Mirrors
/
wownero
mirror of https://git.wownero.com/wownero/wownero.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

device: bounds checking in Ledger send_secret/receive_secret

This commit is contained in:
xiphon 2019-10-25 13:13:23 +00:00
parent 32febd277d
commit 296ec7c9bb
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/device/device_ledger.cpp
View File

@ -357,9 +357,11 @@ namespace hw {
void device_ledger::send_secret(const unsigned char sec[32], int &offset) { void device_ledger::send_secret(const unsigned char sec[32], int &offset) {
MDEBUG("send_secret: " << this->tx_in_progress); MDEBUG("send_secret: " << this->tx_in_progress);
ASSERT_X(offset + 32 <= BUFFER_SEND_SIZE, "send_secret: out of bounds write (secret)");
memmove(this->buffer_send+offset, sec, 32); memmove(this->buffer_send+offset, sec, 32);
offset +=32; offset +=32;
if (this->tx_in_progress) { if (this->tx_in_progress) {
ASSERT_X(offset + 32 <= BUFFER_SEND_SIZE, "send_secret: out of bounds write (mac)");
this->hmac_map.find_mac((uint8_t*)sec, this->buffer_send+offset); this->hmac_map.find_mac((uint8_t*)sec, this->buffer_send+offset);
offset += 32; offset += 32;
} }
@ -367,9 +369,11 @@ namespace hw {
void device_ledger::receive_secret(unsigned char sec[32], int &offset) { void device_ledger::receive_secret(unsigned char sec[32], int &offset) {
MDEBUG("receive_secret: " << this->tx_in_progress); MDEBUG("receive_secret: " << this->tx_in_progress);
ASSERT_X(offset + 32 <= BUFFER_RECV_SIZE, "receive_secret: out of bounds read (secret)");
memmove(sec, this->buffer_recv+offset, 32); memmove(sec, this->buffer_recv+offset, 32);
offset += 32; offset += 32;
if (this->tx_in_progress) { if (this->tx_in_progress) {
ASSERT_X(offset + 32 <= BUFFER_RECV_SIZE, "receive_secret: out of bounds read (mac)");
this->hmac_map.add_mac((uint8_t*)sec, this->buffer_recv+offset); this->hmac_map.add_mac((uint8_t*)sec, this->buffer_recv+offset);
offset += 32; offset += 32;
} }