From 23726f6201a153cbbe74e4d477b5682d0f4bd77b Mon Sep 17 00:00:00 2001 From: ftheirs Date: Sat, 7 May 2022 18:25:39 -0300 Subject: [PATCH] check size and bump version --- app/Makefile | 2 +- deps/tinycbor/src/cborparser.c | 11 +++++++++++ tests_zemu/snapshots/s-mainmenu/00004.png | Bin 420 -> 427 bytes tests_zemu/snapshots/s-mainmenu/00010.png | Bin 420 -> 427 bytes tests_zemu/snapshots/sp-mainmenu/00004.png | Bin 368 -> 363 bytes tests_zemu/snapshots/sp-mainmenu/00010.png | Bin 368 -> 363 bytes tests_zemu/snapshots/x-mainmenu/00004.png | Bin 368 -> 363 bytes tests_zemu/snapshots/x-mainmenu/00010.png | Bin 368 -> 363 bytes 8 files changed, 12 insertions(+), 1 deletion(-) diff --git a/app/Makefile b/app/Makefile index 0dc93199..c3e6444b 100755 --- a/app/Makefile +++ b/app/Makefile @@ -56,7 +56,7 @@ endif APPVERSION_M=2 APPVERSION_N=0 -APPVERSION_P=5 +APPVERSION_P=6 $(info COIN = [$(COIN)]) diff --git a/deps/tinycbor/src/cborparser.c b/deps/tinycbor/src/cborparser.c index 98881ae3..766693b1 100644 --- a/deps/tinycbor/src/cborparser.c +++ b/deps/tinycbor/src/cborparser.c @@ -391,6 +391,16 @@ uint64_t _cbor_value_decode_int64_internal(const CborValue *value) */ CborError cbor_parser_init(const uint8_t *buffer, size_t size, uint32_t flags, CborParser *parser, CborValue *it) { + #ifdef __SIZEOF_INT128__ + if ((UINT64_MAX - (uint64_t) buffer < (uint64_t) size)) { + return CborErrorUnknownLength; + } + #else + if (((uint64_t) size + (uint64_t) buffer) > UINT32_MAX) { + return CborErrorUnknownLength; + } + #endif + memset(parser, 0, sizeof(*parser)); parser->end = buffer + size; parser->flags = flags; @@ -398,6 +408,7 @@ CborError cbor_parser_init(const uint8_t *buffer, size_t size, uint32_t flags, C it->ptr = buffer; it->remaining = 1; /* there's one type altogether, usually an array or map */ it->flags = 0; + return preparse_value(it); } diff --git a/tests_zemu/snapshots/s-mainmenu/00004.png b/tests_zemu/snapshots/s-mainmenu/00004.png index e3d35532cea59ac8900053a70b44bff97af6ca63..c378ac7ae1b236473814907992d033270e067d8c 100644 GIT binary patch delta 401 zcmV;C0dD@J1FHj&B!6;AL_t(|ob8#xl7uh_L~(29|3BD+d&n+@1Y%gDk(qucD4w=FAU`~7PGJw@l7v*U3o-jGK!E7~!ZN_i zcP?g>*4{WMm<8J(l>zEShVcrL4=7a5qV(LWv^Rj~Ob^V+_v*}C1?ySms4zgy9eP0c zvyD*ntQ3n>L4UGKLsln11@!OiEvb7!