From 84339ae1ff1bee0d54d140dae306b5e58496ed3f Mon Sep 17 00:00:00 2001
From: matejcik <ja@matejcik.cz>
Date: Mon, 3 Dec 2018 16:56:01 +0100
Subject: [PATCH] client: properly sanitize and handle invalid inputs from UI
 functions

---
 trezorlib/client.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/trezorlib/client.py b/trezorlib/client.py
index 5ff527bc2c..79e1fda71a 100644
--- a/trezorlib/client.py
+++ b/trezorlib/client.py
@@ -18,6 +18,8 @@ import logging
 import sys
 import warnings
 
+from mnemonic import Mnemonic
+
 from . import exceptions, messages, tools
 
 if sys.version_info.major < 3:
@@ -26,6 +28,7 @@ if sys.version_info.major < 3:
 LOG = logging.getLogger(__name__)
 
 VENDORS = ("bitcointrezor.com", "trezor.io")
+MAX_PASSPHRASE_LENGTH = 50
 
 DEPRECATION_ERROR = """
 Incompatible Trezor library detected.
@@ -109,6 +112,7 @@ class TrezorClient:
             raise
 
         if not pin.isdigit():
+            self.call_raw(messages.Cancel())
             raise ValueError("Non-numeric PIN provided")
 
         resp = self.call_raw(messages.PinMatrixAck(pin=pin))
@@ -131,6 +135,11 @@ class TrezorClient:
                 self.call_raw(messages.Cancel())
                 raise
 
+        passphrase = Mnemonic.normalize_string(passphrase)
+        if len(passphrase) > MAX_PASSPHRASE_LENGTH:
+            self.call_raw(messages.Cancel())
+            raise ValueError("Passphrase too long")
+
         resp = self.call_raw(messages.PassphraseAck(passphrase=passphrase))
         if isinstance(resp, messages.PassphraseStateRequest):
             self.state = resp.state