diff --git a/src/utils.c b/src/utils.c index 0b7d583..9c16b6f 100644 --- a/src/utils.c +++ b/src/utils.c @@ -54,7 +54,8 @@ int local_strchr(char *string, char ch) { } // Almost like U4BE except that it takes `size` as a parameter. -uint32_t u32_from_BE(uint8_t *in, uint8_t size) { +// The `strict` parameter defines whether we should throw in case of a length > 4. +uint32_t u32_from_BE(uint8_t *in, uint8_t size, bool strict) { uint32_t res = 0; if (size == 1) { res = in[0]; @@ -62,8 +63,11 @@ uint32_t u32_from_BE(uint8_t *in, uint8_t size) { res = (in[0] << 8) | in[1]; } else if (size == 3) { res = (in[0] << 16) | (in[1] << 8) | in[2]; - } else { + } else if (size == 4) { res = (in[0] << 24) | (in[1] << 16) | (in[2] << 8) | in[3]; + } else if (strict && size != 0) { + PRINTF("Unexpected format\n"); + THROW(EXCEPTION); } return res; } diff --git a/src/utils.h b/src/utils.h index 582fb62..b13c5e2 100644 --- a/src/utils.h +++ b/src/utils.h @@ -32,7 +32,7 @@ int local_strchr(char* string, char ch); void u32_to_str(char* dest, uint8_t dest_size, uint32_t in); // Converts a list of bytes (in BE) of length `size` to a uint32_t. -uint32_t u32_from_BE(uint8_t* in, uint8_t size); +uint32_t u32_from_BE(uint8_t* in, uint8_t size, bool strict); void amountToString(uint8_t* amount, uint8_t amount_len, diff --git a/src_features/signTx/logic_signTx.c b/src_features/signTx/logic_signTx.c index 8be1d51..989331b 100644 --- a/src_features/signTx/logic_signTx.c +++ b/src_features/signTx/logic_signTx.c @@ -248,9 +248,9 @@ void finalizeParsing(bool direct) { uint32_t id = 0; if (txContext.txType == LEGACY) { - id = u32_from_BE(txContext.content->v, txContext.content->vLength); + id = u32_from_BE(txContext.content->v, txContext.content->vLength, true); } else if (txContext.txType == EIP2930) { - id = u32_from_BE(txContext.content->chainID.value, txContext.content->chainID.length); + id = u32_from_BE(txContext.content->chainID.value, txContext.content->chainID.length, false); } else { PRINTF("TxType `%u` not supported while checking for chainID\n", txContext.txType); return; @@ -388,7 +388,7 @@ void finalizeParsing(bool direct) { // Prepare chainID field if (genericUI) { if (txContext.txType == LEGACY) { - uint32_t id = u32_from_BE(txContext.content->v, txContext.content->vLength); + uint32_t id = u32_from_BE(txContext.content->v, txContext.content->vLength, true); u32_to_str((char *) strings.common.chainID, sizeof(strings.common.chainID), id); } else if (txContext.txType == EIP2930) { uint256_t chainID; diff --git a/src_features/signTx/ui_common_signTx.c b/src_features/signTx/ui_common_signTx.c index 54ce048..ac3023a 100644 --- a/src_features/signTx/ui_common_signTx.c +++ b/src_features/signTx/ui_common_signTx.c @@ -8,7 +8,7 @@ unsigned int io_seproxyhal_touch_tx_ok(const bagl_element_t *e) { uint8_t signatureLength; cx_ecfp_private_key_t privateKey; uint32_t tx = 0; - uint32_t v = u32_from_BE(tmpContent.txContent.v, tmpContent.txContent.vLength); + uint32_t v = u32_from_BE(tmpContent.txContent.v, tmpContent.txContent.vLength, true); io_seproxyhal_io_heartbeat(); os_perso_derive_node_bip32(CX_CURVE_256K1, tmpCtx.transactionContext.bip32Path, diff --git a/src_features/signTx/ui_flow_signTx.c b/src_features/signTx/ui_flow_signTx.c index 3edf610..345fef8 100644 --- a/src_features/signTx/ui_flow_signTx.c +++ b/src_features/signTx/ui_flow_signTx.c @@ -173,9 +173,9 @@ void ux_approve_tx(bool dataPresent) { uint32_t id; if (txContext.txType == LEGACY) { - id = u32_from_BE(txContext.content->v, txContext.content->vLength); + id = u32_from_BE(txContext.content->v, txContext.content->vLength, true); } else if (txContext.txType == EIP2930) { - id = u32_from_BE(txContext.content->chainID.value, txContext.content->chainID.length); + id = u32_from_BE(txContext.content->chainID.value, txContext.content->chainID.length, false); } else { PRINTF("TxType `%u` not supported while preparing to approve tx\n", txContext.txType); THROW(0x6501);