(H$O7unhH%9W~ymMcX#dY%eA!!Cp|~jp=Ze zYGID5Tr;arH@ykVEFPG%ykX|AH1pcg%t=e?hIT4u8<11Af!y1SYq!-3hv!M=1E;31 v3L1j>`EYkHPIYUpY6JiP0001h$MXZ3#LNeS$q9)7015yANkvXXu0mjfbRWLy delta 394 zcmV;50d@YX1Ed3xB!6p3L_t(|ob8#-5`!=Zgt1fK|A9T&Ls|w2#KgZ8-S6Zi#5%hK zBP9X=002&8o@kzo>z%i{1@GPu(8w_Meu9JPYJkk;r0hJ=Fn-7RLIsepfdk}-T=@5f zy}JD}ODUBlGAazmcy~~%k_SP!WCx^_lv!Djo3gZ3S??_jrGGn9XF%(FuU?39q_QfY zzN>U9K}`;s!TDfJd#*Bo)lnCzG3uk5JtN;%55d1jjdVQK6I6~35OSE&{z zPOe0B(U-8y;=|K6_+K>r+R@BrOK!1;dK(Zqc@N>*W?Z?gmRKz*!E279?j?NEPFH`+ ocpVP!8E#|)00000z|;5uq?^PL=A-K-00000NkvXXt^-0~f_Tcd_y7O^ diff --git a/tests_zemu/snapshots/s-mainmenu/00010.png b/tests_zemu/snapshots/s-mainmenu/00010.png index e3d35532cea59ac8900053a70b44bff97af6ca63..c378ac7ae1b236473814907992d033270e067d8c 100644 GIT binary patch delta 401 zcmV;C0dD@J1FHj&B!6;AL_t(|ob8#xl7uh_L~(29|3BD+d&n+@1Y%gDk(qucD4w=FAU`~7PGJw@l7v*U3o-jGK!E7~!ZN_i zcP?g>*4{WMm<8J(l>zEShVcrL4=7a5qV(LWv^Rj~Ob^V+_v*}C1?ySms4zgy9eP0c zvyD*ntQ3n>L4UGKLsln11@!OiEvb7!(H$O7unhH%9W~ymMcX#dY%eA!!Cp|~jp=Ze zYGID5Tr;arH@ykVEFPG%ykX|AH1pcg%t=e?hIT4u8<11Af!y1SYq!-3hv!M=1E;31 v3L1j>`EYkHPIYUpY6JiP0001h$MXZ3#LNeS$q9)7015yANkvXXu0mjfbRWLy delta 394 zcmV;50d@YX1Ed3xB!6p3L_t(|ob8#-5`!=Zgt1fK|A9T&Ls|w2#KgZ8-S6Zi#5%hK zBP9X=002&8o@kzo>z%i{1@GPu(8w_Meu9JPYJkk;r0hJ=Fn-7RLIsepfdk}-T=@5f zy}JD}ODUBlGAazmcy~~%k_SP!WCx^_lv!Djo3gZ3S??_jrGGn9XF%(FuU?39q_QfY zzN>U9K}`;s!TDfJd#*Bo)lnCzG3uk5JtN;%55d1jjdVQK6I6~35OSE&{z zPOe0B(U-8y;=|K6_+K>r+R@BrOK!1;dK(Zqc@N>*W?Z?gmRKz*!E279?j?NEPFH`+ ocpVP!8E#|)00000z|;5uq?