Merge develop to master following B2CA-987 #9
Conversation
Stop using a custom compiler version
Add Stax support + major refactoring
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| switch (root_item_idx) { | ||
| case root_item_memo: { | ||
| if (strlen(parser_tx_obj.query.out_val) == 0) { | ||
| err = parser_query_no_results; | ||
| continue; | ||
| } | ||
| break; | ||
| } | ||
| case root_item_msgs: { | ||
| // Note: if we are dealing with the message field, Ledger has requested that we group. | ||
| // This means that if all messages share the same time, we should only count the type field once | ||
| // This is indicated by `parser_tx_obj.flags.msg_type_grouping` | ||
|
|
||
| // GROUPING: Message Type | ||
| if (parser_tx_obj.flags.msg_type_grouping && is_msg_type_field(tmp_key)) { | ||
| // First message, initialize expected type | ||
| if (parser_tx_obj.filter_msg_type_count == 0) { | ||
|
|
||
| if (strlen(tmp_val) >= sizeof(reference_msg_type)) { | ||
| return parser_unexpected_type; | ||
| } | ||
|
|
||
| snprintf(reference_msg_type, sizeof(reference_msg_type), "%s", tmp_val); | ||
| parser_tx_obj.filter_msg_type_valid_idx = current_item_idx; | ||
| } | ||
|
|
||
| if (strcmp(reference_msg_type, tmp_val) != 0) { | ||
| // different values, so disable grouping | ||
| parser_tx_obj.flags.msg_type_grouping = 0; | ||
| parser_tx_obj.filter_msg_type_count = 0; | ||
| } | ||
|
|
||
| parser_tx_obj.filter_msg_type_count++; | ||
| } | ||
|
|
||
| // GROUPING: Message From | ||
| if (parser_tx_obj.flags.msg_from_grouping && is_msg_from_field(tmp_key)) { | ||
| // First message, initialize expected from | ||
| if (parser_tx_obj.filter_msg_from_count == 0) { | ||
| snprintf(reference_msg_from, sizeof(reference_msg_from), "%s", tmp_val); | ||
| parser_tx_obj.filter_msg_from_valid_idx = current_item_idx; | ||
| } | ||
|
|
||
| if (strcmp(reference_msg_from, tmp_val) != 0) { | ||
| // different values, so disable grouping | ||
| parser_tx_obj.flags.msg_from_grouping = 0; | ||
| parser_tx_obj.filter_msg_from_count = 0; | ||
| } | ||
|
|
||
| parser_tx_obj.filter_msg_from_count++; | ||
| } | ||
|
|
||
| ZEMU_LOGF(200, "[ZEMU] %s [%d/%d]", tmp_key, parser_tx_obj.filter_msg_type_count, parser_tx_obj.filter_msg_from_count); | ||
| break; | ||
| } | ||
| default: | ||
| break; | ||
| } |
Check notice
Code scanning / CodeQL
Long switch case Note
| switch (token_type) { | ||
| case JSMN_OBJECT: { | ||
| const size_t key_len = strlen(parser_tx_obj.query.out_key); | ||
| for (uint16_t i = 0; i < el_count; ++i) { | ||
| uint16_t key_index; | ||
| uint16_t value_index; | ||
|
|
||
| CHECK_PARSER_ERR(object_get_nth_key(&parser_tx_obj.json, root_token_index, i, &key_index)) | ||
| CHECK_PARSER_ERR(object_get_nth_value(&parser_tx_obj.json, root_token_index, i, &value_index)) | ||
|
|
||
| // Skip writing keys if we are actually exploring to count | ||
| append_key_item(key_index); | ||
| CHECK_APP_CANARY() | ||
|
|
||
| // When traversing objects both level and depth should be considered | ||
| parser_tx_obj.query.max_level--; | ||
| parser_tx_obj.query.max_depth--; | ||
|
|
||
| // Traverse the value, extracting subkeys | ||
| err = tx_traverse_find(value_index, ret_value_token_index); | ||
| CHECK_APP_CANARY() | ||
| parser_tx_obj.query.max_level++; | ||
| parser_tx_obj.query.max_depth++; | ||
|
|
||
| if (err == parser_ok) { | ||
| return parser_ok; | ||
| } | ||
|
|
||
| *(parser_tx_obj.query.out_key + key_len) = 0; | ||
| CHECK_APP_CANARY() | ||
| } | ||
| break; | ||
| } | ||
| case JSMN_ARRAY: { | ||
| for (uint16_t i = 0; i < el_count; ++i) { | ||
| uint16_t element_index; | ||
| CHECK_PARSER_ERR(array_get_nth_element(&parser_tx_obj.json, | ||
| root_token_index, i, | ||
| &element_index)) | ||
| CHECK_APP_CANARY() | ||
|
|
||
| // When iterating along an array, | ||
| // the level does not change but we need to count the recursion | ||
| parser_tx_obj.query.max_depth--; | ||
