michaelkuc6/U2FDevice
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Additional error handling for rarer states.

Browse Source 
Ensure std::map::at is not blindly applied without checking that the key
actually exists.

Fixes crashes where u2f client on PC/browser expects channel open, but
service has been restarted.
This commit is contained in:
Michael Kuc
2019-09-08 20:27:47 +01:00
parent f8d077634e
commit 89b4b7d949
4 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
U2F_Msg_CMD.cpp
View File

@@ -81,7 +81,12 @@ shared_ptr<U2F_Msg_CMD> U2F_Msg_CMD::generate(const U2FMessage& uMsg) {
const uint32_t cBCount = data.size();
auto startPtr = data.begin(), endPtr = data.end();
if (usesData.at(cmd.ins) || data.size() > 3) {
const auto cmdUsesData = usesData.find(cmd.ins);
if (cmdUsesData == usesData.end()) {
U2F_Msg_CMD::error(uMsg.cid, APDU_STATUS::SW_INS_NOT_SUPPORTED);
throw runtime_error{ "Unknown instruction: unsure if uses data" };
} else if (cmdUsesData->second || data.size() > 3) {
if (cBCount == 0) {
U2F_Msg_CMD::error(uMsg.cid, APDU_STATUS::SW_WRONG_LENGTH);
throw runtime_error{ "Invalid command - should have attached data" };