Skip to content

Security review 1.21.0#947

Closed
bboilot-ledger wants to merge 132 commits into
masterfrom
develop
Closed

Security review 1.21.0#947
bboilot-ledger wants to merge 132 commits into
masterfrom
develop

Conversation

@bboilot-ledger
Copy link
Copy Markdown
Contributor

@bboilot-ledger bboilot-ledger commented Feb 10, 2026

Description

Please provide a detailed description of what was done in this PR.
(And mentioned if linked to an issue docs)

Changes include

  • Bugfix (non-breaking change that solves an issue)
  • New feature (non-breaking change that adds functionality)
  • Breaking change (change that is not backwards-compatible and/or changes current functionality)
  • Tests
  • Documentation
  • Other (for changes that might not fit in any category)

Breaking changes

Please complete this section if any breaking changes have been made, otherwise delete it.

Additional comments

Please post additional comments in this section if you have them, otherwise delete it.

apaillier-ledger and others added 30 commits December 10, 2025 15:32
@apaillier-ledger
Changed from camelCase to snake_case in eth_plugin_handler
f165932
@apaillier-ledger
Now sets the parameter size for the plugins
7e2ff0a
@apaillier-ledger
Updated ERC-20 Ragger tests
bd4a8cd
@apaillier-ledger
Adapted ERC-20 internal plugin to use the parameter size
6adcfba
@apaillier-ledger
Updated Ragger tests snapshots
b1491eb
@apaillier-ledger
Replaced some memset calls by explicit_bzero
09861d7
@apaillier-ledger
Replaced some hardcoded values by macros
6eda733
@apaillier-ledger
Merge pull request #919 from LedgerHQ/fix/apa/erc20_extra_data_length
cb0d09a 
Fix ERC-20 extra data length computation
@apaillier-ledger
Fixed debug contracts setting impacting GCS flows
1769c6d 
Ignored during GCS, was causing a SIGSEGV.
@apaillier-ledger
Merge pull request #921 from LedgerHQ/fix/apa/gcs_with_debug_contract…
b2e3016 
…s_setting

Fixed debug contracts setting impacting GCS flows
@apaillier-ledger
Merge remote-tracking branch 'origin/master' into develop
e5b7ac9
@apaillier-ledger
Moved array of internal plugins to eth_plugin_handler.c
5331051
@apaillier-ledger
Removed need for NULL entry at the end of the internal plugins array
663084c
@apaillier-ledger
Removed unused internal plugin available check
4775fab
@apaillier-ledger
Moved more global variables into the internal plugins
d4764d6
@apaillier-ledger
Added ETH2 test
8877cf4
@apaillier-ledger
Added an address matching into the internal plugin matching loop
7738785
@apaillier-ledger
Changed to proper type in internal plugins "entrypoint" call function
5e2b9a4
@apaillier-ledger
Merge pull request #923 from LedgerHQ/ref/apa/internal_plugins
9b13e68 
Internal plugins refactoring
@apaillier-ledger
Increased plugin's value length to 100 bytes
666571d 
Required to fully display 48-byte public keys
@apaillier-ledger
Implemented EIP-7002 as a new internal plugin
60589f3
@apaillier-ledger
Added EIP-7002 Ragger tests
b9e1c4a
@cedelavergne-ledger
B2CA-2207: Support Gated signing (#903)
7985d34 
* Update linter cfg

* Fix linter

* Add gating support to python client

* Refactor EIP712 return error codes

* Add gating support

* Adapt UI to Gated Signing

* Adapt ragger tests

* Add new snapshots

* Replace all Blind Signind screens by the Gated version

* Align snapshots to new Blind Signing wording
@apaillier-ledger
Merge pull request #924 from LedgerHQ/feat/apa/eip7002_support
e9226b3 
EIP-7002 support
@apaillier-ledger
Changed strlcat to strlcpy in EIP-7002 internal plugin
ca71eb9
@apaillier-ledger
Removed useless call to GET_ETH2_PK from EIP-7002 Ragger tests
5082062
@apaillier-ledger
Changed to more realistic TX value in EIP-7002 Ragger tests
195e01d
@apaillier-ledger
Merge pull request #926 from LedgerHQ/clean/apa/eip7002
e9ca5d0 
EIP-7002 small cleanup
@cedelavergne-ledger
Adapt generic fuzzer (#910)
5c7d0fe 
* Cleanup sources

