT_FAILURE; } /* like in daemon(3): redirect standard input, standard output * and standard error to /dev/null */ fd = open("/dev/null", O_RDWR); if (fd != -1) { dup2(fd, STDIN_FILENO); dup2(fd, STDOUT_FILENO); dup2(fd, STDERR_FILENO); /* do not close stdin, stdout or stderr */ if (fd > 2) close(fd); } if (pid) /* in the father */ { char buf; int ret; /* close write side */ close(pipefd[1]); /* wait for the son to write the return code */ ret = read(pipefd[0], &buf, 1); if (ret <= 0) return 2; close(pipefd[0]); /* exit code */ return buf; } else /* in the son */ { /* close read side */ close(pipefd[0]); } } /* * cleanly remove /var/run/pcscd/files when exiting * signal_trap() does just set a global variable used by the main loop */ (void)signal(SIGQUIT, signal_trap); (void)signal(SIGTERM, signal_trap); /* default kill signal & init round 1 */ (void)signal(SIGINT, signal_trap); /* sent by Ctrl-C */ /* exits on SIGALARM to allow pcscd to suicide if not used */ (void)signal(SIGALRM, signal_trap); /* * If PCSCLITE_IPC_DIR does not exist then create it */ { int mode = S_IROTH | S_IXOTH | S_IRGRP | S_IXGRP | S_IRWXU; rv = mkdir(PCSCLITE_IPC_DIR, mode); if ((rv != 0) && (errno != EEXIST)) { Log2(PCSC_LOG_CRITICAL, "cannot create " PCSCLITE_IPC_DIR ": %s", strerror(errno)); return EXIT_FAILURE; } /* set mode so that the directory is world readable and * executable even is umask is restrictive * The directory containes files used by libpcsclite */ (void)chmod(PCSCLITE_IPC_DIR, mode); } /* * Allocate memory for reader structures */ rv = RFAllocateReaderSpace(customMaxReaderHandles); if (SCARD_S_SUCCESS != rv) at_exit(); #ifdef USE_SERIAL /* * Grab the information from the reader.conf */ if (newReaderConfig) { rv = RFStartSerialReaders(newReaderConfig); if (rv != 0) { Log3(PCSC_LOG_CRITICAL, "invalid file %s: %s", newReaderConfig, strerror(errno)); at_exit(); } } else { rv = RFStartSerialReaders(PCSCLITE_CONFIG_DIR); if (rv == -1) at_exit(); } #endif Log1(PCSC_LOG_INFO, "pcsc-lite " VERSION " daemon ready."); /* * Record our pid to make it easier * to kill the correct pcscd * * Do not fork after this point or the stored pid will be wrong */ { int f; int mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; f = open(PCSCLITE_RUN_PID, O_RDWR | O_CREAT, mode); if (f != -1) { char pid[PID_ASCII_SIZE]; ssize_t rr; (void)snprintf(pid, sizeof(pid), "%u\n", (unsigned) getpid()); rr = write(f, pid, strlen(pid) + 1); if (rr < 0) { Log2(PCSC_LOG_CRITICAL, "writing " PCSCLITE_RUN_PID " failed: %s", strerror(errno)); } (void)close(f); /* set mode so that the file is world readable even is umask is * restrictive * The file is used by libpcsclite */ (void)chmod(PCSCLITE_RUN_PID, mode); } else Log2(PCSC_LOG_CRITICAL, "cannot create " PCSCLITE_RUN_PID ": %s", strerror(errno)); } /* * post initialistion */ Init = FALSE; /* * Hotplug rescan */ (void)signal(SIGUSR1, signal_reload); /* * Initialize the comm structure */ if (SocketActivated) rv = ListenExistingSocket(SD_LISTEN_FDS_START + 0); else rv = InitializeSocket(); if (rv) { Log1(PCSC_LOG_CRITICAL, "Error initializing pcscd."); at_exit(); } /* * Initialize the contexts structure */ rv = ContextsInitialize(customMaxThreadCounter, customMaxThreadCardHandles); if (rv == -1) { Log1(PCSC_LOG_CRITICAL, "Error initializing pcscd."); at_exit(); } (void)signal(SIGPIPE, SIG_IGN); (void)signal(SIGHUP, SIG_IGN); /* needed for Solaris. The signal is sent * when the shell is existed */ #if !defined(PCSCLITE_STATIC_DRIVER) && defined(USE_USB) /* * Set up the search for USB/PCMCIA devices */ rv = HPSearchHotPluggables(); #ifndef USE_SERIAL if (rv) at_exit(); #endif rv = HPRegisterForHotplugEvents(); if (rv) { Log1(PCSC_LOG_ERROR, "HPRegisterForHotplugEvents failed"); at_exit(); } RFWaitForReaderInit(); #endif /* * Set up the power management callback routine */ (void)PMRegisterForPowerEvents(); /* initialisation succeeded */ if (pipefd[1] >= 0) { char buf = 0; ssize_t rr; /* write a 0 (success) to father process */ rr = write(pipefd[1], &buf, 1); if (rr < 0) { Log2(PCSC_LOG_ERROR, "write() failed: %s", strerror(errno)); } close(pipefd[1]); } SVCServiceRunLoop(); Log1(PCSC_LOG_ERROR, "SVCServiceRunLoop returned"); return EXIT_FAILURE; } static void at_exit(void) { Log1(PCSC_LOG_INFO, "cleaning " PCSCLITE_IPC_DIR); clean_temp_files(); if (pipefd[1] >= 0) { char buf; ssize_t r; /* write the error code to father process */ buf = ExitValue; r = write(pipefd[1], &buf, 1); if (r < 0) { Log2(PCSC_LOG_ERROR, "write() failed: %s", strerror(errno)); } close(pipefd[1]); } exit(ExitValue); }
static void ContextThread(LPVOID newContext) { SCONTEXT * threadContext = (SCONTEXT *) newContext; int32_t filedes = threadContext->dwClientID; if (IsClientAuthorized(filedes, "access_pcsc", NULL) == 0) { Log1(PCSC_LOG_CRITICAL, "Rejected unauthorized PC/SC client"); goto exit; } else { Log1(PCSC_LOG_DEBUG, "Authorized PC/SC client"); } Log3(PCSC_LOG_DEBUG, "Thread is started: dwClientID=%d, threadContext @%p", threadContext->dwClientID, threadContext); while (1) { struct rxHeader header; int32_t ret = MessageReceive(&header, sizeof(header), filedes); if (ret != SCARD_S_SUCCESS) { /* Clean up the dead client */ Log2(PCSC_LOG_DEBUG, "Client die: %d", filedes); EHTryToUnregisterClientForEvent(filedes); goto exit; } if ((header.command > CMD_ENUM_FIRST) && (header.command < CMD_ENUM_LAST)) Log3(PCSC_LOG_DEBUG, "Received command: %s from client %d", CommandsText[header.command], filedes); switch (header.command) { /* pcsc-lite client/server protocol version */ case CMD_VERSION: { struct version_struct veStr; READ_BODY(veStr) Log3(PCSC_LOG_DEBUG, "Client is protocol version %d:%d", veStr.major, veStr.minor); veStr.rv = SCARD_S_SUCCESS; /* client and server use different protocol */ if ((veStr.major != PROTOCOL_VERSION_MAJOR) || (veStr.minor != PROTOCOL_VERSION_MINOR)) { Log3(PCSC_LOG_CRITICAL, "Client protocol is %d:%d", veStr.major, veStr.minor); Log3(PCSC_LOG_CRITICAL, "Server protocol is %d:%d", PROTOCOL_VERSION_MAJOR, PROTOCOL_VERSION_MINOR); veStr.rv = SCARD_E_NO_SERVICE; } /* set the server protocol version */ veStr.major = PROTOCOL_VERSION_MAJOR; veStr.minor = PROTOCOL_VERSION_MINOR; /* send back the response */ WRITE_BODY(veStr) } break; case CMD_GET_READERS_STATE: { /* nothing to read */ #ifdef USE_USB /* wait until all readers are ready */ RFWaitForReaderInit(); #endif /* dump the readers state */ ret = MessageSend(readerStates, sizeof(readerStates), filedes); } break; case CMD_WAIT_READER_STATE_CHANGE: { struct wait_reader_state_change waStr; READ_BODY(waStr) /* add the client fd to the list */ EHRegisterClientForEvent(filedes); /* We do not send anything here. * Either the client will timeout or the server will * answer if an event occurs */ } break; case CMD_STOP_WAITING_READER_STATE_CHANGE: { struct wait_reader_state_change waStr; READ_BODY(waStr) /* add the client fd to the list */ waStr.rv = EHUnregisterClientForEvent(filedes); WRITE_BODY(waStr) } break; case SCARD_ESTABLISH_CONTEXT: { struct establish_struct esStr; SCARDCONTEXT hContext; READ_BODY(esStr) hContext = esStr.hContext; esStr.rv = SCardEstablishContext(esStr.dwScope, 0, 0, &hContext); esStr.hContext = hContext; if (esStr.rv == SCARD_S_SUCCESS) esStr.rv = MSGAddContext(esStr.hContext, threadContext); WRITE_BODY(esStr) } break; case SCARD_RELEASE_CONTEXT: { struct release_struct reStr; READ_BODY(reStr) reStr.rv = SCardReleaseContext(reStr.hContext); if (reStr.rv == SCARD_S_SUCCESS) reStr.rv = MSGRemoveContext(reStr.hContext, threadContext); WRITE_BODY(reStr) } break; case SCARD_CONNECT: { struct connect_struct coStr; SCARDHANDLE hCard; DWORD dwActiveProtocol; READ_BODY(coStr) coStr.szReader[sizeof(coStr.szReader)-1] = 0; hCard = coStr.hCard; dwActiveProtocol = coStr.dwActiveProtocol; if (IsClientAuthorized(filedes, "access_card", coStr.szReader) == 0) { Log2(PCSC_LOG_CRITICAL, "Rejected unauthorized client for '%s'", coStr.szReader); goto exit; } else { Log2(PCSC_LOG_DEBUG, "Authorized client for '%s'", coStr.szReader); } coStr.rv = SCardConnect(coStr.hContext, coStr.szReader, coStr.dwShareMode, coStr.dwPreferredProtocols, &hCard, &dwActiveProtocol); coStr.hCard = hCard; coStr.dwActiveProtocol = dwActiveProtocol; if (coStr.rv == SCARD_S_SUCCESS) coStr.rv = MSGAddHandle(coStr.hContext, coStr.hCard, threadContext); WRITE_BODY(coStr) } break; case SCARD_RECONNECT: { struct reconnect_struct rcStr; DWORD dwActiveProtocol; READ_BODY(rcStr) if (MSGCheckHandleAssociation(rcStr.hCard, threadContext)) goto exit; rcStr.rv = SCardReconnect(rcStr.hCard, rcStr.dwShareMode, rcStr.dwPreferredProtocols, rcStr.dwInitialization, &dwActiveProtocol); rcStr.dwActiveProtocol = dwActiveProtocol; WRITE_BODY(rcStr) } break; case SCARD_DISCONNECT: { struct disconnect_struct diStr; READ_BODY(diStr) if (MSGCheckHandleAssociation(diStr.hCard, threadContext)) goto exit; diStr.rv = SCardDisconnect(diStr.hCard, diStr.dwDisposition); if (SCARD_S_SUCCESS == diStr.rv) diStr.rv = MSGRemoveHandle(diStr.hCard, threadContext); WRITE_BODY(diStr) } break; case SCARD_BEGIN_TRANSACTION: { struct begin_struct beStr; READ_BODY(beStr) if (MSGCheckHandleAssociation(beStr.hCard, threadContext)) goto exit; beStr.rv = SCardBeginTransaction(beStr.hCard); WRITE_BODY(beStr) } break; case SCARD_END_TRANSACTION: { struct end_struct enStr; READ_BODY(enStr) if (MSGCheckHandleAssociation(enStr.hCard, threadContext)) goto exit; enStr.rv = SCardEndTransaction(enStr.hCard, enStr.dwDisposition); WRITE_BODY(enStr) } break; case SCARD_CANCEL: { struct cancel_struct caStr; SCONTEXT * psTargetContext = NULL; READ_BODY(caStr) /* find the client */ (void)pthread_mutex_lock(&contextsList_lock); psTargetContext = (SCONTEXT *) list_seek(&contextsList, &caStr.hContext); (void)pthread_mutex_unlock(&contextsList_lock); if (psTargetContext != NULL) { uint32_t fd = psTargetContext->dwClientID; caStr.rv = MSGSignalClient(fd, SCARD_E_CANCELLED); /* the client should not receive the event * notification now the waiting has been cancelled */ EHUnregisterClientForEvent(fd); } else caStr.rv = SCARD_E_INVALID_HANDLE; WRITE_BODY(caStr) } break; case SCARD_STATUS: { struct status_struct stStr; READ_BODY(stStr) if (MSGCheckHandleAssociation(stStr.hCard, threadContext)) goto exit; /* only hCard and return value are used by the client */ stStr.rv = SCardStatus(stStr.hCard, NULL, NULL, NULL, NULL, 0, NULL); WRITE_BODY(stStr) } break; case SCARD_TRANSMIT: { struct transmit_struct trStr; unsigned char pbSendBuffer[MAX_BUFFER_SIZE_EXTENDED]; unsigned char pbRecvBuffer[MAX_BUFFER_SIZE_EXTENDED]; SCARD_IO_REQUEST ioSendPci; SCARD_IO_REQUEST ioRecvPci; DWORD cbRecvLength; READ_BODY(trStr) if (MSGCheckHandleAssociation(trStr.hCard, threadContext)) goto exit; /* avoids buffer overflow */ if ((trStr.pcbRecvLength > sizeof(pbRecvBuffer)) || (trStr.cbSendLength > sizeof(pbSendBuffer))) goto buffer_overflow; /* read sent buffer */ ret = MessageReceive(pbSendBuffer, trStr.cbSendLength, filedes); if (ret != SCARD_S_SUCCESS) { Log2(PCSC_LOG_DEBUG, "Client die: %d", filedes); goto exit; } ioSendPci.dwProtocol = trStr.ioSendPciProtocol; ioSendPci.cbPciLength = trStr.ioSendPciLength; ioRecvPci.dwProtocol = trStr.ioRecvPciProtocol; ioRecvPci.cbPciLength = trStr.ioRecvPciLength; cbRecvLength = sizeof pbRecvBuffer; trStr.rv = SCardTransmit(trStr.hCard, &ioSendPci, pbSendBuffer, trStr.cbSendLength, &ioRecvPci, pbRecvBuffer, &cbRecvLength); if (cbRecvLength > trStr.pcbRecvLength) /* The client buffer is not large enough. * The pbRecvBuffer buffer will NOT be sent a few * lines bellow. So no buffer overflow is expected. */ trStr.rv = SCARD_E_INSUFFICIENT_BUFFER; trStr.ioSendPciProtocol = ioSendPci.dwProtocol; trStr.ioSendPciLength = ioSendPci.cbPciLength; trStr.ioRecvPciProtocol = ioRecvPci.dwProtocol; trStr.ioRecvPciLength = ioRecvPci.cbPciLength; trStr.pcbRecvLength = cbRecvLength; WRITE_BODY(trStr) /* write received buffer */ if (SCARD_S_SUCCESS == trStr.rv) ret = MessageSend(pbRecvBuffer, cbRecvLength, filedes); } break; case SCARD_CONTROL: { struct control_struct ctStr; unsigned char pbSendBuffer[MAX_BUFFER_SIZE_EXTENDED]; unsigned char pbRecvBuffer[MAX_BUFFER_SIZE_EXTENDED]; DWORD dwBytesReturned; READ_BODY(ctStr) if (MSGCheckHandleAssociation(ctStr.hCard, threadContext)) goto exit; /* avoids buffer overflow */ if ((ctStr.cbRecvLength > sizeof(pbRecvBuffer)) || (ctStr.cbSendLength > sizeof(pbSendBuffer))) { goto buffer_overflow; } /* read sent buffer */ ret = MessageReceive(pbSendBuffer, ctStr.cbSendLength, filedes); if (ret != SCARD_S_SUCCESS) { Log2(PCSC_LOG_DEBUG, "Client die: %d", filedes); goto exit; } dwBytesReturned = ctStr.dwBytesReturned; ctStr.rv = SCardControl(ctStr.hCard, ctStr.dwControlCode, pbSendBuffer, ctStr.cbSendLength, pbRecvBuffer, ctStr.cbRecvLength, &dwBytesReturned); ctStr.dwBytesReturned = dwBytesReturned; WRITE_BODY(ctStr) /* write received buffer */ if (SCARD_S_SUCCESS == ctStr.rv) ret = MessageSend(pbRecvBuffer, dwBytesReturned, filedes); } break; case SCARD_GET_ATTRIB: { struct getset_struct gsStr; DWORD cbAttrLen; READ_BODY(gsStr) if (MSGCheckHandleAssociation(gsStr.hCard, threadContext)) goto exit; /* avoids buffer overflow */ if (gsStr.cbAttrLen > sizeof(gsStr.pbAttr)) goto buffer_overflow; cbAttrLen = gsStr.cbAttrLen; gsStr.rv = SCardGetAttrib(gsStr.hCard, gsStr.dwAttrId, gsStr.pbAttr, &cbAttrLen); gsStr.cbAttrLen = cbAttrLen; WRITE_BODY(gsStr) } break; case SCARD_SET_ATTRIB: { struct getset_struct gsStr; READ_BODY(gsStr) if (MSGCheckHandleAssociation(gsStr.hCard, threadContext)) goto exit; /* avoids buffer overflow */ if (gsStr.cbAttrLen > sizeof(gsStr.pbAttr)) goto buffer_overflow; gsStr.rv = SCardSetAttrib(gsStr.hCard, gsStr.dwAttrId, gsStr.pbAttr, gsStr.cbAttrLen); WRITE_BODY(gsStr) } break; default: Log2(PCSC_LOG_CRITICAL, "Unknown command: %d", header.command); goto exit; } /* MessageSend() failed */ if (ret != SCARD_S_SUCCESS) { /* Clean up the dead client */ Log2(PCSC_LOG_DEBUG, "Client die: %d", filedes); goto exit; } } buffer_overflow: Log2(PCSC_LOG_DEBUG, "Buffer overflow detected: %d", filedes); goto exit; wrong_length: Log2(PCSC_LOG_DEBUG, "Wrong length: %d", filedes); exit: (void)close(filedes); (void)MSGCleanupClient(threadContext); (void)pthread_exit((LPVOID) NULL); }