From 28aa044f54bd0ce3f47cd7167c1b432e618f9968 Mon Sep 17 00:00:00 2001 From: Shahul Hameed <10547529+shahthepro@users.noreply.github.com> Date: Thu, 21 Mar 2024 20:22:04 +0530 Subject: [PATCH 1/4] Fix leftovers from audit --- src/handle_provide_parameter.c | 56 +++++++++++++++---- src/plugin.h | 2 + .../.ethereum_application_build_goes_there | 0 3 files changed, 48 insertions(+), 10 deletions(-) delete mode 100644 tests/ethereum_build/.ethereum_application_build_goes_there diff --git a/src/handle_provide_parameter.c b/src/handle_provide_parameter.c index 36284f28..2334d9b3 100644 --- a/src/handle_provide_parameter.c +++ b/src/handle_provide_parameter.c @@ -24,13 +24,21 @@ static void handle_token_sent(ethPluginProvideParameter_t *msg, context_t *conte printf_hex_array("TOKEN SENT: ", ADDRESS_LENGTH, context->contract_address_sent); } -static void handle_token_sent_curve_pool(ethPluginProvideParameter_t *msg, context_t *context) { +static bool handle_token_sent_curve_pool(ethPluginProvideParameter_t *msg, context_t *context) { memset(context->contract_address_sent, 0, sizeof(context->contract_address_sent)); bool is_oeth = memcmp(CURVE_OETH_POOL_ADDRESS, msg->pluginSharedRO->txContent->destination, ADDRESS_LENGTH) == 0; + // Ensure the everything but the last 2 bits are zero + for (uint32_t i = 2; i <= INT128_LENGTH / 2; i++) { + if (U2BE(msg->parameter, PARAMETER_LENGTH - (2 * i)) != 0) { + PRINTF("Unsupported Token\n"); + return false; + } + } + if (is_oeth) { switch (U2BE(msg->parameter, PARAMETER_LENGTH - 2)) { case 0: @@ -41,7 +49,7 @@ static void handle_token_sent_curve_pool(ethPluginProvideParameter_t *msg, conte break; default: PRINTF("Param not supported\n"); - break; + return false; } } else { switch (U2BE(msg->parameter, PARAMETER_LENGTH - 2)) { @@ -59,11 +67,13 @@ static void handle_token_sent_curve_pool(ethPluginProvideParameter_t *msg, conte break; default: PRINTF("Param not supported\n"); - break; + return false; } } printf_hex_array("TOKEN SENT: ", ADDRESS_LENGTH, context->contract_address_sent); + + return true; } static void handle_token_received(ethPluginProvideParameter_t *msg, context_t *context) { @@ -75,13 +85,21 @@ static void handle_token_received(ethPluginProvideParameter_t *msg, context_t *c printf_hex_array("TOKEN RECEIVED: ", ADDRESS_LENGTH, context->contract_address_received); } -static void handle_token_received_curve_pool(ethPluginProvideParameter_t *msg, context_t *context) { +static bool handle_token_received_curve_pool(ethPluginProvideParameter_t *msg, context_t *context) { memset(context->contract_address_received, 0, sizeof(context->contract_address_received)); bool is_oeth = memcmp(CURVE_OETH_POOL_ADDRESS, msg->pluginSharedRO->txContent->destination, ADDRESS_LENGTH) == 0; + // Ensure the everything but the last 2 bits are zero + for (uint32_t i = 2; i <= INT128_LENGTH / 2; i++) { + if (U2BE(msg->parameter, PARAMETER_LENGTH - (2 * i)) != 0) { + PRINTF("Unsupported Token\n"); + return false; + } + } + // determine token addresses of curve pools based on contract address and // value of i/j params if (is_oeth) { @@ -94,6 +112,7 @@ static void handle_token_received_curve_pool(ethPluginProvideParameter_t *msg, c break; default: PRINTF("Param not supported\n"); + return false; break; } } else { @@ -112,10 +131,14 @@ static void handle_token_received_curve_pool(ethPluginProvideParameter_t *msg, c break; default: PRINTF("Param not supported\n"); + return false; break; } } + printf_hex_array("TOKEN RECEIVED: ", ADDRESS_LENGTH, context->contract_address_received); + + return