Mirrors/trezor-firmware
2
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2026-02-19 16:22:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(crypto): Clean up stack in hdnode_deserialize().

Browse Source
This commit is contained in:
Andrew Kozlik
2026-02-15 18:03:21 +01:00
committed by Andrew Kozlik
parent c6a89c334c
commit 477cbb365a
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
crypto/bip32.c
View File

@@ -712,21 +712,25 @@ int hdnode_serialize_private(const HDNode *node, uint32_t fingerprint,
static int hdnode_deserialize(const char *str, uint32_t version,
bool use_private, const char *curve, HDNode *node,
uint32_t *fingerprint) {
int ret = 0;
uint8_t node_data[78] = {0};
memzero(node, sizeof(HDNode));
node->curve = get_curve_by_name(curve);
if (base58_decode_check(str, node->curve->hasher_base58, node_data,
sizeof(node_data)) != sizeof(node_data)) {
return -1;
ret = -1;
goto cleanup;
}
uint32_t ver = read_be(node_data);
if (ver != version) {
return -3; // invalid version
ret = -3; // invalid version
goto cleanup;
}
if (use_private) {
// invalid data
if (node_data[45]) {
return -2;
ret = -2;
goto cleanup;
}
memcpy(node->private_key, node_data + 46, 32);
memzero(node->public_key, sizeof(node->public_key));
@@ -742,7 +746,10 @@ static int hdnode_deserialize(const char *str, uint32_t version,
}
node->child_num = read_be(node_data + 9);
memcpy(node->chain_code, node_data + 13, 32);
return 0;
cleanup:
memzero(node_data, sizeof(node_data));
return ret;
}
int hdnode_deserialize_public(const char *str, uint32_t version,