From c48cf7e32ffa02ebdf00265543344c611bef0431 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 29 Dec 2016 10:07:43 +0900
Subject: scd: Fix a race condition for new_reader_slot.

* scd/apdu.c (reader_table_lock, apdu_init): New.
(new_reader_slot): Serialize by reader_table_lock.
* scd/app.c (lock_app, unlock_app, app_new_register): Fix error code
usage.
(initialize_module_command): Call apdu_init.
* scd/scdaemon.c (main): Handle error for initialize_module_command.

--

This is a long standing bug.  There are two different things; The
serialization of allocating a new SLOT, and the serialization of using
the SLOT.  The latter was implemented in new_reader_slot by lock_slot.
However, the former was not done.  Thus, there was a possible race where
a same SLOT is allocated to multiple threads.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 scd/scdaemon.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'scd/scdaemon.c')

diff --git a/scd/scdaemon.c b/scd/scdaemon.c
index 38e3c40c4..74fed4454 100644
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -640,7 +640,12 @@ main (int argc, char **argv )
 
   set_debug (debug_level);
 
-  initialize_module_command ();
+  if (initialize_module_command ())
+    {
+      log_error ("initialization failed\n");
+      cleanup ();
+      exit (1);
+    }
 
   if (gpgconf_list == 2)
     scd_exit (0);
-- 
cgit v1.2.3