^PL=A-K-00000NkvXXt^-0~f_Tcd_y7O^ diff --git a/tests_zemu/snapshots/sp-mainmenu/00004.png b/tests_zemu/snapshots/sp-mainmenu/00004.png index c7941ec3ecc7c9802513f2c4517d282b4d7ecff2..a9f5a112d39e281860bc0191cc2150b6007deb8e 100644 GIT binary patch delta 336 zcmeys^qOgcO1+V%i(^Q|oVPb)g$^n3xCNHn;rtyR^z9L|vhczsx2~yOsh(%`$Ks6m z8r@|q3<#j-<>Inr|Gl4qn=2~xA9z@%zgMl%&13u$r+2c;Kv7mvqmQ zSeQ`$o>gac;H#9&)uCNhXmHa{%lhp?;B>B$A!jMPM#OlkuzRX)++kZcZa8LT}QQx z&Vh~XHs4-v@!Z|PYLK(y_=`On9W%KM-cMYv_@Z#jzvrvB#2Ed(FiU#7#@3?}Hm{fv cK4++Z#QEp-BO|Tg;H4l@Pgg&ebxsLQ0E7aV*8l(j delta 341 zcmaFO^nq!DO1-(Ki(^Q|oVPb)`I;33+yZZvsK2TA+&tZG!X!nBOD6yIXS8_FgrNdN;M6 zQSI48)1_TA-!JOuUvPi%mU;HI$u~Z2VJ(O}cC};{^G}Iym(tfBS-Uw-?9tvkO24|! zOz`|~(!9d+f6A2u!v2c>fB36kJ+9r+lid81t#9j{H{ZKATrZfN_%S3x@P5neE05ZD zxF2DX*?rQuer}ncc$M+G?c3!3Zg0#`y2m)}bzY?(%UInr|Gl4qn=2~xA9z@%zgMl%&13u$r+2c;Kv7mvqmQ zSeQ`$o>gac;H#9&)uCNhXmHa{%lhp?;B>B$A!jMPM#OlkuzRX)++kZcZa8LT}QQx z&Vh~XHs4-v@!Z|PYLK(y_=`On9W%KM-cMYv_@Z#jzvrvB#2Ed(FiU#7#@3?}Hm{fv cK4++Z#QEp-BO|Tg;H4l@Pgg&ebxsLQ0E7aV*8l(j delta 341 zcmaFO^nq!DO1-(Ki(^Q|oVPb)`I;33+yZZvsK2TA+&tZG!X!nBOD6yIXS8_FgrNdN;M6 zQSI48)1_TA-!JOuUvPi%mU;HI$u~Z2VJ(O}cC};{^G}Iym(tfBS-Uw-?9tvkO24|! zOz`|~(!9d+f6A2u!v2c>fB36kJ+9r+lid81t#9j{H{ZKATrZfN_%S3x@P5neE05ZD zxF2DX*?rQuer}ncc$M+G?c3!3Zg0#`y2m)}bzY?(%UInr|Gl4qn=2~xA9z@%zgMl%&13u$r+2c;Kv7mvqmQ zSeQ`$o>gac;H#9&)uCNhXmHa{%lhp?;B>B$A!jMPM#OlkuzRX)++kZcZa8LT}QQx z&Vh~XHs4-v@!Z|PYLK(y_=`On9W%KM-cMYv_@Z#jzvrvB#2Ed(FiU#7#@3?}Hm{fv cK4++Z#QEp-BO|Tg;H4l@Pgg&ebxsLQ0E7aV*8l(j delta 341 zcmaFO^nq!DO1-(Ki(^Q|oVPb)`I;33+yZZvsK2TA+&tZG!X!nBOD6yIXS8_FgrNdN;M6 zQSI48)1_TA-!JOuUvPi%mU;HI$u~Z2VJ(O}cC};{^G}Iym(tfBS-Uw-?9tvkO24|! zOz`|~(!9d+f6A2u!v2c>fB36kJ+9r+lid81t#9j{H{ZKATrZfN_%S3x@P5neE05ZD zxF2DX*?rQuer}ncc$M+G?c3!3Zg0#`y2m)}bzY?(%UInr|Gl4qn=2~xA9z@%zgMl%&13u$r+2c;Kv7mvqmQ zSeQ`$o>gac;H#9&)uCNhXmHa{%lhp?;B>B$A!jMPM#OlkuzRX)++kZcZa8LT}QQx z&Vh~XHs4-v@!Z|PYLK(y_=`On9W%KM-cMYv_@Z#jzvrvB#2Ed(FiU#7#@3?}Hm{fv cK4++Z#QEp-BO|Tg;H4l@Pgg&ebxsLQ0E7aV*8l(j delta 341 zcmaFO^nq!DO1-(Ki(^Q|oVPb)`I;33+yZZvsK2TA+&tZG!X!nBOD6yIXS8_FgrNdN;M6 zQSI48)1_TA-!JOuUvPi%mU;HI$u~Z2VJ(O}cC};{^G}Iym(tfBS-Uw-?9tvkO24|! zOz`|~(!9d+f6A2u!v2c>fB36kJ+9r+lid81t#9j{H{ZKATrZfN_%S3x@P5neE05ZD zxF2DX*?rQuer}ncc$M+G?c3!3Zg0#`y2m)}bzY?(%U