ATRDecodeAtr: always initialize the return values

Always set a value to availableProtocols and currentProtocol before any return in error. Thanks to Maksim Ivanov for the bug report "[Pcsclite-muscle] Missing checks of ATRDecodeAtr returns" https://lists.infradead.org/pipermail/pcsclite-muscle/2020-July/001097.html " Hello, The callers of the ATRDecodeAtr() function (SCardConnect() and SCardReconnect() in winscard.c) don't check its return value, which might potentially cause reads of uninitialized variables |availableProtocols| and |defaultProtocol| and unexpected side effects. Regards, Maksim "
GregLindZA · Aug 8, 2020 · a706455 · a706455
1 parent 38dfe5c
commit a706455
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/atrhandler.c b/src/atrhandler.c
@@ -75,15 +75,15 @@ short ATRDecodeAtr(int *availableProtocols, int *currentProtocol,
  LogXxd(PCSC_LOG_DEBUG, "ATR: ", pucAtr, dwLength);
 #endif
 
- if (dwLength < 2)
- return 0; /** @retval 0 Atr must have TS and T0 */
-
  /*
  * Zero out the bitmasks
  */
  *availableProtocols = SCARD_PROTOCOL_UNDEFINED;
  *currentProtocol = SCARD_PROTOCOL_UNDEFINED;
 
+ if (dwLength < 2)
+ return 0; /** @retval 0 Atr must have TS and T0 */
+
  /*
  * Decode the TS byte
  */