1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-21 23:18:13 +00:00

crypto: explicitly initialize variable length arrays

This commit is contained in:
Ondřej Vejpustek 2019-10-04 15:11:46 +02:00 committed by Pavol Rusnak
parent fdad317d8c
commit 11aa654abc
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
4 changed files with 9 additions and 0 deletions

View File

@ -153,6 +153,7 @@ bool base32_8to5(const uint8_t *in, uint8_t length, uint8_t *out,
if (alphabet) { if (alphabet) {
uint8_t decoded[length]; uint8_t decoded[length];
memset(decoded, 0, sizeof(decoded));
for (size_t i = 0; i < length; i++) { for (size_t i = 0; i < length; i++) {
int ret = base32_decode_character(in[i], alphabet); int ret = base32_decode_character(in[i], alphabet);

View File

@ -190,6 +190,7 @@ int base58_encode_check(const uint8_t *data, int datalen,
return 0; return 0;
} }
uint8_t buf[datalen + 32]; uint8_t buf[datalen + 32];
memset(buf, 0, sizeof(buf));
uint8_t *hash = buf + datalen; uint8_t *hash = buf + datalen;
memcpy(buf, data, datalen); memcpy(buf, data, datalen);
hasher_Raw(hasher_type, data, datalen, hash); hasher_Raw(hasher_type, data, datalen, hash);
@ -205,6 +206,7 @@ int base58_decode_check(const char *str, HasherType hasher_type, uint8_t *data,
return 0; return 0;
} }
uint8_t d[datalen + 4]; uint8_t d[datalen + 4];
memset(d, 0, sizeof(d));
size_t res = datalen + 4; size_t res = datalen + 4;
if (b58tobin(d, &res, str) != true) { if (b58tobin(d, &res, str) != true) {
return 0; return 0;
@ -241,6 +243,7 @@ int base58gph_encode_check(const uint8_t *data, int datalen, char *str,
return 0; return 0;
} }
uint8_t buf[datalen + 32]; uint8_t buf[datalen + 32];
memset(buf, 0, sizeof(buf));
uint8_t *hash = buf + datalen; uint8_t *hash = buf + datalen;
memcpy(buf, data, datalen); memcpy(buf, data, datalen);
ripemd160(data, datalen, hash); // No double SHA256, but a single RIPEMD160 ripemd160(data, datalen, hash); // No double SHA256, but a single RIPEMD160
@ -255,6 +258,7 @@ int base58gph_decode_check(const char *str, uint8_t *data, int datalen) {
return 0; return 0;
} }
uint8_t d[datalen + 4]; uint8_t d[datalen + 4];
memset(d, 0, sizeof(d));
size_t res = datalen + 4; size_t res = datalen + 4;
if (b58tobin(d, &res, str) != true) { if (b58tobin(d, &res, str) != true) {
return 0; return 0;

View File

@ -200,6 +200,7 @@ int xmr_base58_addr_encode_check(uint64_t tag, const uint8_t *data, size_t binsz
size_t b58size = b58sz; size_t b58size = b58sz;
uint8_t buf[(binsz + 1) + HASHER_DIGEST_LENGTH]; uint8_t buf[(binsz + 1) + HASHER_DIGEST_LENGTH];
memset(buf, 0, sizeof(buf));
uint8_t *hash = buf + binsz + 1; uint8_t *hash = buf + binsz + 1;
buf[0] = (uint8_t) tag; buf[0] = (uint8_t) tag;
memcpy(buf + 1, data, binsz); memcpy(buf + 1, data, binsz);
@ -213,6 +214,7 @@ int xmr_base58_addr_decode_check(const char *addr, size_t sz, uint64_t *tag, voi
{ {
size_t buflen = 1 + 64 + addr_checksum_size; size_t buflen = 1 + 64 + addr_checksum_size;
uint8_t buf[buflen]; uint8_t buf[buflen];
memset(buf, 0, sizeof(buf));
uint8_t hash[HASHER_DIGEST_LENGTH] = {0}; uint8_t hash[HASHER_DIGEST_LENGTH] = {0};
if (!xmr_base58_decode(addr, sz, buf, &buflen)){ if (!xmr_base58_decode(addr, sz, buf, &buflen)){

View File

@ -267,7 +267,9 @@ bool shamir_interpolate(uint8_t *result, uint8_t result_index,
size_t i = 0, j = 0; size_t i = 0, j = 0;
uint32_t x[8] = {0}; uint32_t x[8] = {0};
uint32_t xs[share_count][8]; uint32_t xs[share_count][8];
memset(xs, 0, sizeof(xs));
uint32_t ys[share_count][8]; uint32_t ys[share_count][8];
memset(ys, 0, sizeof(ys));
uint32_t num[8] = {~0}; /* num is the numerator (=1) */ uint32_t num[8] = {~0}; /* num is the numerator (=1) */
uint32_t denom[8] = {0}; uint32_t denom[8] = {0};
uint32_t tmp[8] = {0}; uint32_t tmp[8] = {0};