On Wed, 2018-08-08 at 16:51 +0200, Marc-André Lureau wrote: > Hi > > On Tue, Jul 24, 2018 at 8:34 PM, Jason Andryuk <jandryuk@xxxxxxxxx> > wrote: > > If a command fails, card_status will not match VCARD_DONE. That > > will > > trigger the assert and abort the process. Instead, handle > > VCARD_FAIL and > > return an error in that case. Client software can then deal with > > the > > error, and we continue running to handle future commands. > > > > This can be triggered by removing the physical smartcard mid- > > operation. > > There are other paths, like invalid instruction on > cac_common_process_apdu_read() The invalid instructions should return valid response with error indicated in SW (status words). The referenced function has the default VCARD_FAIL value is in the code somehow bogus in case we would like to fail early or fail to handle some case (?). The VCARD_FAIL option is really about more serious issues as Jason is pointing out. Handling the error here, rather than segfaulting in assert later sounds like a good idea. But from reading the code, I still can not find a path where we could encounter this value here. >From what I see, all the paths here return either VCARD_DONE. Can you advice during which operation did you encounter this error? Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc. _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel