Changeset 10670


Ignore:
Timestamp:
06/01/15 20:59:36 (2 years ago)
Author:
gf
Message:

cryptoworks: Fix possible crash.

This fixes ticket #4192. Patch submited by danman.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/reader-cryptoworks.c

    r10607 r10670  
    825825        assembled_EMM[1] = ((emm_len + 9) >> 8) | 0x70;
    826826        assembled_EMM[2] = (emm_len + 9) & 0xFF;
    827         //copy back the assembled emm in the working buffer
    828         memcpy(buffer, assembled_EMM, emm_len + 12);
    829         *len = emm_len + 12;
    830 
    831         free(tmp);
    832         free(assembled);
    833 
    834         r_emm->emmlen = 0;
    835 
    836         rdr_log_dump_dbg(rdr, D_EMM, buffer, *len, "shared emm (assembled):");
     827
    837828        if(assembled_EMM[11] != emm_len)  // sanity check
    838829        {
     
    842833            return 0;
    843834        }
     835
     836        //copy back the assembled emm in the working buffer
     837        memcpy(buffer, assembled_EMM, emm_len + 12);
     838        *len = emm_len + 12;
     839
     840        free(tmp);
     841        free(assembled);
     842
     843        r_emm->emmlen = 0;
     844
     845        rdr_log_dump_dbg(rdr, D_EMM, buffer, *len, "shared emm (assembled):");
    844846        free(assembled_EMM);
    845847        break;
Note: See TracChangeset for help on using the changeset viewer.