I have been getting the notorious...
slot.cpp:2262: CKYStatus Slot::readCACCertificateAppend(CKYBuffer*,
CKYSize): Assertion `mOldCAC' failed.
...crash when using coolkey with firefox/thunderbird and a CAC card.
The problem arises in that when readCACCertificateFirst is called with
mOldCAC set to false, the "nextSize" variable is left uninitialized.
This causes problems further down the line when the uninitialized value
of nextSize is interpreted as a partially-read certificate. The below
patch resolves the problem and allows the new style cards to be used
properly.
--- coolkey-1.1.0.orig/src/coolkey/slot.cpp
+++ coolkey-1.1.0/src/coolkey/slot.cpp
@@ -2209,6 +2209,8 @@ Slot::readCACCertificateFirst(CKYBuffer
CKYBuffer_InitEmpty(&vBuf);
CKYBuffer_Resize(cert, 0);
+ *nextSize = 0;
+
/* handle the new CAC card read */
/* read the TLV */
status = CACApplet_ReadFile(conn, CAC_TAG_FILE, &tBuf, NULL);
_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel
