From bb5a153f9dd9497f58935c2a7026220f3a99cffd Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Tue, 22 Nov 2016 20:53:57 +0900
Subject: scd: Fix receive buffer size.

* scd/apdu.c (send_le): Fix the size, adding two for status
bytes to Le.

--
Backport of master commit: 5c2db9dedfe9dbb14ffec24751ca23a69cead94e

This is long standing bug.  So far, Le was not exact value.
Since forthcoming change will introduce exact value of expected length
of response data, this change is needed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 scd/apdu.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scd/apdu.c b/scd/apdu.c
index 0beee25f7..97bce799f 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -3648,8 +3648,9 @@ send_le (int slot, int class, int ins, int p0, int p1,
 
   if (use_extended_length && (le > 256 || le < 0))
     {
-      result_buffer_size = le < 0? 4096 : le;
-      result_buffer = xtrymalloc (result_buffer_size + 10);
+      /* Two more bytes are needed for status bytes.  */
+      result_buffer_size = le < 0? 4096 : (le + 2);
+      result_buffer = xtrymalloc (result_buffer_size);
       if (!result_buffer)
         {
           xfree (apdu_buffer);
-- 
cgit v1.2.3