Mirrors/trezor-firmware
2
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2026-02-20 00:33:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(crypto): Clean up stack in hdnode_deserialize().

Browse Source
This commit is contained in:
Andrew Kozlik
2026-02-15 18:03:21 +01:00
committed by Andrew Kozlik
parent c6a89c334c
commit 477cbb365a
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
crypto/bip32.c
View File

@@ -712,21 +712,25 @@ int hdnode_serialize_private(const HDNode *node, uint32_t fingerprint,
static int hdnode_deserialize(const char *str, uint32_t version, static int hdnode_deserialize(const char *str, uint32_t version,
bool use_private, const char *curve, HDNode *node, bool use_private, const char *curve, HDNode *node,
uint32_t *fingerprint) { uint32_t *fingerprint) {
int ret = 0;
uint8_t node_data[78] = {0}; uint8_t node_data[78] = {0};
memzero(node, sizeof(HDNode)); memzero(node, sizeof(HDNode));
node->curve = get_curve_by_name(curve); node->curve = get_curve_by_name(curve);
if (base58_decode_check(str, node->curve->hasher_base58, node_data, if (base58_decode_check(str, node->curve->hasher_base58, node_data,
sizeof(node_data)) != sizeof(node_data)) { sizeof(node_data)) != sizeof(node_data)) {
return -1; ret = -1;
goto cleanup;
} }
uint32_t ver = read_be(node_data); uint32_t ver = read_be(node_data);
if (ver != version) { if (ver != version) {
return -3; // invalid version ret = -3; // invalid version
goto cleanup;
} }
if (use_private) { if (use_private) {
// invalid data // invalid data
if (node_data[45]) { if (node_data[45]) {
return -2; ret = -2;
goto cleanup;
} }
memcpy(node->private_key, node_data + 46, 32); memcpy(node->private_key, node_data + 46, 32);
memzero(node->public_key, sizeof(node->public_key)); memzero(node->public_key, sizeof(node->public_key));
@@ -742,7 +746,10 @@ static int hdnode_deserialize(const char *str, uint32_t version,
} }
node->child_num = read_be(node_data + 9); node->child_num = read_be(node_data + 9);
memcpy(node->chain_code, node_data + 13, 32); memcpy(node->chain_code, node_data + 13, 32);
return 0;
cleanup:
memzero(node_data, sizeof(node_data));
return ret;
} }
int hdnode_deserialize_public(const char *str, uint32_t version, int hdnode_deserialize_public(const char *str, uint32_t version,