diff --git a/ethereum-plugin-sdk b/ethereum-plugin-sdk index 394febe..fac8eb5 160000 --- a/ethereum-plugin-sdk +++ b/ethereum-plugin-sdk @@ -1 +1 @@ -Subproject commit 394febefb735613cf7149748716bfe5ff980c08e +Subproject commit fac8eb51f33ba1416444c116c01ec650f3082471 diff --git a/src/eth_plugin_handler.c b/src/eth_plugin_handler.c index ed9cbd7..725469c 100644 --- a/src/eth_plugin_handler.c +++ b/src/eth_plugin_handler.c @@ -94,7 +94,9 @@ eth_plugin_result_t eth_plugin_perform_init(uint8_t *contractAddress, if (memcmp(init->selector, (const void *) PIC(selectors[j]), SELECTOR_SIZE) == 0) { if ((INTERNAL_ETH_PLUGINS[i].availableCheck == NULL) || ((PluginAvailableCheck) PIC(INTERNAL_ETH_PLUGINS[i].availableCheck))()) { - strcpy(dataContext.tokenContext.pluginName, INTERNAL_ETH_PLUGINS[i].alias); + strlcpy(dataContext.tokenContext.pluginName, + INTERNAL_ETH_PLUGINS[i].alias, + PLUGIN_ID_LENGTH); dataContext.tokenContext.pluginStatus = ETH_PLUGIN_RESULT_OK; contractAddress = NULL; break; diff --git a/src/handle_swap_sign_transaction.c b/src/handle_swap_sign_transaction.c index 24bb2ed..67bdff1 100644 --- a/src/handle_swap_sign_transaction.c +++ b/src/handle_swap_sign_transaction.c @@ -36,7 +36,7 @@ bool copy_transaction_parameters(create_transaction_parameters_t* sign_transacti sizeof(stack_data.fullAmount)); // If the amount is a fee, its value is nominated in ETH even if we're doing an ERC20 swap - strcpy(ticker, config->coinName); + strlcpy(ticker, config->coinName, MAX_TICKER_LEN); decimals = WEI_TO_ETHER; amountToString(sign_transaction_params->fee_amount, sign_transaction_params->fee_amount_length, diff --git a/src/stark_crypto.c b/src/stark_crypto.c index cb7ee65..dc4face 100644 --- a/src/stark_crypto.c +++ b/src/stark_crypto.c @@ -81,7 +81,7 @@ void stark_get_amount_string(uint8_t *contractAddress, mul256(&amountPre, &quantum, &amount); tostring256(&amount, 10, tmp100, 100); PRINTF("stark_get_amount_string - mul256 %s\n", tmp100); - strcpy(target100, ticker); + strlcpy(target100, ticker, 100); adjustDecimals(tmp100, strlen(tmp100), target100 + strlen(ticker), 100, decimals); PRINTF("get_amount_string %s\n", target100); } diff --git a/src/tokens.h b/src/tokens.h index e7507db..321c47f 100644 --- a/src/tokens.h +++ b/src/tokens.h @@ -28,7 +28,7 @@ typedef struct tokenDefinition_t { uint8_t contractName[ADDRESS_LENGTH]; #endif uint8_t address[ADDRESS_LENGTH]; - uint8_t ticker[MAX_TICKER_LEN]; + char ticker[MAX_TICKER_LEN]; uint8_t decimals; } tokenDefinition_t; diff --git a/src/ui_flow.c b/src/ui_flow.c index 6bac181..d88732f 100644 --- a/src/ui_flow.c +++ b/src/ui_flow.c @@ -132,11 +132,13 @@ UX_FLOW(ux_settings_flow, &ux_settings_flow_4_step); void display_settings(const ux_flow_step_t* const start_step) { - strcpy(strings.common.fullAddress, (N_storage.dataAllowed ? "Allowed" : "NOT Allowed")); - strcpy(strings.common.fullAddress + 12, - (N_storage.contractDetails ? "Displayed" : "NOT Displayed")); - strcpy(strings.common.fullAddress + 26, - (N_storage.displayNonce ? "Displayed" : "NOT Displayed")); + strlcpy(strings.common.fullAddress, (N_storage.dataAllowed ? "Allowed" : "NOT Allowed"), 12); + strlcpy(strings.common.fullAddress + 12, + (N_storage.contractDetails ? "Displayed" : "NOT Displayed"), + 26 - 12); + strlcpy(strings.common.fullAddress + 26, + (N_storage.displayNonce ? "Displayed" : "NOT Displayed"), + sizeof(strings.common.fullAddress) - 26); ux_flow_init(0, ux_settings_flow, start_step); } diff --git a/src_features/signMessage/ui_common_signMessage.c b/src_features/signMessage/ui_common_signMessage.c index 5ca15a5..02b15c3 100644 --- a/src_features/signMessage/ui_common_signMessage.c +++ b/src_features/signMessage/ui_common_signMessage.c @@ -4,7 +4,6 @@ unsigned int io_seproxyhal_touch_signMessage_ok(__attribute__((unused)) const bagl_element_t *e) { uint8_t privateKeyData[INT256_LENGTH]; uint8_t signature[100]; - uint8_t signatureLength; cx_ecfp_private_key_t privateKey; uint32_t tx = 0; io_seproxyhal_io_heartbeat(); @@ -18,14 +17,14 @@ unsigned int io_seproxyhal_touch_signMessage_ok(__attribute__((unused)) const ba explicit_bzero(privateKeyData, sizeof(privateKeyData)); unsigned int info = 0; io_seproxyhal_io_heartbeat(); - signatureLength = cx_ecdsa_sign(&privateKey, - CX_RND_RFC6979 | CX_LAST, - CX_SHA256, - tmpCtx.messageSigningContext.hash, - sizeof(tmpCtx.messageSigningContext.hash), - signature, - sizeof(signature), - &info); + cx_ecdsa_sign(&privateKey, + CX_RND_RFC6979 | CX_LAST, + CX_SHA256, + tmpCtx.messageSigningContext.hash, + sizeof(tmpCtx.messageSigningContext.hash), + signature, + sizeof(signature), + &info); explicit_bzero(&privateKey, sizeof(privateKey)); G_io_apdu_buffer[0] = 27; if (info & CX_ECCINFO_PARITY_ODD) { diff --git a/src_features/signMessageEIP712/ui_common_signMessage712.c b/src_features/signMessageEIP712/ui_common_signMessage712.c index b887ebd..db97137 100644 --- a/src_features/signMessageEIP712/ui_common_signMessage712.c +++ b/src_features/signMessageEIP712/ui_common_signMessage712.c @@ -8,7 +8,6 @@ unsigned int io_seproxyhal_touch_signMessage712_v0_ok(__attribute__((unused)) uint8_t privateKeyData[INT256_LENGTH]; uint8_t hash[INT256_LENGTH]; uint8_t signature[100]; - uint8_t signatureLength; cx_ecfp_private_key_t privateKey; uint32_t tx = 0; io_seproxyhal_io_heartbeat(); @@ -43,14 +42,14 @@ unsigned int io_seproxyhal_touch_signMessage712_v0_ok(__attribute__((unused)) explicit_bzero(privateKeyData, sizeof(privateKeyData)); unsigned int info = 0; io_seproxyhal_io_heartbeat(); - signatureLength = cx_ecdsa_sign(&privateKey, - CX_RND_RFC6979 | CX_LAST, - CX_SHA256, - hash, - sizeof(hash), - signature, - sizeof(signature), - &info); + cx_ecdsa_sign(&privateKey, + CX_RND_RFC6979 | CX_LAST, + CX_SHA256, + hash, + sizeof(hash), + signature, + sizeof(signature), + &info); explicit_bzero(&privateKey, sizeof(privateKey)); G_io_apdu_buffer[0] = 27; if (info & CX_ECCINFO_PARITY_ODD) { diff --git a/src_features/signTx/logic_signTx.c b/src_features/signTx/logic_signTx.c index cc1d3f3..336679f 100644 --- a/src_features/signTx/logic_signTx.c +++ b/src_features/signTx/logic_signTx.c @@ -171,7 +171,7 @@ void to_uppercase(char *str, unsigned char size) { } } -void compareOrCopy(char *preapproved_string, char *parsed_string, bool silent_mode) { +void compareOrCopy(char *preapproved_string, size_t size, char *parsed_string, bool silent_mode) { if (silent_mode) { /* ETH address are not fundamentally case sensitive but might have some for checksum purpose, so let's get rid of these diffs */ @@ -181,7 +181,7 @@ void compareOrCopy(char *preapproved_string, char *parsed_string, bool silent_mo THROW(ERR_SILENT_MODE_CHECK_FAILED); } } else { - strcpy(preapproved_string, parsed_string); + strlcpy(preapproved_string, parsed_string, size); } } @@ -358,7 +358,7 @@ void finalizeParsing(bool direct) { tmpContent.txContent.destinationLength = 20; if (pluginProvideToken.token1 != NULL) { decimals = pluginProvideToken.token1->decimals; - ticker = (char *) pluginProvideToken.token1->ticker; + ticker = pluginProvideToken.token1->ticker; } break; default: @@ -388,7 +388,10 @@ void finalizeParsing(bool direct) { displayBuffer + 2, &global_sha3, chainConfig); - compareOrCopy(strings.common.fullAddress, displayBuffer, called_from_swap); + compareOrCopy(strings.common.fullAddress, + sizeof(strings.common.fullAddress), + displayBuffer, + called_from_swap); } else { strcpy(strings.common.fullAddress, "Contract"); } @@ -398,10 +401,13 @@ void finalizeParsing(bool direct) { amountToString(tmpContent.txContent.value.value, tmpContent.txContent.value.length, decimals, - (char *) ticker, + ticker, displayBuffer, sizeof(displayBuffer)); - compareOrCopy(strings.common.fullAmount, displayBuffer, called_from_swap); + compareOrCopy(strings.common.fullAmount, + sizeof(strings.common.fullAddress), + displayBuffer, + called_from_swap); } // Prepare nonce to display if (genericUI) { @@ -415,7 +421,10 @@ void finalizeParsing(bool direct) { // Compute maximum fee if (genericUI) { computeFees(displayBuffer, sizeof(displayBuffer)); - compareOrCopy(strings.common.maxFee, displayBuffer, called_from_swap); + compareOrCopy(strings.common.maxFee, + sizeof(strings.common.maxFee), + displayBuffer, + called_from_swap); } // Prepare chainID field diff --git a/src_features/signTx/ui_common_signTx.c b/src_features/signTx/ui_common_signTx.c index 2419c24..5f6ca3b 100644 --- a/src_features/signTx/ui_common_signTx.c +++ b/src_features/signTx/ui_common_signTx.c @@ -5,7 +5,6 @@ unsigned int io_seproxyhal_touch_tx_ok(__attribute__((unused)) const bagl_element_t *e) { uint8_t privateKeyData[INT256_LENGTH]; uint8_t signature[100]; - uint8_t signatureLength; cx_ecfp_private_key_t privateKey; uint32_t tx = 0; uint32_t v = u32_from_BE(tmpContent.txContent.v, tmpContent.txContent.vLength, true); @@ -19,14 +18,14 @@ unsigned int io_seproxyhal_touch_tx_ok(__attribute__((unused)) const bagl_elemen explicit_bzero(privateKeyData, sizeof(privateKeyData)); unsigned int info = 0; io_seproxyhal_io_heartbeat(); - signatureLength = cx_ecdsa_sign(&privateKey, - CX_RND_RFC6979 | CX_LAST, - CX_SHA256, - tmpCtx.transactionContext.hash, - sizeof(tmpCtx.transactionContext.hash), - signature, - sizeof(signature), - &info); + cx_ecdsa_sign(&privateKey, + CX_RND_RFC6979 | CX_LAST, + CX_SHA256, + tmpCtx.transactionContext.hash, + sizeof(tmpCtx.transactionContext.hash), + signature, + sizeof(signature), + &info); explicit_bzero(&privateKey, sizeof(privateKey)); // Parity is present in the sequence tag in the legacy API if (tmpContent.txContent.vLength == 0) { diff --git a/src_plugins/compound/compound_plugin.c b/src_plugins/compound/compound_plugin.c index e2b129e..66437a8 100644 --- a/src_plugins/compound/compound_plugin.c +++ b/src_plugins/compound/compound_plugin.c @@ -30,7 +30,7 @@ static const uint8_t COMPOUND_EXPECTED_DATA_SIZE[] = { typedef struct compound_parameters_t { uint8_t selectorIndex; uint8_t amount[32]; - uint8_t ticker_1[MAX_TICKER_LEN]; + char ticker_1[MAX_TICKER_LEN]; uint8_t decimals; } compound_parameters_t; @@ -153,15 +153,15 @@ void compound_plugin_call(int message, void *parameters) { compound_parameters_t *context = (compound_parameters_t *) msg->pluginContext; PRINTF("compound plugin provide token: %d\n", (msg->token1 != NULL)); if (msg->token1 != NULL) { - strcpy((char *) context->ticker_1, (char *) msg->token1->ticker); + strlcpy(context->ticker_1, msg->token1->ticker, MAX_TICKER_LEN); switch (context->selectorIndex) { case COMPOUND_REDEEM_UNDERLYING: case COMPOUND_MINT: case CETH_MINT: - msg->result = get_underlying_asset_decimals((char *) &context->ticker_1, - &context->decimals) - ? ETH_PLUGIN_RESULT_OK - : ETH_PLUGIN_RESULT_FALLBACK; + msg->result = + get_underlying_asset_decimals(context->ticker_1, &context->decimals) + ? ETH_PLUGIN_RESULT_OK + : ETH_PLUGIN_RESULT_FALLBACK; break; // Only case where we use the compound contract decimals @@ -182,22 +182,22 @@ void compound_plugin_call(int message, void *parameters) { case ETH_PLUGIN_QUERY_CONTRACT_ID: { ethQueryContractID_t *msg = (ethQueryContractID_t *) parameters; compound_parameters_t *context = (compound_parameters_t *) msg->pluginContext; - strcpy(msg->name, "Type"); + strlcpy(msg->name, "Type", msg->nameLength); switch (context->selectorIndex) { case COMPOUND_REDEEM_UNDERLYING: case COMPOUND_REDEEM: - strcpy(msg->version, "Redeem"); + strlcpy(msg->version, "Redeem", msg->versionLength); break; case COMPOUND_MINT: case CETH_MINT: - strcpy(msg->version, "Lend"); + strlcpy(msg->version, "Lend", msg->versionLength); break; default: break; } - strcat(msg->version, " Assets"); + strlcat(msg->version, " Assets", msg->versionLength); msg->result = ETH_PLUGIN_RESULT_OK; } break; @@ -206,8 +206,8 @@ void compound_plugin_call(int message, void *parameters) { compound_parameters_t *context = (compound_parameters_t *) msg->pluginContext; switch (msg->screenIndex) { case 0: { - strcpy(msg->title, "Amount"); - char *ticker_ptr = (char *) context->ticker_1; + strlcpy(msg->title, "Amount", msg->titleLength); + char *ticker_ptr = context->ticker_1; /* skip "c" in front of cToken unless we use "redeem", as redeem is the only operation dealing with a cToken amount */ if (context->selectorIndex != COMPOUND_REDEEM) { @@ -223,11 +223,11 @@ void compound_plugin_call(int message, void *parameters) { } break; case 1: - strcpy(msg->title, "Contract"); - strcpy(msg->msg, "Compound "); - strcat(msg->msg, - (char *) context->ticker_1 + - 1); // remove the 'c' char at beginning of compound ticker + strlcpy(msg->title, "Contract", msg->titleLength); + strlcpy(msg->msg, "Compound ", msg->msgLength); + strlcat(msg->msg, + context->ticker_1 + 1, + msg->msgLength); // remove the 'c' char at beginning of compound ticker msg->result = ETH_PLUGIN_RESULT_OK; break; default: diff --git a/src_plugins/erc20/erc20_plugin.c b/src_plugins/erc20/erc20_plugin.c index d45b29a..c3be535 100644 --- a/src_plugins/erc20/erc20_plugin.c +++ b/src_plugins/erc20/erc20_plugin.c @@ -16,10 +16,10 @@ typedef struct erc20_parameters_t { uint8_t selectorIndex; uint8_t destinationAddress[21]; uint8_t amount[INT256_LENGTH]; - uint8_t ticker[MAX_TICKER_LEN]; + char ticker[MAX_TICKER_LEN]; uint8_t decimals; uint8_t target; - uint8_t contract_name[MAX_CONTRACT_NAME_LEN]; + char contract_name[MAX_CONTRACT_NAME_LEN]; } erc20_parameters_t; typedef struct contract_t { @@ -58,9 +58,7 @@ bool check_contract(erc20_parameters_t *context) { for (size_t i = 0; i < NUM_CONTRACTS; i++) { contract_t *contract = (contract_t *) PIC(&CONTRACTS[i]); if (memcmp(contract->address, context->destinationAddress, ADDRESS_LENGTH) == 0) { - strncpy((char *) context->contract_name, - contract->name, - sizeof(context->contract_name)); + strncpy(context->contract_name, contract->name, sizeof(context->contract_name)); return true; } } @@ -161,7 +159,7 @@ void erc20_plugin_call(int message, void *parameters) { (msg->token2 != NULL)); if (msg->token1 != NULL) { context->target = TARGET_ADDRESS; - strcpy((char *) context->ticker, (char *) msg->token1->ticker); + strlcpy(context->ticker, msg->token1->ticker, MAX_TICKER_LEN); context->decimals = msg->token1->decimals; if (context->selectorIndex == ERC20_APPROVE) { if (check_contract(context)) { @@ -176,8 +174,8 @@ void erc20_plugin_call(int message, void *parameters) { case ETH_PLUGIN_QUERY_CONTRACT_ID: { ethQueryContractID_t *msg = (ethQueryContractID_t *) parameters; - strcpy(msg->name, "Type"); - strcpy(msg->version, "Approve"); + strlcpy(msg->name, "Type", msg->nameLength); + strlcpy(msg->version, "Approve", msg->versionLength); msg->result = ETH_PLUGIN_RESULT_OK; } break; @@ -186,15 +184,15 @@ void erc20_plugin_call(int message, void *parameters) { erc20_parameters_t *context = (erc20_parameters_t *) msg->pluginContext; switch (msg->screenIndex) { case 0: - strcpy(msg->title, "Amount"); + strlcpy(msg->title, "Amount", msg->titleLength); if (ismaxint(context->amount, sizeof(context->amount))) { - strcpy(msg->msg, "Unlimited "); - strcat(msg->msg, (char *) context->ticker); + strlcpy(msg->msg, "Unlimited ", msg->msgLength); + strlcat(msg->msg, context->ticker, msg->msgLength); } else { amountToString(context->amount, sizeof(context->amount), context->decimals, - (char *) context->ticker, + context->ticker, msg->msg, 100); } @@ -202,10 +200,10 @@ void erc20_plugin_call(int message, void *parameters) { break; case 1: if (context->target >= TARGET_CONTRACT) { - strcpy(msg->title, "Contract"); - strcpy(msg->msg, (char *) context->contract_name); + strlcpy(msg->title, "Contract", msg->titleLength); + strlcpy(msg->msg, context->contract_name, msg->msgLength); } else { - strcpy(msg->title, "Address"); + strlcpy(msg->title, "Address", msg->titleLength); msg->msg[0] = '0'; msg->msg[1] = 'x'; getEthAddressStringFromBinary(context->destinationAddress, diff --git a/src_plugins/erc721/erc721_plugin.c b/src_plugins/erc721/erc721_plugin.c index 49994ce..584ac5c 100644 --- a/src_plugins/erc721/erc721_plugin.c +++ b/src_plugins/erc721/erc721_plugin.c @@ -108,8 +108,8 @@ void erc721_plugin_call(int message, void *parameters) { case ETH_PLUGIN_QUERY_CONTRACT_ID: { ethQueryContractID_t *msg = (ethQueryContractID_t *) parameters; - strcpy(msg->name, "Allowance"); - strcpy(msg->version, ""); + strlcpy(msg->name, "Allowance", msg->nameLength); + strlcpy(msg->version, "", msg->versionLength); msg->result = ETH_PLUGIN_RESULT_OK; } break; @@ -118,19 +118,19 @@ void erc721_plugin_call(int message, void *parameters) { erc721_parameters_t *context = (erc721_parameters_t *) msg->pluginContext; switch (msg->screenIndex) { case 0: - strcpy(msg->title, "Contract Name"); + strlcpy(msg->title, "Contract Name", msg->titleLength); starkware_print_eth_address(tmpContent.txContent.destination, msg->msg); msg->result = ETH_PLUGIN_RESULT_OK; break; case 1: - strcpy(msg->title, "NFT Contract"); + strlcpy(msg->title, "NFT Contract", msg->titleLength); starkware_print_eth_address(context->address, msg->msg); msg->result = ETH_PLUGIN_RESULT_OK; break; case 2: - strcpy(msg->title, "TokenID"); + strlcpy(msg->title, "TokenID", msg->titleLength); starkware_print_stark_key(context->tokenId, msg->msg); msg->result = ETH_PLUGIN_RESULT_OK; break; diff --git a/src_plugins/eth2/eth2_plugin.c b/src_plugins/eth2/eth2_plugin.c index 4d0f7f0..7a43eaf 100644 --- a/src_plugins/eth2/eth2_plugin.c +++ b/src_plugins/eth2/eth2_plugin.c @@ -135,7 +135,7 @@ void eth2_plugin_call(int message, void *parameters) { msg->pluginSharedRW->sha3); // Copy back the string to the global variable. - strcpy(context->deposit_address, tmp); + strlcpy(context->deposit_address, tmp, ETH2_DEPOSIT_PUBKEY_LENGTH); msg->result = ETH_PLUGIN_RESULT_OK; break; } @@ -198,8 +198,8 @@ void eth2_plugin_call(int message, void *parameters) { case ETH_PLUGIN_QUERY_CONTRACT_ID: { ethQueryContractID_t *msg = (ethQueryContractID_t *) parameters; - strcpy(msg->name, "ETH2"); - strcpy(msg->version, "Deposit"); + strlcpy(msg->name, "ETH2", msg->nameLength); + strlcpy(msg->version, "Deposit", msg->versionLength); msg->result = ETH_PLUGIN_RESULT_OK; } break; @@ -210,7 +210,7 @@ void eth2_plugin_call(int message, void *parameters) { case 0: { // Amount screen uint8_t decimals = WEI_TO_ETHER; char *ticker = chainConfig->coinName; - strcpy(msg->title, "Amount"); + strlcpy(msg->title, "Amount", msg->titleLength); amountToString(tmpContent.txContent.value.value, tmpContent.txContent.value.length, decimals, @@ -220,8 +220,8 @@ void eth2_plugin_call(int message, void *parameters) { msg->result = ETH_PLUGIN_RESULT_OK; } break; case 1: { // Deposit pubkey screen - strcpy(msg->title, "Validator"); - strcpy(msg->msg, context->deposit_address); + strlcpy(msg->title, "Validator", msg->titleLength); + strlcpy(msg->msg, context->deposit_address, msg->msgLength); msg->result = ETH_PLUGIN_RESULT_OK; } default: diff --git a/src_plugins/starkware/starkware_plugin.c b/src_plugins/starkware/starkware_plugin.c index be1e71e..c2ae91e 100644 --- a/src_plugins/starkware/starkware_plugin.c +++ b/src_plugins/starkware/starkware_plugin.c @@ -280,18 +280,22 @@ void starkware_print_stark_key(uint8_t *starkKey, char *destination) { } // TODO : rewrite as independant code -void starkware_print_eth_address(uint8_t *address, char *destination) { +void starkware_print_eth_address(uint8_t *address, char *destination, size_t destinationLength) { + if (destinationLength < 43) { + strlcpy(destination, "ERROR", destinationLength); + return; + } destination[0] = '0'; destination[1] = 'x'; - getEthAddressStringFromBinary(address, - destination + 2, - &global_sha3, - chainConfig); + getEthAddressStringFromBinary(address, destination + 2, &global_sha3, chainConfig); destination[42] = '\0'; } // TODO : rewrite as independant code -void starkware_print_amount(uint8_t *amountData, char *destination, bool forEscape) { +void starkware_print_amount(uint8_t *amountData, + char *destination, + size_t destinationLength, + bool forEscape) { uint256_t amount, amountPre, quantum; uint8_t decimals; char *ticker = chainConfig->coinName; @@ -310,7 +314,7 @@ void starkware_print_amount(uint8_t *amountData, char *destination, bool forEsca tokenDefinition_t *token = &tmpCtx.transactionContext.tokens[dataContext.tokenContext.quantumIndex]; decimals = token->decimals; - ticker = (char *) token->ticker; + ticker = token->ticker; readu256BE(amountData, &amountPre); } if (amountData != NULL) { @@ -318,35 +322,35 @@ void starkware_print_amount(uint8_t *amountData, char *destination, bool forEsca mul256(&amountPre, &quantum, &amount); } tostring256(&amount, 10, (char *) (G_io_apdu_buffer + 100), 100); - strcpy(destination, ticker); + strlcpy(destination, ticker, destinationLength); adjustDecimals((char *) (G_io_apdu_buffer + 100), strlen((char *) (G_io_apdu_buffer + 100)), destination + strlen(ticker), - 50 - strlen(ticker), + destinationLength - strlen(ticker), decimals); } // TODO : rewrite as independant code -void starkware_print_ticker(char *destination) { +void starkware_print_ticker(char *destination, size_t destinationLength) { char *ticker = chainConfig->coinName; if (dataContext.tokenContext.quantumIndex != MAX_TOKEN) { tokenDefinition_t *token = &tmpCtx.transactionContext.tokens[dataContext.tokenContext.quantumIndex]; - ticker = (char *) token->ticker; + ticker = token->ticker; } - strcpy(destination, ticker); + strlcpy(destination, ticker, destinationLength); } // TODO : rewrite as independant code -void starkware_print_asset_contract(char *destination) { +void starkware_print_asset_contract(char *destination, size_t destinationLength) { // token has been validated to be present previously if (dataContext.tokenContext.quantumIndex != MAX_TOKEN) { tokenDefinition_t *token = &tmpCtx.transactionContext.tokens[dataContext.tokenContext.quantumIndex]; - starkware_print_eth_address(token->address, destination); + starkware_print_eth_address(token->address, destination, destinationLength); } else { - strcpy(destination, "UNKNOWN"); + strlcpy(destination, "UNKNOWN", destinationLength); } } @@ -368,10 +372,7 @@ void starkware_get_source_address(char *destination) { io_seproxyhal_io_heartbeat(); destination[0] = '0'; destination[1] = 'x'; - getEthAddressStringFromKey(&publicKey, - destination + 2, - &global_sha3, - chainConfig); + getEthAddressStringFromKey(&publicKey, destination + 2, &global_sha3, chainConfig); destination[42] = '\0'; } @@ -646,54 +647,55 @@ void starkware_plugin_call(int message, void *parameters) { PRINTF("starkware query contract id\n"); switch (context->selectorIndex) { case STARKWARE_REGISTER: - strcpy(msg->name, "Register"); + strlcpy(msg->name, "Register", msg->nameLength); break; case STARKWARE_DEPOSIT_TOKEN: case STARKWARE_DEPOSIT_ETH: case STARKWARE_DEPOSIT_NFT: case STARKWARE_PROXY_DEPOSIT_TOKEN: case STARKWARE_PROXY_DEPOSIT_ETH: - strcpy(msg->name, "Deposit"); + strlcpy(msg->name, "Deposit", msg->nameLength); break; case STARKWARE_DEPOSIT_CANCEL: - strcpy(msg->name, "Cancel Deposit"); + strlcpy(msg->name, "Cancel Deposit", msg->nameLength); break; case STARKWARE_DEPOSIT_RECLAIM: case STARKWARE_DEPOSIT_NFT_RECLAIM: - strcpy(msg->name, "Reclaim Deposit"); + strlcpy(msg->name, "Reclaim Deposit", msg->nameLength); break; case STARKWARE_WITHDRAW: case STARKWARE_WITHDRAW_NFT: case STARKWARE_WITHDRAW_AND_MINT: - strcpy(msg->name, "Withdrawal"); + strlcpy(msg->name, "Withdrawal", msg->nameLength); break; case STARKWARE_FULL_WITHDRAW: - strcpy(msg->name, "Full Withdrawal"); + strlcpy(msg->name, "Full Withdrawal", msg->nameLength); break; case STARKWARE_FREEZE: - strcpy(msg->name, "Freeze"); + strlcpy(msg->name, "Freeze", msg->nameLength); break; case STARKWARE_ESCAPE: - strcpy(msg->name, "Escape"); + strlcpy(msg->name, "Escape", msg->nameLength); break; case STARKWARE_VERIFY_ESCAPE: - strcpy(msg->name, "Verify Escape"); + strlcpy(msg->name, "Verify Escape", msg->nameLength); break; case STARKWARE_WITHDRAW_TO: case STARKWARE_WITHDRAW_NFT_TO: - strcpy(msg->name, "Withdrawal To"); + strlcpy(msg->name, "Withdrawal To", msg->nameLength); break; case STARKWARE_REGISTER_AND_DEPOSIT_TOKEN: case STARKWARE_REGISTER_AND_DEPOSIT_ETH: - strcpy(msg->name, "Register&Deposit"); + strlcpy(msg->name, "Register&Deposit", msg->nameLength); break; default: break; } - strcpy(msg->version, - is_deversify_contract(tmpContent.txContent.destination) ? "DeversiFi" - : "Starkware"); + strlcpy( + msg->version, + is_deversify_contract(tmpContent.txContent.destination) ? "DeversiFi" : "Starkware", + msg->versionLength); msg->result = ETH_PLUGIN_RESULT_OK; } break; @@ -702,11 +704,13 @@ void starkware_plugin_call(int message, void *parameters) { starkware_parameters_t *context = (starkware_parameters_t *) msg->pluginContext; switch (msg->screenIndex) { case 0: - strcpy(msg->title, "Contract Name"); + strlcpy(msg->title, "Contract Name", msg->titleLength); if (is_deversify_contract(tmpContent.txContent.destination)) { - strcpy(msg->msg, "DeversiFi"); + strlcpy(msg->msg, "DeversiFi", msg->msgLength); } else { - starkware_print_eth_address(tmpContent.txContent.destination, msg->msg); + starkware_print_eth_address(tmpContent.txContent.destination, + msg->msg, + msg->msgLength); } msg->result = ETH_PLUGIN_RESULT_OK; break; @@ -715,12 +719,12 @@ void starkware_plugin_call(int message, void *parameters) { case STARKWARE_REGISTER: case STARKWARE_REGISTER_AND_DEPOSIT_TOKEN: case STARKWARE_REGISTER_AND_DEPOSIT_ETH: - strcpy(msg->title, "From ETH Address"); - starkware_print_eth_address(context->amount, msg->msg); + strlcpy(msg->title, "From ETH Address", msg->titleLength); + starkware_print_eth_address(context->amount, msg->msg, msg->msgLength); break; case STARKWARE_ESCAPE: - strcpy(msg->title, "Amount"); - starkware_print_amount(context->amount, msg->msg, true); + strlcpy(msg->title, "Amount", msg->titleLength); + starkware_print_amount(context->amount, msg->msg, msg->msgLength, true); break; case STARKWARE_DEPOSIT_TOKEN: case STARKWARE_DEPOSIT_ETH: @@ -738,7 +742,7 @@ void starkware_plugin_call(int message, void *parameters) { case STARKWARE_WITHDRAW_AND_MINT: case STARKWARE_WITHDRAW_NFT: case STARKWARE_WITHDRAW_NFT_TO: - strcpy(msg->title, "Master Account"); + strlcpy(msg->title, "Master