fix(cardano): add input validation

2024-12-18 12:28:09 +00:00 · 2022-01-13 09:39:10 +01:00 · 2022-01-13 09:39:10 +01:00 · 143af80aea
commit 143af80aea
parent 48587d83fe
3 changed files with 43 additions and 0 deletions
--- a/common/tests/fixtures/cardano/sign_tx.failed.json
+++ b/common/tests/fixtures/cardano/sign_tx.failed.json
@ -4,6 +4,39 @@
    "passphrase": ""
  },
  "tests": [
+    {
+      "description": "Input prev hash has incorrect length",
+      "parameters": {
+        "protocol_magic": 764824073,
+        "network_id": 1,
+        "fee": 42,
+        "ttl": 10,
+        "certificates": [],
+        "withdrawals": [],
+        "auxiliary_data": null,
+        "inputs": [
+          {
+            "path": "m/1852'/1815'/0'/0/0",
+            "prev_hash": "3b40265111d8bb3c3c608d95b3a0bf83461ace32d79336579a1939b3",
+            "prev_index": 0
+          }
+        ],
+        "outputs": [
+          {
+            "address": "Ae2tdPwUPEZCanmBz5g2GEwFqKTKpNJcGYPKfDxoNeKZ8bRHr8366kseiK2",
+            "amount": "3003112"
+          }
+        ],
+        "mint": [],
+        "script_data_hash": null,
+        "signing_mode": "ORDINARY_TRANSACTION",
+        "additional_witness_requests": [],
+        "include_network_id": false
+      },
+      "result": {
+        "error_message": "Invalid input"
+      }
+    },
    {
      "description": "Output address is a valid CBOR but invalid Cardano address",
      "parameters": {
--- a/core/src/apps/cardano/helpers/init.py
+++ b/core/src/apps/cardano/helpers/init.py
@ -4,6 +4,7 @@ INVALID_ADDRESS = wire.ProcessError("Invalid address")
 INVALID_ADDRESS_PARAMETERS = wire.ProcessError("Invalid address parameters")
 NETWORK_MISMATCH = wire.ProcessError("Output address network mismatch")
 INVALID_TX_SIGNING_REQUEST = wire.ProcessError("Invalid tx signing request")
+INVALID_INPUT = wire.ProcessError("Invalid input")
 INVALID_OUTPUT = wire.ProcessError("Invalid output")
 INVALID_CERTIFICATE = wire.ProcessError("Invalid certificate")
 INVALID_WITHDRAWAL = wire.ProcessError("Invalid withdrawal")
@ -22,6 +23,7 @@ INVALID_OUTPUT_DATUM_HASH = wire.ProcessError("Invalid output datum hash")
 INVALID_SCRIPT_DATA_HASH = wire.ProcessError("Invalid script data hash")

 LOVELACE_MAX_SUPPLY = 45_000_000_000 * 1_000_000
+INPUT_PREV_HASH_SIZE = 32
 ADDRESS_KEY_HASH_SIZE = 28
 SCRIPT_HASH_SIZE = 28
 OUTPUT_DATUM_HASH_SIZE = 32
--- a/core/src/apps/cardano/sign_tx.py
+++ b/core/src/apps/cardano/sign_tx.py
@ -60,6 +60,8 @@ from .certificates import (
    validate_pool_relay,
 )
 from .helpers import (
+    INPUT_PREV_HASH_SIZE,
+    INVALID_INPUT,
    INVALID_OUTPUT,
    INVALID_OUTPUT_DATUM_HASH,
    INVALID_SCRIPT_DATA_HASH,
@ -341,6 +343,7 @@ async def _process_inputs(
    """Read, validate and serialize the inputs."""
    for _ in range(inputs_count):
        input: CardanoTxInput = await ctx.call(CardanoTxItemAck(), CardanoTxInput)
+        _validate_input(input)
        inputs_list.append((input.prev_hash, input.prev_index))


@ -778,6 +781,11 @@ def _validate_stake_pool_registration_tx_structure(msg: CardanoSignTxInit) -> No
        raise INVALID_STAKE_POOL_REGISTRATION_TX_STRUCTURE


+def _validate_input(input: CardanoTxInput) -> None:
+    if len(input.prev_hash) != INPUT_PREV_HASH_SIZE:
+        raise INVALID_INPUT
+
+
 def _validate_output(
    output: CardanoTxOutput,
    signing_mode: CardanoTxSigningMode,