[Bug 627619] New: opensc and every dependent package that uses SC_TEST_RET is broken
http://bugzilla.novell.com/show_bug.cgi?id=627619 http://bugzilla.novell.com/show_bug.cgi?id=627619#c0 Summary: opensc and every dependent package that uses SC_TEST_RET is broken Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: Security AssignedTo: sbrabec@novell.com ReportedBy: cmorve69@yahoo.es QAContact: qa@suse.de CC: security-team@suse.de, puzel@novell.com Found By: Community User Blocker: --- We have a bad patch in the opensc package that breaks anything that uses the SC_TEST_RET macro: https://build.opensuse.org/package/view_file?file=opensc-fix-gcc-warnings.patch&package=opensc&project=openSUSE%3A11.3 These packages, *at least*, should be inspectioned (others could depend on it indirectly even if they use it): $ osc whatdependson openSUSE:11.3 opensc standard x86_64 opensc : gpg2 gtkcard installation-images libchipcard4 opensc-java openssh openssh-askpass-gnome The macro is #define SC_TEST_RET(ctx, r, text) do { \ int _ret = (r); \ if (_ret < 0) { \ sc_do_log(ctx, SC_LOG_TYPE_ERROR, __FILE__, __LINE__, __FUNCTION__, "%s: %s\n", (text), sc_strerror(_ret)); \ return _ret; \ } \ } while(0) It just checks if the return value of a function ('r') is < 0 and in such a case prints a log message and returns. The patch, changes that behavior so the log message is shown only if r < 0... but ALWAYS returns. That breaks the logic of any functions using this macro. At least it means a segmentation fault when using the spanish ID card (from opensc-tool, or from Firefox... whatever is using it). Up to where I know this is just a crash problem, not a security risk. But since multiple packages could be affected I CC the security-team. IMHO the package in the devel should be fixed, updates published for any affected 11.3 package... and the package in openSUSE:11.3 project be modified. I know that project is supposed to be static, but people will not build against openSUSE:11.3:Update if they don't know about the problem. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=627619
http://bugzilla.novell.com/show_bug.cgi?id=627619#c
Cristian Morales Vega
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c1
Egbert König
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c2
--- Comment #2 from Egbert König
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c4
--- Comment #4 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c5
--- Comment #5 from Cristian Morales Vega
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c6
--- Comment #6 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c7
--- Comment #7 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c8
--- Comment #8 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c9
--- Comment #9 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c10
--- Comment #10 from Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c11
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c12
Christian Dengler
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c13
Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c14
--- Comment #14 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c15
--- Comment #15 from Christian Dengler
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c16
Willem Herremans
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c17
--- Comment #17 from Christian Dengler
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c18
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=627619
https://bugzilla.novell.com/show_bug.cgi?id=627619#c
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=627619
http://bugzilla.novell.com/show_bug.cgi?id=627619#c19
--- Comment #19 from Bernhard Wiedemann
participants (1)
-
bugzilla_noreply@novell.com