Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Audit findings #26

Merged
merged 3 commits into from
Feb 4, 2025
+31 −8
Merged

Audit findings #26

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d10792d
fix audit findings
0xPxt Feb 4, 2025
026ee3a
Bump Version
0xPxt Feb 4, 2025
4fca463
Upload Snapshots
0xPxt Feb 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ GIT_DESCRIBE=$(shell git describe --tags --abbrev=8 --always --long --dirty 2>/d
VERSION_TAG=$(shell echo $(GIT_DESCRIBE) | sed 's/^v//g')
APPVERSION_M=1
APPVERSION_N=4
APPVERSION_P=0
APPVERSION_P=1
APPVERSION=$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)
APPNAME = "Mina"

Expand Down
9 changes: 7 additions & 2 deletions src/random_oracle_input.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,11 +82,15 @@ void roinput_add_bytes(ROInput *input, const uint8_t *bytes, size_t len)
input->bits_len += 8 * len;
}

void roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len)
int roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len)
{
if (input == NULL || bytes == NULL) {
return -1;
}

size_t remaining = (int)input->bits_capacity * 8 - (int)input->bits_len;
if (remaining < 8 * len) {
return;
return -1;
}
// LSB bits
size_t k = input->bits_len;
Expand All @@ -98,6 +102,7 @@ void roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len)
}
}
input->bits_len += 8 * len;
return 0;
}

void roinput_add_uint32(ROInput *input, const uint32_t x)
Expand Down
2 changes: 1 addition & 1 deletion src/random_oracle_input.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ void roinput_add_field(ROInput *input, const Field a);
void roinput_add_scalar(ROInput *input, const Scalar a);
void roinput_add_bit(ROInput *input, const bool b);
void roinput_add_bytes(ROInput *input, const uint8_t *bytes, size_t len);
void roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len);
int roinput_add_bytes_le(ROInput *input, const uint8_t *bytes, size_t len);
void roinput_add_uint32(ROInput *input, const uint32_t x);
void roinput_add_uint64(ROInput *input, const uint64_t x);
int roinput_derive_message(uint8_t *out, const size_t len, const Keypair *kp, const ROInput *msg, const uint8_t network_id);
Expand Down
11 changes: 9 additions & 2 deletions src/sign_msg.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,14 +43,21 @@ void sign_message(uint8_t *dataBuffer, uint8_t dataLength)
}
}

generate_keypair(&kp, account);
if (roinput_add_bytes_le(&roinput, dataBuffer + MSG_OFFSET, dataLength - (ACCOUNT_LENGTH + NETWORK_LENGTH)) < 0) {
THROW(INVALID_PARAMETER);
}

roinput_add_bytes_le(&roinput, dataBuffer + MSG_OFFSET, dataLength - (ACCOUNT_LENGTH + NETWORK_LENGTH));
generate_keypair(&kp, account);

if (!sign(&sig, &kp, &roinput, network)) {
// Clear secret from stack
memset(&kp, 0, sizeof(kp));
THROW(INVALID_PARAMETER);
}

// Clear secret from stack
memset(&kp, 0, sizeof(kp));

memmove(G_io_apdu_buffer, &sig, sizeof(sig));

sendResponse(sizeof(sig), true);
Expand Down
4 changes: 4 additions & 0 deletions src/sign_msg_bagl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,10 @@ UX_FLOW(ux_sign_msg_flow_testnet,

void ui_sign_msg(uint8_t *dataBuffer, uint8_t dataLength)
{
if (dataBuffer == NULL) {
THROW(INVALID_PARAMETER);
}

_msgData.dataBufLength = dataLength;
memcpy(_msgData.msgDataBuf, (char *) dataBuffer, _msgData.dataBufLength);

Expand Down
4 changes: 4 additions & 0 deletions src/sign_msg_nbgl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,10 @@ static void prepare_msg_context(void) {

void ui_sign_msg(uint8_t *dataBuffer, uint8_t dataLength)
{
if (dataBuffer == NULL) {
THROW(INVALID_PARAMETER);
}

_msgData.dataBufLength = dataLength;
memcpy(_msgData.msgDataBuf, (char *) dataBuffer, _msgData.dataBufLength);

Expand Down
5 changes: 4 additions & 1 deletion src/utils.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ int b58_encode(const unsigned char *in, unsigned char length,
// Input buffer too big
return -1;
}
if (length > (sizeof(buffer) / 2)) {
return -1;
}
memcpy(tmp, in, length);
while ((zeroCount < length) && (tmp[zeroCount] == 0)) {
++zeroCount;
Expand Down Expand Up @@ -170,7 +173,7 @@ uint64_t read_uint64_be(const uint8_t *buffer)

char *amount_to_string(char *buf, const size_t len, uint64_t amount)
{
// COIN = 1.000 000 000;
// COIN is 1.000 000 000;
size_t mantissa_len = 1;
for (uint64_t value = amount, _len = 9; value && _len > 0; value /= 10, _len--) {
if (value % 10 != 0) {
Expand Down
Binary file modified tests_zemu/snapshots/fl-mainmenu/00001.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/s-mainmenu/00001.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/s-mainmenu/00009.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/sp-mainmenu/00001.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/sp-mainmenu/00009.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/st-mainmenu/00001.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/x-mainmenu/00001.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified tests_zemu/snapshots/x-mainmenu/00009.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion tests_zemu/tests/standard.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ describe('Standard', function () {
const resp = await app.getAppVersion()
console.log(resp)

expect(resp.version).toEqual('1.4.0')
expect(resp.version).toEqual('1.4.1')
} finally {
await sim.close()
}
Expand Down
Loading