From 4122b56e1ce42f54a0d7719483820d86f725f667 Mon Sep 17 00:00:00 2001
From: Pavol Rusnak <stick@gk2.sk>
Date: Tue, 16 Dec 2014 18:49:49 +0100
Subject: [PATCH] check return value of cryptoHDNodePathToPubkey

---
 firmware/crypto.c      | 4 +++-
 firmware/messages.h    | 4 ++--
 firmware/transaction.c | 8 ++++++--
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/firmware/crypto.c b/firmware/crypto.c
index 84450c935..779b1d25b 100644
--- a/firmware/crypto.c
+++ b/firmware/crypto.c
@@ -255,6 +255,7 @@ int cryptoMessageDecrypt(curve_point *nonce, uint8_t *payload, pb_size_t payload
 
 uint8_t *cryptoHDNodePathToPubkey(const HDNodePathType *hdnodepath)
 {
+	if (!hdnodepath->node.has_public_key || hdnodepath->node.public_key.size != 33) return 0;
 	static HDNode node;
 	if (hdnode_from_xpub(hdnodepath->node.depth, hdnodepath->node.fingerprint, hdnodepath->node.child_num, hdnodepath->node.chain_code.bytes, hdnodepath->node.public_key.bytes, &node) == 0) {
 		return 0;
@@ -272,7 +273,8 @@ int cryptoMultisigPubkeyIndex(const MultisigRedeemScriptType *multisig, const ui
 {
 	int i;
 	for (i = 0; i < multisig->pubkeys_count; i++) {
-		if (memcmp(cryptoHDNodePathToPubkey(&(multisig->pubkeys[i])), pubkey, 33) == 0) {
+		const uint8_t *node_pubkey = cryptoHDNodePathToPubkey(&(multisig->pubkeys[i]));
+		if (node_pubkey && memcmp(node_pubkey, pubkey, 33) == 0) {
 			return i;
 		}
 	}
diff --git a/firmware/messages.h b/firmware/messages.h
index d2a513604..a32e3ce8b 100644
--- a/firmware/messages.h
+++ b/firmware/messages.h
@@ -24,9 +24,9 @@
 #include <stdbool.h>
 #include "trezor.h"
 
-#define MSG_IN_SIZE (9*1024)
+#define MSG_IN_SIZE (12*1024)
 
-#define MSG_OUT_SIZE (9*1024)
+#define MSG_OUT_SIZE (12*1024)
 
 #define msg_read(buf, len) msg_read_common('n', (buf), (len))
 #define msg_write(id, ptr) msg_write_common('n', (id), (ptr))
diff --git a/firmware/transaction.c b/firmware/transaction.c
index e9bfa840a..2a75685ae 100644
--- a/firmware/transaction.c
+++ b/firmware/transaction.c
@@ -145,7 +145,9 @@ uint32_t compile_script_multisig(const MultisigRedeemScriptType *multisig, uint8
 		out[r] = 0x50 + m; r++;
 		for (i = 0; i < n; i++) {
 			out[r] = 33; r++; // OP_PUSH 33
-			memcpy(out + r, cryptoHDNodePathToPubkey(&(multisig->pubkeys[i])), 33); r += 33;
+			const uint8_t *pubkey = cryptoHDNodePathToPubkey(&(multisig->pubkeys[i]));
+			if (!pubkey) return 0;
+			memcpy(out + r, pubkey, 33); r += 33;
 		}
 		out[r] = 0x50 + n; r++;
 		out[r] = 0xAE; r++; // OP_CHECKMULTISIG
@@ -171,7 +173,9 @@ uint32_t compile_script_multisig_hash(const MultisigRedeemScriptType *multisig,
 	uint32_t i;
 	for (i = 0; i < n; i++) {
 		d = 33; sha256_Update(&ctx, &d, 1); // OP_PUSH 33
-		sha256_Update(&ctx, cryptoHDNodePathToPubkey(&(multisig->pubkeys[i])), 33);
+		const uint8_t *pubkey = cryptoHDNodePathToPubkey(&(multisig->pubkeys[i]));
+		if (!pubkey) return 0;
+		sha256_Update(&ctx, pubkey, 33);
 	}
 	d = 0x50 + n; sha256_Update(&ctx, &d, 1);
 	d = 0xAE;     sha256_Update(&ctx, &d, 1);