From 137a60ce017c402ac160258bcc4b5f7b5aba0560 Mon Sep 17 00:00:00 2001
From: Pavol Rusnak <stick@gk2.sk>
Date: Tue, 24 Feb 2015 15:17:49 +0100
Subject: [PATCH] set multisig_fp_mismatch when non-multisig input is
 encountered

---
 firmware/messages.c |  1 +
 firmware/signing.c  | 39 +++++++++++++++++++++------------------
 2 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/firmware/messages.c b/firmware/messages.c
index 8c11cbeabe..1c95d8167e 100644
--- a/firmware/messages.c
+++ b/firmware/messages.c
@@ -281,6 +281,7 @@ enum {
 void msg_process(char type, uint16_t msg_id, const pb_field_t *fields, uint8_t *msg_raw, uint32_t msg_size)
 {
 	static uint8_t msg_data[MSG_IN_SIZE];
+	memset(msg_data, 0, sizeof(msg_data));
 	pb_istream_t stream = pb_istream_from_buffer(msg_raw, msg_size);
 	bool status = pb_decode(&stream, fields, msg_data);
 	if (status) {
diff --git a/firmware/signing.c b/firmware/signing.c
index f16f42debd..26c202d5a9 100644
--- a/firmware/signing.c
+++ b/firmware/signing.c
@@ -279,26 +279,29 @@ void signing_txack(TransactionType *tx)
 		case STAGE_REQUEST_1_INPUT:
 			/* compute multisig fingerprint */
 			/* (if all input share the same fingerprint, outputs having the same fingerprint will be considered as change outputs) */
-			if (tx->inputs[0].script_type == InputScriptType_SPENDMULTISIG &&
-			    tx->inputs[0].has_multisig && !multisig_fp_mismatch) {
-				if (multisig_fp_set) {
-					uint8_t h[32];
-					if (cryptoMultisigFingerprint(&(tx->inputs[0].multisig), h) == 0) {
-						fsm_sendFailure(FailureType_Failure_Other, "Error computing multisig fingeprint");
-						signing_abort();
-						return;
+			if (tx->inputs[0].script_type == InputScriptType_SPENDMULTISIG) {
+				if (tx->inputs[0].has_multisig && !multisig_fp_mismatch) {
+					if (multisig_fp_set) {
+						uint8_t h[32];
+						if (cryptoMultisigFingerprint(&(tx->inputs[0].multisig), h) == 0) {
+							fsm_sendFailure(FailureType_Failure_Other, "Error computing multisig fingeprint");
+							signing_abort();
+							return;
+						}
+						if (memcmp(multisig_fp, h, 32) != 0) {
+							multisig_fp_mismatch = true;
+						}
+					} else {
+						if (cryptoMultisigFingerprint(&(tx->inputs[0].multisig), multisig_fp) == 0) {
+							fsm_sendFailure(FailureType_Failure_Other, "Error computing multisig fingeprint");
+							signing_abort();
+							return;
+						}
+						multisig_fp_set = true;
 					}
-					if (memcmp(multisig_fp, h, 32) != 0) {
-						multisig_fp_mismatch = true;
-					}
-				} else {
-					if (cryptoMultisigFingerprint(&(tx->inputs[0].multisig), multisig_fp) == 0) {
-						fsm_sendFailure(FailureType_Failure_Other, "Error computing multisig fingeprint");
-						signing_abort();
-						return;
-					}
-					multisig_fp_set = true;
 				}
+			} else { // InputScriptType_SPENDADDRESS
+				multisig_fp_mismatch = true;
 			}
 			sha256_Update(&tc, (const uint8_t *)tx->inputs, sizeof(TxInputType));
 			memcpy(&input, tx->inputs, sizeof(TxInputType));