| err = tx_traverse_find(element_index, ret_value_token_index); | ||
| parser_tx_obj.query.max_depth++; | ||
|
|
||
| CHECK_APP_CANARY() | ||
|
|
||
| if (err == parser_ok) { | ||
| return parser_ok; | ||
| } | ||
| } | ||
| break; | ||
| } | ||
| default: | ||
| break; | ||
| } |
Check notice
Code scanning / CodeQL
Long switch case Note
| ram_buffer, | ||
| sizeof(ram_buffer), | ||
| (uint8_t *)N_appdata.buffer, | ||
| sizeof(N_appdata.buffer)); |
Check notice
Code scanning / CodeQL
Sizeof with side effects Note
| switch (kind) { | ||
| case addr_secp256k1: | ||
| err = crypto_fillAddress(G_io_apdu_buffer, IO_APDU_BUFFER_SIZE - 2, &action_addrResponseLen); | ||
| break; | ||
| default: | ||
| break; | ||
| } |
Check notice
Code scanning / CodeQL
No trivial switch statements Note
| uint16_t object_token_index, | ||
| const char *key_name, | ||
| uint16_t *token_index) { | ||
| if (object_token_index < 0 || object_token_index > json->numberOfTokens) { |
Check warning
Code scanning / CodeQL
Comparison result is always the same Warning
| // Now count how many items can be found in this root item | ||
| int16_t current_item_idx = 0; | ||
| while (err == parser_ok) { | ||
| INIT_QUERY_CONTEXT(tmp_key, sizeof(tmp_key), |
Check warning
Code scanning / CodeQL
Local variable address stored in non-local memory Warning
| INIT_QUERY_CONTEXT(tmp_key, sizeof(tmp_key), | ||
| tmp_val, sizeof(tmp_val), |
Check warning
Code scanning / CodeQL
Local variable address stored in non-local memory Warning
| char outKey[2]; | ||
| char outVal[COIN_MAX_CHAINID_LEN]; | ||
| uint8_t pageCount; | ||
| INIT_QUERY_CONTEXT(outKey, sizeof(outKey), |
Check warning
Code scanning / CodeQL
Local variable address stored in non-local memory Warning
| INIT_QUERY_CONTEXT(outKey, sizeof(outKey), | ||
| outVal, sizeof(outVal), |
Check warning
Code scanning / CodeQL
Local variable address stored in non-local memory Warning
| switch (G_io_apdu_buffer[OFFSET_INS]) { | ||
| case INS_GET_VERSION: { | ||
| handleGetVersion(tx); | ||
| break; | ||
| } | ||
|
|
||
| // INS_PUBLIC_KEY_SECP256K1 will be deprecated in the near future | ||
| case INS_PUBLIC_KEY_SECP256K1: { | ||
| handleGetUncompressedPubKey(tx, rx); | ||
| break; | ||
| } | ||
|
|
||
| case INS_SHOW_ADDR_SECP256K1: { | ||
| handleGetAddrSecp256K1(flags, tx, rx, true); | ||
| break; | ||
| } | ||
|
|
||
| case INS_GET_ADDR_SECP256K1: { | ||
| handleGetAddrSecp256K1(flags, tx, rx, false); | ||
| break; | ||
| } | ||
|
|
||
| case INS_SIGN_SECP256K1: { | ||
| handleSignSecp256K1(flags, tx, rx); | ||
| break; | ||
| } | ||
|
|
||
| #ifdef TESTING_ENABLED | ||
| case INS_HASH_TEST: { | ||
| if (process_chunk(rx, false)) { | ||
| uint8_t message_digest[CX_SHA256_SIZE]; | ||
|
|
||
| cx_hash_sha256(tx_get_buffer(), | ||
| tx_get_buffer_length(), | ||
| message_digest, | ||
| CX_SHA256_SIZE); | ||
|
|
||
| memmove(G_io_apdu_buffer, message_digest, CX_SHA256_SIZE); | ||
| *tx += 32; | ||
| } | ||
| THROW(APDU_CODE_OK); | ||
| } | ||
| break; | ||
| case INS_PUBLIC_KEY_SECP256K1_TEST: { | ||
| // Generate key | ||
| uint8_t raw_pubkey[65]; | ||
| if(bip32_derive_get_pubkey_256(CX_CURVE_256K1, | ||
| hdPath, | ||
| HDPATH_LEN_DEFAULT, | ||
| raw_pubkey, | ||
| NULL, | ||
| CX_SHA512) != CX_OK) | ||
| { | ||
| THROW(APDU_CODE_CONDITIONS_NOT_SATISFIED); | ||
| } | ||
|
|
||
| memmove(G_io_apdu_buffer, raw_pubkey, 65); | ||
| *tx += 65; | ||
|
|
||
| THROW(APDU_CODE_OK); | ||
| } | ||
| break; | ||
| case INS_SIGN_SECP256K1_TEST: { | ||
| if (process_chunk(rx, false)) { | ||
| size_t length = (size_t) IO_APDU_BUFFER_SIZE; | ||
|
|
||
| // Skip UI and validation | ||
| sign_secp256k1(tx_get_buffer(), | ||
| tx_get_buffer_length(), | ||
| G_io_apdu_buffer, | ||
| &length); | ||
|
|
||
| *tx += length; | ||
| } | ||
| THROW(APDU_CODE_OK); | ||
| } | ||
| break; | ||
| #endif | ||
|
|
||
| default: | ||
| THROW(APDU_CODE_INS_NOT_SUPPORTED); | ||
| } |
Check notice
Code scanning / CodeQL
Long switch case Note
No description provided.