Skip to content

Commit

Permalink
Audit findings (#26)
Browse files Browse the repository at this point in the history 
* fix audit findings

* Bump Version

* Upload Snapshots
  • Loading branch information
@0xPxt
0xPxt authored Feb 4, 2025
1 parent cbbcf79 commit db74219
Show file tree
Hide file tree
Showing 16 changed files with 31 additions and 8 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ GIT_DESCRIBE=$(shell git describe --tags --abbrev=8 --always --long --dirty 2>/d
VERSION_TAG=$(shell echo $(GIT_DESCRIBE) | sed 's/^v//g')
APPVERSION_M=1
APPVERSION_N=4
APPVERSION_P=0
APPVERSION_P=1
APPVERSION=$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)
APPNAME = "Mina"

Expand Down
9 changes: 7 additions & 2 deletions src/random_oracle_input.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,11 +82,15 @@ void roinput_add_bytes(ROInput *input, const uint8_t *bytes, size_t len)
input->bits_len += 8 * len;
}

void roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len)
int roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len)
{
if (input == NULL || bytes == NULL) {
return -1;
}

size_t remaining = (int)input->bits_capacity * 8 - (int)input->bits_len;
if (remaining < 8 * len) {
return;
return -1;
}
// LSB bits
size_t k = input->bits_len;
Expand All @@ -98,6 +102,7 @@ void roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len)
}
}
input->bits_len += 8 * len;
return 0;
}

void roinput_add_uint32(ROInput *input, const uint32_t x)
Expand Down
2 changes: 1 addition & 1 deletion src/random_oracle_input.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ void roinput_add_field(ROInput *input, const Field a);
void roinput_add_scalar(ROInput *input, const Scalar a);
void roinput_add_bit(ROInput *input, const bool b);
void roinput_add_bytes(ROInput *input, const uint8_t *bytes, size_t len);
void roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len);
int roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len);
void roinput_add_uint32(ROInput *input, const uint32_t x);
void roinput_add_uint64(ROInput *input, const uint64_t x);
int roinput_derive_message(uint8_t *out, const size_t len, const Keypair *kp, const ROInput *msg, const uint8_t network_id);
Expand Down
11 changes: 9 additions & 2 deletions src/sign_msg.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,14 +43,21 @@ void sign_message(uint8_t *dataBuffer, uint8_t dataLength)
}
}

generate_keypair(&kp, account);
if (roinput_add_bytes_le(&roinput, dataBuffer + MSG_OFFSET, dataLength - (ACCOUNT_LENGTH + NETWORK_LENGTH)) < 0) {
THROW(INVALID_PARAMETER);
}

roinput_add_bytes_le(&roinput, dataBuffer + MSG_OFFSET, dataLength - (ACCOUNT_LENGTH + NETWORK_LENGTH));
generate_keypair(&kp, account);

if (!sign(&sig, &kp, &roinput, network)) {
// Clear secret from stack
memset(&kp, 0, sizeof(kp));
THROW(INVALID_PARAMETER);
}

// Clear secret from stack
memset(&kp, 0, sizeof(kp));

memmove(G_io_apdu_buffer, &sig, sizeof(sig));

sendResponse(sizeof(sig), true);
Expand Down
4 changes: 4 additions & 0 deletions src/sign_msg_bagl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,10 @@ UX_FLOW(ux_sign_msg_flow_testnet,

void ui_sign_msg(uint8_t *dataBuffer, uint8_t dataLength)
{
if (dataBuffer == NULL) {
THROW(INVALID_PARAMETER);
}

_msgData.dataBufLength = dataLength;
memcpy(_msgData.msgDataBuf, (char *) dataBuffer, _msgData.dataBufLength);

Expand Down
4 changes: 4 additions & 0 deletions src/sign_msg_nbgl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,10 @@ static void prepare_msg_context(void) {

void ui_sign_msg(uint8_t *dataBuffer, uint8_t dataLength)
{
if (dataBuffer == NULL) {
THROW(INVALID_PARAMETER);
}

_msgData.dataBufLength = dataLength;
memcpy(_msgData.msgDataBuf, (char *) dataBuffer, _msgData.dataBufLength);

Expand Down
5 changes: 4 additions & 1 deletion src/utils.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ int b58_encode(const unsigned char *in, unsigned char length,
// Input buffer too big
return -1;
}
if (length > (sizeof(buffer) / 2)) {
return -1;
}
memcpy(tmp, in, length);
while ((zeroCount < length) && (tmp[zeroCount] == 0)) {
++zeroCount;
Expand Down Expand Up @@ -170,7 +173,7 @@ uint64_t read_uint64_be(const uint8_t *buffer)

char *amount_to_string(char *buf, const size_t len, uint64_t amount)
{
// COIN = 1.000 000 000;
// COIN is 1.000 000 000;
size_t mantissa_len = 1;
for (uint64_t value = amount, _len = 9; value && _len > 0; value /= 10, _len--) {
if (value % 10 != 0) {
Expand Down
Binary file modified tests_zemu/snapshots/fl-mainmenu/00001.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/s-mainmenu/00001.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/s-mainmenu/00009.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/sp-mainmenu/00001.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/sp-mainmenu/00009.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/st-mainmenu/00001.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/x-mainmenu/00001.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/x-mainmenu/00009.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion tests_zemu/tests/standard.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ describe('Standard', function () {
const resp = await app.getAppVersion()
console.log(resp)

expect(resp.version).toEqual('1.4.0')
expect(resp.version).toEqual('1.4.1')
} finally {
await sim.close()
}
Expand Down

0 comments on commit db74219

Please sign in to comment.