1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

apps.fido_u2f: check apdu length

This commit is contained in:
Jan Pochyla 2017-05-29 17:46:35 +02:00
parent a1d3eda2ca
commit 1a98400ff8

View File

@ -160,16 +160,20 @@ class Cmd:
def to_msg(self): def to_msg(self):
cla = self.data[_APDU_CLA] cla = self.data[_APDU_CLA]
ins = self.data[_APDU_INS] ins = self.data[_APDU_INS]
data = self.data[_APDU_DATA:] lc = (self.data[_APDU_LC1] << 16) + \
return Msg(self.cid, cla, ins, data) (self.data[_APDU_LC2] << 8) + \
(self.data[_APDU_LC3])
data = self.data[_APDU_DATA:_APDU_DATA + lc]
return Msg(self.cid, cla, ins, lc, data)
class Msg: class Msg:
def __init__(self, cid: int, cla: int, ins: int, data: bytes): def __init__(self, cid: int, cla: int, ins: int, lc: int, data: bytes):
self.cid = cid self.cid = cid
self.cla = cla self.cla = cla
self.ins = ins self.ins = ins
self.lc = lc
self.data = data self.data = data
@ -278,8 +282,13 @@ async def dispatch_cmd(req: Cmd) -> Cmd:
m = req.to_msg() m = req.to_msg()
if m.cla != 0: if m.cla != 0:
log.warning(__name__, '_SW_CLA_NOT_SUPPORTED')
return msg_error(req, _SW_CLA_NOT_SUPPORTED) return msg_error(req, _SW_CLA_NOT_SUPPORTED)
if m.lc + _APDU_DATA > len(req.data):
log.warning(__name__, '_SW_WRONG_LENGTH')
return msg_error(req, _SW_WRONG_LENGTH)
if m.ins == _MSG_REGISTER: if m.ins == _MSG_REGISTER:
log.debug(__name__, '_MSG_REGISTER') log.debug(__name__, '_MSG_REGISTER')
return await msg_register(m) return await msg_register(m)
@ -328,6 +337,8 @@ def cmd_init(req: Cmd) -> Cmd:
async def msg_register(req: Msg) -> Cmd: async def msg_register(req: Msg) -> Cmd:
if len(req.data) != 64:
return msg_error(req, _SW_WRONG_LENGTH)
from apps.common import storage from apps.common import storage
if not storage.is_initialized(): if not storage.is_initialized():
@ -394,6 +405,8 @@ async def msg_authenticate(req: Msg) -> Cmd:
def msg_version(req: Msg) -> Cmd: def msg_version(req: Msg) -> Cmd:
if req.data:
return msg_error(req, _SW_WRONG_LENGTH)
return Cmd(req.cid, _CMD_MSG, b'U2F_V2\x90\x00') # includes _SW_NO_ERROR return Cmd(req.cid, _CMD_MSG, b'U2F_V2\x90\x00') # includes _SW_NO_ERROR