arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-06-27 02:12:35 +00:00
Code Issues Releases Wiki Activity

fix(core/protobuf): properly fail on wire type mismatch

Browse Source 
otherwise we'd happily mis-parse a length-delimited field as a varint
one, accepting the length as the varint value and consuming garbage from
the length-delimited data for the next fields
This commit is contained in:
matejcik 2025-04-29 12:33:15 +02:00 committed by matejcik
parent 3e9b29cd67
commit c21cc2034b
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/embed/rust/src/protobuf/decode.rs
View File

@ -100,6 +100,9 @@ impl Decoder {
let prim_type = u8::try_from(field_key & 7)?; let prim_type = u8::try_from(field_key & 7)?;
match msg.field(field_tag) { match msg.field(field_tag) {
Some(field) if field.get_type().primitive_type() != prim_type => {
return Err(error::invalid_value(field.name.into()));
}
Some(field) => { Some(field) => {
let field_value = self.decode_field(stream, field)?; let field_value = self.decode_field(stream, field)?;
let field_name = Qstr::from(field.name); let field_name = Qstr::from(field.name);