d-bis/app-ethereum
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix all the defects identified by Clang Static Analyzer

Browse Source 
Some fixes are dirty, but it is a start to enforce scan-build on
every commit.

Signed-off-by: pscott <scott.piriou@ledger.fr>
This commit is contained in:
Jean-Baptiste Bédrune
2021-07-16 12:04:39 +02:00
committed by pscott
parent c27d59d792
commit cd78581ffd
15 changed files with 158 additions and 144 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src_features/signMessage/ui_common_signMessage.c
View File

@@ -4,7 +4,6 @@
unsigned int io_seproxyhal_touch_signMessage_ok(__attribute__((unused)) const bagl_element_t *e) {
uint8_t privateKeyData[INT256_LENGTH];
uint8_t signature[100];
uint8_t signatureLength;
cx_ecfp_private_key_t privateKey;
uint32_t tx = 0;
io_seproxyhal_io_heartbeat();
@@ -18,14 +17,14 @@ unsigned int io_seproxyhal_touch_signMessage_ok(__attribute__((unused)) const ba
explicit_bzero(privateKeyData, sizeof(privateKeyData));
unsigned int info = 0;
io_seproxyhal_io_heartbeat();
signatureLength = cx_ecdsa_sign(&privateKey,
CX_RND_RFC6979 | CX_LAST,
CX_SHA256,
tmpCtx.messageSigningContext.hash,
sizeof(tmpCtx.messageSigningContext.hash),
signature,
sizeof(signature),
&info);
cx_ecdsa_sign(&privateKey,
CX_RND_RFC6979 | CX_LAST,
CX_SHA256,
tmpCtx.messageSigningContext.hash,
sizeof(tmpCtx.messageSigningContext.hash),
signature,
sizeof(signature),
&info);
explicit_bzero(&privateKey, sizeof(privateKey));
G_io_apdu_buffer[0] = 27;
if (info & CX_ECCINFO_PARITY_ODD) {

17
src_features/signMessageEIP712/ui_common_signMessage712.c
View File

@@ -8,7 +8,6 @@ unsigned int io_seproxyhal_touch_signMessage712_v0_ok(__attribute__((unused))
uint8_t privateKeyData[INT256_LENGTH];
uint8_t hash[INT256_LENGTH];
uint8_t signature[100];
uint8_t signatureLength;
cx_ecfp_private_key_t privateKey;
uint32_t tx = 0;
io_seproxyhal_io_heartbeat();
@@ -43,14 +42,14 @@ unsigned int io_seproxyhal_touch_signMessage712_v0_ok(__attribute__((unused))
explicit_bzero(privateKeyData, sizeof(privateKeyData));
unsigned int info = 0;
io_seproxyhal_io_heartbeat();
signatureLength = cx_ecdsa_sign(&privateKey,
CX_RND_RFC6979 | CX_LAST,
CX_SHA256,
hash,
sizeof(hash),
signature,
sizeof(signature),
&info);
cx_ecdsa_sign(&privateKey,
CX_RND_RFC6979 | CX_LAST,
CX_SHA256,
hash,
sizeof(hash),
signature,
sizeof(signature),
&info);
explicit_bzero(&privateKey, sizeof(privateKey));
G_io_apdu_buffer[0] = 27;
if (info & CX_ECCINFO_PARITY_ODD) {

23
src_features/signTx/logic_signTx.c
View File

@@ -171,7 +171,7 @@ void to_uppercase(char *str, unsigned char size) {
}
}
void compareOrCopy(char *preapproved_string, char *parsed_string, bool silent_mode) {
void compareOrCopy(char *preapproved_string, size_t size, char *parsed_string, bool silent_mode) {
if (silent_mode) {
/* ETH address are not fundamentally case sensitive but might
have some for checksum purpose, so let's get rid of these diffs */
@@ -181,7 +181,7 @@ void compareOrCopy(char *preapproved_string, char *parsed_string, bool silent_mo
THROW(ERR_SILENT_MODE_CHECK_FAILED);
}
} else {
strcpy(preapproved_string, parsed_string);
strlcpy(preapproved_string, parsed_string, size);
}
}
@@ -358,7 +358,7 @@ void finalizeParsing(bool direct) {
tmpContent.txContent.destinationLength = 20;
if (pluginProvideToken.token1 != NULL) {
decimals = pluginProvideToken.token1->decimals;
ticker = (char *) pluginProvideToken.token1->ticker;
ticker = pluginProvideToken.token1->ticker;
}
break;
default:
@@ -388,7 +388,10 @@ void finalizeParsing(bool direct) {
displayBuffer + 2,
&global_sha3,
chainConfig);
compareOrCopy(strings.common.fullAddress, displayBuffer, called_from_swap);
compareOrCopy(strings.common.fullAddress,
sizeof(strings.common.fullAddress),
displayBuffer,
called_from_swap);
} else {
strcpy(strings.common.fullAddress, "Contract");
}
@@ -398,10 +401,13 @@ void finalizeParsing(bool direct) {
amountToString(tmpContent.txContent.value.value,
tmpContent.txContent.value.length,
decimals,
(char *) ticker,
ticker,
displayBuffer,
sizeof(displayBuffer));
compareOrCopy(strings.common.fullAmount, displayBuffer, called_from_swap);
compareOrCopy(strings.common.fullAmount,
sizeof(strings.common.fullAddress),
displayBuffer,
called_from_swap);
}
// Prepare nonce to display
if (genericUI) {
@@ -415,7 +421,10 @@ void finalizeParsing(bool direct) {
// Compute maximum fee
if (genericUI) {
computeFees(displayBuffer, sizeof(displayBuffer));
compareOrCopy(strings.common.maxFee, displayBuffer, called_from_swap);
compareOrCopy(strings.common.maxFee,
sizeof(strings.common.maxFee),
displayBuffer,
called_from_swap);
}
// Prepare chainID field

17
src_features/signTx/ui_common_signTx.c
View File

@@ -5,7 +5,6 @@
unsigned int io_seproxyhal_touch_tx_ok(__attribute__((unused)) const bagl_element_t *e) {
uint8_t privateKeyData[INT256_LENGTH];
uint8_t signature[100];
uint8_t signatureLength;
cx_ecfp_private_key_t privateKey;
uint32_t tx = 0;
uint32_t v = u32_from_BE(tmpContent.txContent.v, tmpContent.txContent.vLength, true);
@@ -19,14 +18,14 @@ unsigned int io_seproxyhal_touch_tx_ok(__attribute__((unused)) const bagl_elemen
explicit_bzero(privateKeyData, sizeof(privateKeyData));
unsigned int info = 0;
io_seproxyhal_io_heartbeat();
signatureLength = cx_ecdsa_sign(&privateKey,
CX_RND_RFC6979 | CX_LAST,
CX_SHA256,
tmpCtx.transactionContext.hash,
sizeof(tmpCtx.transactionContext.hash),
signature,
sizeof(signature),
&info);
cx_ecdsa_sign(&privateKey,
CX_RND_RFC6979 | CX_LAST,
CX_SHA256,
tmpCtx.transactionContext.hash,
sizeof(tmpCtx.transactionContext.hash),
signature,
sizeof(signature),
&info);
explicit_bzero(&privateKey, sizeof(privateKey));
// Parity is present in the sequence tag in the legacy API
if (tmpContent.txContent.vLength == 0) {