From d90bdbcb2352d72e6485e0854531be915f0f0bef Mon Sep 17 00:00:00 2001
From: Pierre Ossman <ossman@cendio.com>
Date: Thu, 28 Jun 2007 12:52:13 +0000
Subject: [PATCH] Fix two crashes caused by improver handling of structures.

git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@1413 423420c4-83ab-492f-b58f-81f9feb106b5
---
 scard.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/scard.c b/scard.c
index f55ea3e..d0e462f 100644
--- a/scard.c
+++ b/scard.c
@@ -1268,6 +1268,7 @@ TS_SCardLocateCardsByATR(STREAM in, STREAM out, RD_BOOL wide)
 	myRsArray = SC_xmalloc(&lcHandle, readerCount * sizeof(MYPCSC_SCARD_READERSTATE_A));
 	if (!myRsArray)
 		return SC_returnNoMemoryError(&lcHandle, in, out);
+	copyReaderState_ServerToMyPCSC(rsArray, myRsArray, readerCount);
 	rv = SCardGetStatusChange((MYPCSC_SCARDCONTEXT) hContext, 0x00000001, myRsArray,
 				  readerCount);
 	copyReaderState_MyPCSCToServer(myRsArray, rsArray, readerCount);
@@ -1572,7 +1573,12 @@ TS_SCardTransmit(STREAM in, STREAM out)
 
 	if (pioRecvPci)
 	{
-		copyIORequest_MyPCSCToServer(myPioRecvPci, pioRecvPci);
+		/*
+		 * pscs-lite mishandles this structure in some cases.
+		 * make sure we only copy it if it is valid.
+		 */
+		if (myPioRecvPci->cbPciLength >= sizeof(MYPCSC_SCARD_IO_REQUEST))
+			copyIORequest_MyPCSCToServer(myPioRecvPci, pioRecvPci);
 	}
 
 	if (rv != SCARD_S_SUCCESS)