Fix multiple vulnerabilities

2022-07-08 11:12:50 +02:00
parent 4eb7109b86
commit e0218520d8
20 changed files with 166 additions and 168 deletions
--- a/src_features/stark_sign/cmd_stark_sign.c
+++ b/src_features/stark_sign/cmd_stark_sign.c
@@ -20,7 +20,7 @@ void handleStarkwareSignMessage(uint8_t p1,
                                __attribute__((unused)) unsigned int *tx) {
    uint8_t privateKeyData[INT256_LENGTH];
    uint32_t i;
-    uint8_t bip32PathLength = *(dataBuffer);
+    uint8_t bip32PathLength;
    uint8_t offset = 1;
    cx_ecfp_private_key_t privateKey;
    poorstream_t bitstream;
@@ -29,10 +29,19 @@ void handleStarkwareSignMessage(uint8_t p1,
    uint8_t protocol = 2;
    uint8_t preOffset, postOffset;
    uint8_t zeroTest;
+
    // Initial checks
    if (appState != APP_STATE_IDLE) {
        reset_app_context();
    }
+
+    if (dataLength < 1) {
+        PRINTF("Invalid data\n");
+        THROW(0x6a80);
+    }
+
+    bip32PathLength = *(dataBuffer);
+
    if ((bip32PathLength < 0x01) || (bip32PathLength > MAX_BIP32_PATH)) {
        PRINTF("Invalid path\n");
        THROW(0x6a80);
@@ -70,10 +79,10 @@ void handleStarkwareSignMessage(uint8_t p1,
    if (p2 != 0) {
        THROW(0x6B00);
    }
-    tmpCtx.transactionContext.pathLength = bip32PathLength;
+    tmpCtx.transactionContext.bip32.length = bip32PathLength;
    for (i = 0; i < bip32PathLength; i++) {
-        tmpCtx.transactionContext.bip32Path[i] = U4BE(dataBuffer, offset);
-        PRINTF("Storing path %d %d\n", i, tmpCtx.transactionContext.bip32Path[i]);
+        tmpCtx.transactionContext.bip32.path[i] = U4BE(dataBuffer, offset);
+        PRINTF("Storing path %d %d\n", i, tmpCtx.transactionContext.bip32.path[i]);
        offset += 4;
    }
    // Discard the path to use part of dataBuffer as a temporary buffer
@@ -205,7 +214,9 @@ void handleStarkwareSignMessage(uint8_t p1,
        cx_ecfp_public_key_t publicKey;
        // Check if the transfer is a self transfer
        io_seproxyhal_io_heartbeat();
-        starkDerivePrivateKey(tmpCtx.transactionContext.bip32Path, bip32PathLength, privateKeyData);
+        starkDerivePrivateKey(tmpCtx.transactionContext.bip32.path,
+                              bip32PathLength,
+                              privateKeyData);
        cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);
        io_seproxyhal_io_heartbeat();
        cx_ecfp_generate_pair(CX_CURVE_Stark256, &publicKey, &privateKey, 1);
--- a/src_features/stark_sign/ui_common_stark_sign.c
+++ b/src_features/stark_sign/ui_common_stark_sign.c
@@ -10,8 +10,8 @@ unsigned int io_seproxyhal_touch_stark_ok(__attribute__((unused)) const bagl_ele
    uint8_t signature[72];
    uint32_t tx = 0;
    io_seproxyhal_io_heartbeat();
-    starkDerivePrivateKey(tmpCtx.transactionContext.bip32Path,
-                          tmpCtx.transactionContext.pathLength,
+    starkDerivePrivateKey(tmpCtx.transactionContext.bip32.path,
+                          tmpCtx.transactionContext.bip32.length,
                          privateKeyData);
    io_seproxyhal_io_heartbeat();
    stark_sign(signature,