From 963913750e8101c1fb75fe008d28a241d8fc2e72 Mon Sep 17 00:00:00 2001 From: Jan Mazak Date: Mon, 19 Feb 2024 15:21:11 +0100 Subject: [PATCH] fix: stricter validation of output chunks --- src/signTxOutput.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/signTxOutput.c b/src/signTxOutput.c index a412c65d..21ccaa89 100644 --- a/src/signTxOutput.c +++ b/src/signTxOutput.c @@ -743,6 +743,10 @@ static void handleDatumInline(read_view_t* view) VALIDATE(chunkSize > 0, ERR_INVALID_DATA); VALIDATE(chunkSize <= MAX_CHUNK_SIZE, ERR_INVALID_DATA); VALIDATE(chunkSize <= subctx->stateData.datumRemainingBytes, ERR_INVALID_DATA); + if (subctx->stateData.datumRemainingBytes >= MAX_CHUNK_SIZE) { + // forces to use chunks of maximum allowed size + VALIDATE(chunkSize == MAX_CHUNK_SIZE, ERR_INVALID_DATA); + } view_parseBuffer(subctx->stateData.datumChunk, view, chunkSize); VALIDATE(view_remainingSize(view) == 0, ERR_INVALID_DATA); @@ -936,7 +940,10 @@ static void handleRefScriptChunkAPDU(const uint8_t* wireDataBuffer, size_t wireD TRACE("chunkSize = %u", chunkSize); VALIDATE(chunkSize > 0, ERR_INVALID_DATA); VALIDATE(chunkSize <= MAX_CHUNK_SIZE, ERR_INVALID_DATA); - + if (subctx->stateData.datumRemainingBytes >= MAX_CHUNK_SIZE) { + // forces to use chunks of maximum allowed size + VALIDATE(chunkSize == MAX_CHUNK_SIZE, ERR_INVALID_DATA); + } VALIDATE(chunkSize <= subctx->stateData.refScriptRemainingBytes, ERR_INVALID_DATA); subctx->stateData.refScriptRemainingBytes -= chunkSize;