Improve error-handling of chain ID when parsing APDUs

LedgerHQ · Feb 5, 2024 · 63a0bef · 63a0bef
1 parent 0f9bec8
commit 63a0bef
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/src_features/provideErc20TokenInformation/cmd_provideTokenInfo.c b/src_features/provideErc20TokenInformation/cmd_provideTokenInfo.c
@@ -3,6 +3,7 @@
 #include "public_keys.h"
 #include "common_ui.h"
 #include "os_io_seproxyhal.h"
+#include "network.h"
 
 #ifdef HAVE_CONTRACT_NAME_IN_DESCRIPTOR
 
@@ -111,7 +112,7 @@ void handleProvideErc20TokenInformation(uint8_t p1,
     UNUSED(tx);
     uint32_t offset = 0;
     uint8_t tickerLength;
-    uint32_t chainId;
+    uint64_t chain_id;
     uint8_t hash[INT256_LENGTH];
     cx_ecfp_public_key_t tokenKey;
 
@@ -141,12 +142,15 @@ void handleProvideErc20TokenInformation(uint8_t p1,
     memmove(token->address, workBuffer + offset, 20);
     offset += 20;
     dataLength -= 20;
+    // TODO: Handle 64-bit long chain IDs
     token->decimals = U4BE(workBuffer, offset);
     offset += 4;
     dataLength -= 4;
-    chainId = U4BE(workBuffer, offset);
-    if ((chainConfig->chainId != ETHEREUM_MAINNET_CHAINID) && (chainConfig->chainId != chainId)) {
-        PRINTF("ChainId token mismatch: %d vs %d\n", chainConfig->chainId, chainId);
+    chain_id = U4BE(workBuffer, offset);
+    if ((chainConfig->chainId != chain_id) &&
+        (!chain_is_ethereum_compatible(&chainConfig->chainId) ||
+         !chain_is_ethereum_compatible(&chain_id))) {
+        PRINTF("ChainId token mismatch: %d vs %d\n", chainConfig->chainId, chain_id);
         THROW(0x6A80);
     }
     offset += 4;

diff --git a/src_features/provideNFTInformation/cmd_provideNFTInfo.c b/src_features/provideNFTInformation/cmd_provideNFTInfo.c
@@ -130,7 +130,9 @@ void handleProvideNFTInformation(uint8_t p1,
     // this prints raw data, so to have a more meaningful print, display
     // the buffer before the endianness swap
     PRINTF("ChainID: %.*H\n", sizeof(chain_id), (workBuffer + offset));
-    if (!chain_is_ethereum_compatible(&chain_id)) {
+    if ((chainConfig->chainId != chain_id) &&
+        (!chain_is_ethereum_compatible(&chainConfig->chainId) ||
+         !chain_is_ethereum_compatible(&chain_id))) {
         PRINTF("Unsupported chain ID!\n");
         THROW(APDU_RESPONSE_INVALID_DATA);
     }

diff --git a/src_features/setPlugin/cmd_setPlugin.c b/src_features/setPlugin/cmd_setPlugin.c
@@ -159,7 +159,9 @@ void handleSetPlugin(uint8_t p1,
     // this prints raw data, so to have a more meaningful print, display
     // the buffer before the endianness swap
     PRINTF("ChainID: %.*H\n", sizeof(chain_id), (workBuffer + offset));
-    if (!chain_is_ethereum_compatible(&chain_id)) {
+    if ((chainConfig->chainId != chain_id) &&
+        (!chain_is_ethereum_compatible(&chainConfig->chainId) ||
+         !chain_is_ethereum_compatible(&chain_id))) {
         PRINTF("Unsupported chain ID!\n");
         THROW(APDU_RESPONSE_INVALID_DATA);
     }