Max APDU buffer size checks #276

amendelzon · 2025-01-22T17:59:22Z

Renaming empty buffer error to more generic invalid buffer error
Added max buffer size checks on powHSM, Ledger UI bootloader and Ledger UI heartbeat main I/O logic
Removed lower untrusted SGX & TCPSigner I/O layer disconnection on inconsistent request
Added request buffer emptying after an inconsistent request to untrusted SGX & TCPSigner I/O layer
Added new RawCommand test type to firmware test framework
Added test cases for empty APDU and oversized APDU to firmware tests
Added test cases for Ledger UI bootloader and Ledger UI heartbeat

- Renaming empty buffer error to more generic invalid buffer error - Added max buffer size checks on powHSM, Ledger UI bootloader and Ledger UI heartbeat main I/O logic - Removed lower untrusted SGX & TCPSigner I/O layer disconnection on inconsistent request - Added request buffer emptying after an inconsistent request to untrusted SGX & TCPSigner I/O layer - Added new RawCommand test type to firmware test framework - Added test cases for empty APDU and oversized APDU to firmware tests - Added test cases for Ledger UI bootloader and Ledger UI heartbeat

github-actions · 2025-01-22T17:59:34Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details

Scanned Files

firmware/test/cases/raw_command.py

+
+        # Normal result expectation
+        if not is_nonempty_hex_string(self.expected):
+            self.expected = None


firmware/test/cases/raw_command.py

+        if not is_nonempty_hex_string(self.expected):
+            self.expected = None
+        else:
+            self.expected = bytes.fromhex(self.expected)


italo-sampaio

LGTM!

amendelzon requested a review from italo-sampaio January 22, 2025 17:59

github-advanced-security bot found potential problems Jan 22, 2025

View reviewed changes

italo-sampaio approved these changes Jan 22, 2025

View reviewed changes

amendelzon merged commit 799ea32 into master Jan 22, 2025
8 checks passed

amendelzon deleted the fix/max-apdu-buffer-size-check branch January 22, 2025 20:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Max APDU buffer size checks #276

Max APDU buffer size checks #276

amendelzon commented Jan 22, 2025

github-actions bot commented Jan 22, 2025

italo-sampaio left a comment

Max APDU buffer size checks #276

Max APDU buffer size checks #276

Conversation

amendelzon commented Jan 22, 2025

github-actions bot commented Jan 22, 2025

Dependency Review

OpenSSF Scorecard

Scanned Files

italo-sampaio left a comment

Choose a reason for hiding this comment