Merge pull request #5729

7c894fc device_ledger: add paranoid buffer overflow check (moneromooo-monero)
f07524b device_ledger: fix uninitialized additional_key (moneromooo-monero)
This commit is contained in:
luigi1111 2019-08-27 15:19:47 -05:00
commit f68512e9e4
No known key found for this signature in database
GPG Key ID: F4ACA0183641E010
2 changed files with 4 additions and 2 deletions

View File

@ -320,7 +320,9 @@ namespace hw {
bool device_ledger::reset() {
reset_buffer();
int offset = set_command_header_noopt(INS_RESET);
memmove(this->buffer_send+offset, MONERO_VERSION, strlen(MONERO_VERSION));
const size_t verlen = strlen(MONERO_VERSION);
ASSERT_X(offset + verlen <= BUFFER_SEND_SIZE, "MONERO_VERSION is too long")
memmove(this->buffer_send+offset, MONERO_VERSION, verlen);
offset += strlen(MONERO_VERSION);
this->buffer_send[4] = offset-5;
this->length_send = offset;

View File

@ -76,7 +76,7 @@ namespace hw {
rct::key AKout;
ABPkeys(const rct::key& A, const rct::key& B, const bool is_subaddr, bool is_subaddress, bool is_change_address, size_t index, const rct::key& P,const rct::key& AK);
ABPkeys(const ABPkeys& keys) ;
ABPkeys() {index=0;is_subaddress=false;is_subaddress=false;is_change_address=false;}
ABPkeys() {index=0;is_subaddress=false;is_change_address=false;additional_key=false;}
ABPkeys &operator=(const ABPkeys &keys);
};