Merge pull request #58 from coderofstuff/fix-audit-comments

Fix audit comments
coderofstuff · Nov 13, 2023 · 8720204 · 8720204
2 parents a386b9e + 71eb32a
commit 8720204
Show file tree

Hide file tree

Showing 17 changed files with 292 additions and 96 deletions.
diff --git a/src/address.c b/src/address.c
@@ -33,12 +33,19 @@
 
 size_t compress_public_key(const uint8_t public_key[static 64],
                            address_type_e address_type,
-                           uint8_t *out) {
+                           uint8_t *out,
+                           size_t out_len) {
     size_t compressed_pub_size = 0;
     if (address_type == SCHNORR || address_type == P2SH) {
         compressed_pub_size = 32;
+        if (out_len < 32) {
+            return 0;
+        }
         memmove(out, public_key, 32);
     } else if (address_type == ECDSA) {
+        if (out_len < 33) {
+            return 0;
+        }
         compressed_pub_size = 33;
         // If Y coord is even, first byte is 0x02. if odd then 0x03
         out[0] = public_key[63] % 2 == 0 ? 0x02 : 0x03;
@@ -81,8 +88,10 @@ bool address_from_pubkey(const uint8_t public_key[static 64],
     // For schnorr, compressed public key we care about is the X coordinate
     // For ecdsa, compress public key is 1 byte (y-coord: 0x02 if even, 0x03 if odd) then X
     // coordinate
-    size_t compressed_pub_size =
-        compress_public_key(public_key, address_type, compressed_public_key);
+    size_t compressed_pub_size = compress_public_key(public_key,
+                                                     address_type,
+                                                     compressed_public_key,
+                                                     sizeof(compressed_public_key));
 
     if (compressed_pub_size == 0) {
         return false;

diff --git a/src/address.h b/src/address.h
@@ -39,7 +39,8 @@
  */
 size_t compress_public_key(const uint8_t public_key[static 64],
                            address_type_e address_type,
-                           uint8_t *out);
+                           uint8_t *out,
+                           size_t out_len);
 
 /**
  * Convert public key to address.

diff --git a/src/constants.h b/src/constants.h
@@ -67,4 +67,5 @@
 
 #define MESSAGE_SIGNING_KEY "PersonalMessageSigningHash"
 
-#define MAX_OUTPUT_COUNT 2
+#define MAX_OUTPUT_COUNT             2
+#define SCRIPT_PUBLIC_KEY_BUFFER_LEN 40
diff --git a/src/crypto.c b/src/crypto.c
@@ -92,10 +92,12 @@ int crypto_sign_transaction(void) {
                 return error;
             }
 
-            calc_sighash(&G_context.tx_info.transaction,
-                         txin,
-                         public_key.W + 1,
-                         G_context.tx_info.sighash);
+            if (!calc_sighash(&G_context.tx_info.transaction,
+                              txin,
+                              public_key.W + 1,
+                              G_context.tx_info.sighash)) {
+                return -1;
+            }
 
             size_t sig_len = sizeof(G_context.tx_info.signature);
             error = cx_ecschnorr_sign_no_throw(&private_key,