proof fixes

abenso · abenso · commit 776c51bcb3e0 · 2025-04-18T13:24:16.000-03:00
diff --git a/app/src/schema_proof.c b/app/src/schema_proof.c
@@ -85,6 +85,9 @@ parser_error_t compute_tree_size(uint32_t num_right_siblings, uint32_t index_of_
 
     while (remaining_right_siblings > 0) {
         if ((index_of_final_node & mask) == 0) {
+            if (index_of_final_node > UINT32_MAX - mask) {
+                return parser_value_out_of_range;
+            }
             index_of_final_node |= mask;
             remaining_right_siblings--;
         }
@@ -128,6 +131,10 @@ static parser_error_t hash_leaf(proof_t *proof) {
 // Declaring array sizes as static will trigger a warning if the user pass an array smaller than the size
 static parser_error_t merge_branches(const uint8_t left[CX_SHA256_SIZE], const uint8_t right[CX_SHA256_SIZE],
                                      uint8_t output[CX_SHA256_SIZE]) {
+    CHECK_INPUT(left);
+    CHECK_INPUT(right);
+    CHECK_INPUT(output);
+
     bytes_t buffer_left = {0};
     buffer_left.ptr = left;
     buffer_left.len = CX_SHA256_SIZE;
@@ -183,7 +190,12 @@ static parser_error_t check_range_proof_inner(proof_t *proof, uint32_t start_ind
         if (proof->lemmas_ctx.last_index < 0) {
             return parser_value_out_of_range;
         }
-        right = proof->lemmas_ctx.lemmas.data.buffer.ptr + CX_SHA256_SIZE * proof->lemmas_ctx.last_index;
+        uint32_t offset = CX_SHA256_SIZE * proof->lemmas_ctx.last_index;
+        if (offset >= proof->lemmas_ctx.lemmas.data.buffer.len) {
+            return parser_value_out_of_range;
+        }
+
+        right = proof->lemmas_ctx.lemmas.data.buffer.ptr + offset;
         proof->lemmas_ctx.last_index--;
 
         buffer_right.ptr = right;
@@ -207,10 +219,14 @@ static parser_error_t check_range_proof_inner(proof_t *proof, uint32_t start_ind
             left = proof->hash;
         }
     } else {
-        left = proof->lemmas_ctx.lemmas.data.buffer.ptr + CX_SHA256_SIZE * proof->lemmas_ctx.last_index;
         if (proof->lemmas_ctx.last_index < 0) {
             return parser_value_out_of_range;
         }
+        uint32_t offset = CX_SHA256_SIZE * proof->lemmas_ctx.last_index;
+        if (offset >= proof->lemmas_ctx.lemmas.data.buffer.len) {
+            return parser_value_out_of_range;
+        }
+        left = proof->lemmas_ctx.lemmas.data.buffer.ptr + offset;
         proof->lemmas_ctx.last_index--;
 
         buffer_left.ptr = left;
@@ -277,10 +293,14 @@ static parser_error_t get_hash_single_proof(uint32_t index, proof_t *proof) {
  * @return parser_error_t Error code indicating the result of the operation.
  */
 parser_error_t get_root_hash(const merkle_proof_t *metadata, uint8_t metadataDigest[CX_SHA256_SIZE]) {
+    CHECK_INPUT(metadata);
+    CHECK_INPUT(metadataDigest);
+
     proof_t proof = {0};
     proof.leaves = metadata->leaves;
     proof.lemmas_ctx = metadata->lemmas_ctx;
     proof.indices = metadata->indices;
+    MEMSET(proof.hash, 0, CX_SHA256_SIZE);
 
     print_buffer(&proof.leaves.data.buffer, "leaves data");
     print_u32("leaves.qty:", proof.leaves.entries);
@@ -301,6 +321,11 @@ parser_error_t get_root_hash(const merkle_proof_t *metadata, uint8_t metadataDig
 
 parser_error_t verify_merkle_proofs(const merkle_proof_t *metadata) {
     CHECK_INPUT(metadata);
+    CHECK_INPUT(metadata->root_hash.ptr);
+
+    if (metadata->root_hash.len < CX_SHA256_SIZE) {
+        return parser_unexpected_buffer_end;
+    }
 
     uint8_t root_hash[CX_SHA256_SIZE] = {0};
     CHECK_ERROR(get_root_hash(metadata, root_hash));
