$NetBSD: patch-ac,v 1.5 2010/12/17 17:00:35 shannonjr Exp $

--- src/atrhandler.c.orig	2009-07-28 20:57:07.000000000 +0000
+++ src/atrhandler.c
@@ -239,6 +239,13 @@ short ATRDecodeAtr(PSMARTCARD_EXTENSION 
 	if (psExtension->CardCapabilities.AvailableProtocols & SCARD_PROTOCOL_T1)
 		TCK = pucAtr[p++];
 
+        /*
+	 * The following 2 lines were backported from PCSC-lite version 1.6.6
+         * to correct buffer overflow vulnerability.
+         */
+	if (p > MAX_ATR_SIZE)
+                return 0;       /** @retval 0 Maximum attribute size */
+
 	memcpy(psExtension->ATR.Value, pucAtr, p);
 	psExtension->ATR.Length = p;	/* modified from p-1 */
 