- Remove useless header file
- Fix bit-field init
- Fix parameters casting

* Migrate to Generic Fuzzer
@apaillier-ledger
Implemented EIP-7251 as a new internal plugin
4b13973
apaillier-ledger and others added 17 commits February 6, 2026 11:23
@apaillier-ledger
Added more error handling in EIP-712's path_set_root function
c947671
@apaillier-ledger
Added network field in EIP-712 filtered flow
41e2af1
@apaillier-ledger
Updated Ragger tests snapshots
3faf79b
@apaillier-ledger
Merge pull request #944 from LedgerHQ/feat/apa/eip712_show_network
d39bfc6 
EIP-712 filtered flow - show network
@cedelavergne-ledger
Add helper function to get current tx chain_id
90ce5a8
@cedelavergne-ledger
Add CHAIN_ID container path
86dd415
@cedelavergne-ledger
Add NETWORK formatter
2494d77
@cedelavergne-ledger
Add support for field visibility
58ce008
@cedelavergne-ledger
Apply visibility to PARAM_TYPE_RAW (uint, addr, bytes)
60adec6
@cedelavergne-ledger
Apply visibility to PARAM_TYPE_TRUSTED_NAME (address)
841fb63
@cedelavergne-ledger
Fix linter
aab647a
@cedelavergne-ledger
Update client
5887077 
- Add support for 'CHAIN_ID container path'
- Add support for 'NETWORK formatter'
- Add support for 'VISIBILE & CONSTRAINTS'
@cedelavergne-ledger
Add GCS tests
4ffac91 
- CHAIN_ID container path
- NETWORK formatter
- VISIBILE & CONSTRAINTS
@cedelavergne-ledger
Add new snapshots
e312834
@cedelavergne-ledger
Update unit-test framework
44cc63a 
- Add workflow
- Remove unused demo
- Add coverage script
- Add Unit Tests for NETWORK formatter
- Add Unit Tests for PARAM_TRUSTED_NAME
- Add Unit Tests for PARAM_RAW
- Add Unit Tests for CONSTRAINTS
@cedelavergne-ledger
Align fuzzer
40f5f03
@cedelavergne-ledger
Merge pull request #935 from LedgerHQ/cev/B2CA-2477_formatters
ea79f77 
B2CA-2477: Add new formatters
@ledger-wiz-cspm-secret-detection
Copy link
Copy Markdown

ledger-wiz-cspm-secret-detection Bot commented Feb 10, 2026
edited
Loading

Wiz Scan Summary

Scanner Findings
Data Finding Sensitive Data -
Secret Finding Secrets -
IaC Misconfiguration IaC Misconfigurations 1 High 1 Medium 1 Info
SAST Finding SAST Findings -
Software Management Finding Software Management Findings -
Total 1 High 1 Medium 1 Info

View scan details in Wiz

To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension.

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Feb 10, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 51.83246% with 184 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (master@8279286). Learn more about missing BASE report.

Files with missing lines Patch % Lines
src/list.c 7.97% 127 Missing ⚠️
src/features/generic_tx_parser/gtp_param_network.c 50.00% 22 Missing ⚠️
src/features/generic_tx_parser/gtp_field.c 64.81% 19 Missing ⚠️
src/features/generic_tx_parser/gtp_value.c 9.09% 10 Missing ⚠️
src/features/generic_tx_parser/gtp_param_raw.c 96.42% 3 Missing ⚠️
...eatures/generic_tx_parser/gtp_param_trusted_name.c 94.11% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff            @@
##             master     #947   +/-   ##
=========================================
  Coverage          ?   51.60%           
=========================================
  Files             ?       17           
  Lines             ?     1771           
  Branches          ?      232           
=========================================
  Hits              ?      914           
  Misses            ?      856           
  Partials          ?        1
Flag Coverage Δ
unittests 51.60% <51.83%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@bboilot-ledger bboilot-ledger changed the title Security review 1.20.1 Security review 1.21.0 Feb 10, 2026
bboilot-ledger
bboilot-ledger commented Feb 11, 2026
View reviewed changes
Comment thread tests/unit/mocks/field_validation_mocks.c
Comment thread src/plugins/erc20/erc20_plugin.c Outdated
Comment thread src/plugins/eip7251/eip7251_plugin.c Outdated
Comment thread src/plugins/eip7251/eip7251_plugin.c
Comment thread src/plugins/eip7002/eip7002_plugin.c Outdated
Comment thread src/plugins/eth2/eth2_plugin.c
} eth2_deposit_parameters_t;

void eth2_plugin_call(int message, void *parameters) {
void eth2_plugin_call(eth_plugin_msg_t message, void *parameters) {
Copy link
Copy Markdown
Contributor Author

@bboilot-ledger bboilot-ledger Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

msg->parameter must be checked based on parameterOffset and parameter_size

Comment thread src/plugins/swap_with_calldata/swap_with_calldata_plugin.c
void swap_with_calldata_plugin_call(int message, void *parameters) {
void swap_with_calldata_plugin_call(eth_plugin_msg_t message, void *parameters) {
switch (message) {
case ETH_PLUGIN_INIT_CONTRACT:
Copy link
Copy Markdown
Contributor Author

@bboilot-ledger bboilot-ledger Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

msg->parameter must be checked based on parameterOffset and parameter_size

Comment thread src/features/generic_tx_parser/gtp_param_trusted_name.c
Comment thread src/features/generic_tx_parser/gtp_param_raw.c
Comment thread src/features/generic_tx_parser/gtp_param_calldata.c Outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cedelavergne-ledger cedelavergne-ledger cedelavergne-ledger left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bboilot-ledger @codecov-commenter @cedelavergne-ledger @apaillier-ledger