This pull request introduces 1 alert when merging b66dc70 into 46708b7 - view on LGTM.com

new alerts:

• 1 for Array argument size mismatch

Please, rebase the PR on top of current master.

Please, rebase the PR on top of current master.

I used Sourcetree for rebase, hope it is OK.

It does not look like that. This PR now contains 100 commits (from master) and conflicts with current master.

It does not look like that. This PR now contains 100 commits (from master) and conflicts with current master.

Oops, I messed up, will try to fix it.

It does not look like that. This PR now contains 100 commits (from master) and conflicts with current master.

Oops, I messed up, will try to fix it.

I have reviewed the changes and the possible options to fix this PR. The simplest solution seems to be dropping this PR and reapplying the changes in a new PR.
During the discussion of this PR the scope was actually expanded: at the end, not only a PKCS15 emulator was added, but 2 new (synthetic only) card types were also defined.

Do you agree with this solution?

I dont know how creating a new PR solves any issue. If you can fix the stuff in new PR in new branch, why it is not possible to do that in the same branch? git fetch upstream && git rebase -i upstream/master && git push -f should solve the issues (indeed after resolving potential conflicts or removing unneeded commits during the interactive rebase. What step from the above does not work?

I dont know how creating a new PR solves any issue. If you can fix the stuff in new PR in new branch, why it is not possible to do that in the same branch? git fetch upstream && git rebase -i upstream/master && git push -f should solve the issues (indeed after resolving potential conflicts or removing unneeded commits during the interactive rebase. What step from the above does not work?

Yes, you are right, creating a new PR would not solve any issue, but I got stuck with my Windows git tools and I also wanted a better description for the PR. In the meantime, I realized that the PR title and text is editable and after moving back to Linux, I could rebase the branch, as you suggested.

The commit series is still very long and most of the commits are fixups and fixups of fixups (adding and removing lines back and forth). If they do not make sense on their own, please, squash them to self-contained commits

The commit series is still very long and most of the commits are fixups and fixups of fixups (adding and removing lines back and forth). If they do not make sense on their own, please, squash them to self-contained commits

I squashed the unnecessary commits, fixed the magic number and indenting issues.

Code looks ok, but the CIFuzz found a new crash in your code. Can you check the report and fix it?

AddressSanitizer:DEADLYSIGNAL
=================================================================
==21==ERROR: AddressSanitizer: SEGV on unknown address 0x00067fff803f (pc 0x00000097f665 bp 0x7ffcd73d8da0 sp 0x7ffcd73d8d70 T0)
==21==The signal is caused by a READ memory access.
SCARINESS: 20 (wild-addr-read)
    #0 0x97f665 in sc_file_valid /src/opensc/src/libopensc/sc.c:821:15
    #1 0x97f287 in sc_file_free /src/opensc/src/libopensc/sc.c:630:23
    #2 0x61dff6 in starcos_has_esign_app /src/opensc/src/libopensc/card-starcos.c:350:3
    #3 0x60e4b0 in starcos_init /src/opensc/src/libopensc/card-starcos.c:461:50
    #4 0x574701 in sc_connect_card /src/opensc/src/libopensc/card.c:358:8
    #5 0x55fe1b in fuzz_connect_card /src/opensc/src/tests/fuzzing/fuzzer_reader.c:205:9
    #6 0x55d851 in LLVMFuzzerTestOneInput /src/opensc/src/tests/fuzzing/fuzz_card.c:60:6
    #7 0x457c43 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
2022-06-14 15:28:43,989 - root - INFO - Fuzzer: fuzz_card. Detected bug.
2022-06-14 15:28:43,990 - root - INFO - Trying to reproduce crash using: /tmp/tmpfqbc61tl/crash-da92fc3ae8a7d3793dfb92468aa1cc8132cace17.
    #8 0x45742a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3
    #9 0x459294 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:826:7
    #10 0x4594c9 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:857:3
    #11 0x448fff in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
    #12 0x471d12 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #13 0x7f87bd67d082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
    #14 0x4220fd in _start (build-out/fuzz_card+0x4220fd)
DEDUP_TOKEN: sc_file_valid--sc_file_free--starcos_has_esign_app
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/opensc/src/libopensc/sc.c:821:15 in sc_file_valid
==21==ABORTING
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0x80,0xff,0x3,0xd,0x95,0x49,0x49,0x49,0x49,0x49,0x49,0x3b,0xd0,0x97,0xff,0x81,0xb1,0xfe,0x45,0x1f,0x7,0x2b,
\200\377\003\015\225IIIIII;\320\227\377\201\261\376E\037\007+

https://github.com/OpenSC/OpenSC/runs/6883610649?check_suite_focus=true

I managed to fix the CIFuzz crash.

No further review comments so I will merge this change. Thank you for your contribution!