Account", msg->titleLength); starkware_print_stark_key(context->starkKey, msg->msg); break; default: @@ -755,7 +759,7 @@ void starkware_plugin_call(int message, void *parameters) { case STARKWARE_ESCAPE: case STARKWARE_REGISTER_AND_DEPOSIT_TOKEN: case STARKWARE_REGISTER_AND_DEPOSIT_ETH: - strcpy(msg->title, "Master Account"); + strlcpy(msg->title, "Master Account", msg->titleLength); starkware_print_stark_key(context->starkKey, msg->msg); break; @@ -769,22 +773,22 @@ void starkware_plugin_call(int message, void *parameters) { case STARKWARE_FREEZE: case STARKWARE_DEPOSIT_NFT: case STARKWARE_DEPOSIT_NFT_RECLAIM: - strcpy(msg->title, "Token Account"); + strlcpy(msg->title, "Token Account", msg->titleLength); starkware_print_vault_id(U4BE(context->vaultId, 0), msg->msg); break; case STARKWARE_WITHDRAW: case STARKWARE_WITHDRAW_NFT: - strcpy(msg->title, "To ETH Address"); + strlcpy(msg->title, "To ETH Address", msg->titleLength); starkware_get_source_address(msg->msg); break; case STARKWARE_WITHDRAW_TO: case STARKWARE_WITHDRAW_NFT_TO: - strcpy(msg->title, "To ETH Address"); - starkware_print_eth_address(context->amount, msg->msg); + strlcpy(msg->title, "To ETH Address", msg->titleLength); + starkware_print_eth_address(context->amount, msg->msg, msg->msgLength); break; case STARKWARE_WITHDRAW_AND_MINT: - strcpy(msg->title, "Asset Contract"); - starkware_print_asset_contract(msg->msg); + strlcpy(msg->title, "Asset Contract", msg->titleLength); + starkware_print_asset_contract(msg->msg, msg->msgLength); break; default: @@ -799,39 +803,40 @@ void starkware_plugin_call(int message, void *parameters) { case 3: switch (context->selectorIndex) { case STARKWARE_ESCAPE: - strcpy(msg->title, "Token Account"); + strlcpy(msg->title, "Token Account", msg->titleLength); starkware_print_vault_id(U4BE(context->vaultId, 0), msg->msg); break; case STARKWARE_DEPOSIT_TOKEN: case STARKWARE_DEPOSIT_ETH: case STARKWARE_PROXY_DEPOSIT_TOKEN: case STARKWARE_PROXY_DEPOSIT_ETH: - strcpy(msg->title, "Amount"); + strlcpy(msg->title, "Amount", msg->titleLength); starkware_print_amount( (((context->selectorIndex == STARKWARE_DEPOSIT_ETH) || (context->selectorIndex == STARKWARE_PROXY_DEPOSIT_ETH)) ? NULL : context->amount), msg->msg, + msg->msgLength, false); break; case STARKWARE_WITHDRAW: case STARKWARE_WITHDRAW_TO: - strcpy(msg->title, "Token Symbol"); - starkware_print_ticker(msg->msg); + strlcpy(msg->title, "Token Symbol", msg->titleLength); + starkware_print_ticker(msg->msg, msg->msgLength); break; case STARKWARE_WITHDRAW_NFT: case STARKWARE_WITHDRAW_NFT_TO: case STARKWARE_DEPOSIT_NFT: case STARKWARE_DEPOSIT_NFT_RECLAIM: - strcpy(msg->title, "NFT Contract"); - starkware_print_asset_contract(msg->msg); + strlcpy(msg->title, "NFT Contract", msg->titleLength); + starkware_print_asset_contract(msg->msg, msg->msgLength); break; case STARKWARE_REGISTER_AND_DEPOSIT_TOKEN: case STARKWARE_REGISTER_AND_DEPOSIT_ETH: - strcpy(msg->title, "Token Account"); + strlcpy(msg->title, "Token Account", msg->titleLength); starkware_print_vault_id(U4BE(context->vaultId, 0), msg->msg); break; @@ -850,18 +855,19 @@ void starkware_plugin_call(int message, void *parameters) { case STARKWARE_WITHDRAW_NFT_TO: case STARKWARE_DEPOSIT_NFT: case STARKWARE_DEPOSIT_NFT_RECLAIM: - strcpy(msg->title, "TokenID"); + strlcpy(msg->title, "TokenID", msg->titleLength); starkware_print_stark_key(dataContext.tokenContext.quantum, msg->msg); break; case STARKWARE_REGISTER_AND_DEPOSIT_TOKEN: case STARKWARE_REGISTER_AND_DEPOSIT_ETH: - strcpy(msg->title, "Amount"); + strlcpy(msg->title, "Amount", msg->titleLength); starkware_print_amount( ((context->selectorIndex == STARKWARE_REGISTER_AND_DEPOSIT_ETH) ? NULL : context->amount), msg->msg, + msg->msgLength, false); break;