true; } // deposit(uint256,address) @@ -221,12 +244,18 @@ static void handle_vault_redeem(ethPluginProvideParameter_t *msg, context_t *con static void handle_curve_pool_exchange(ethPluginProvideParameter_t *msg, context_t *context) { switch (context->next_param) { case TOKEN_SENT: - handle_token_sent_curve_pool(msg, context); - context->next_param = TOKEN_RECEIVED; + if (handle_token_sent_curve_pool(msg, context)) { + context->next_param = TOKEN_RECEIVED; + } else { + context->next_param = UNEXPECTED_PARAMETER; + } break; case TOKEN_RECEIVED: - handle_token_received_curve_pool(msg, context); - context->next_param = AMOUNT_SENT; + if (handle_token_received_curve_pool(msg, context)) { + context->next_param = AMOUNT_SENT; + } else { + context->next_param = UNEXPECTED_PARAMETER; + } break; case AMOUNT_SENT: handle_amount_sent(msg, context); @@ -250,8 +279,15 @@ static void handle_curve_pool_exchange(ethPluginProvideParameter_t *msg, context static void handle_curve_router_exchange(ethPluginProvideParameter_t *msg, context_t *context) { switch (context->next_param) { case TOKEN_SENT: - handle_token_sent(msg, context); - context->next_param = TOKEN_RECEIVED; + if (memcmp(&msg->parameter[PARAMETER_LENGTH - ADDRESS_LENGTH], + NULL_ETH_ADDRESS, + ADDRESS_LENGTH) == 0) { + // First token in the route cannot be null + msg->result = ETH_PLUGIN_RESULT_ERROR; + } else { + handle_token_sent(msg, context); + context->next_param = TOKEN_RECEIVED; + } break; case TOKEN_RECEIVED: context->counter += 1; diff --git a/src/plugin.h b/src/plugin.h index b5a255df..a23ae44d 100644 --- a/src/plugin.h +++ b/src/plugin.h @@ -141,6 +141,8 @@ typedef enum { #define TOKEN_SENT_FOUND 1 #define TOKEN_RECEIVED_FOUND 1 << 1 +#define INT128_LENGTH 16 + // Number of decimals used when the token wasn't found in the CAL. #define DEFAULT_DECIMAL WEI_TO_ETHER diff --git a/tests/ethereum_build/.ethereum_application_build_goes_there b/tests/ethereum_build/.ethereum_application_build_goes_there deleted file mode 100644 index e69de29b..00000000 From 0b513fdeaa53a0d1808ea6e4bc5f6515cbdf5550 Mon Sep 17 00:00:00 2001 From: Shahul Hameed <10547529+shahthepro@users.noreply.github.com> Date: Thu, 21 Mar 2024 20:27:38 +0530 Subject: [PATCH 2/4] Fix error --- src/handle_provide_parameter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/handle_provide_parameter.c b/src/handle_provide_parameter.c index 2334d9b3..4d030a01 100644 --- a/src/handle_provide_parameter.c +++ b/src/handle_provide_parameter.c @@ -283,7 +283,7 @@ static void handle_curve_router_exchange(ethPluginProvideParameter_t *msg, conte NULL_ETH_ADDRESS, ADDRESS_LENGTH) == 0) { // First token in the route cannot be null - msg->result = ETH_PLUGIN_RESULT_ERROR; + context->next_param = UNEXPECTED_PARAMETER; } else { handle_token_sent(msg, context); context->next_param = TOKEN_RECEIVED; From ef16c0d56f6dd8bda53c40f2a09b5991a6e50c5d Mon Sep 17 00:00:00 2001 From: Shahul Hameed <10547529+shahthepro@users.noreply.github.com> Date: Thu, 21 Mar 2024 20:33:56 +0530 Subject: [PATCH 3/4] Update workflow --- .github/workflows/build_and_functional_tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_functional_tests.yml b/.github/workflows/build_and_functional_tests.yml index 865cfa3b..5fcc52fd 100644 --- a/.github/workflows/build_and_functional_tests.yml +++ b/.github/workflows/build_and_functional_tests.yml @@ -43,4 +43,4 @@ jobs: with: download_app_binaries_artifact: plugin_binaries additional_app_binaries_artifact: ethereum_build_develop - additional_app_binaries_artifact_dir: ./tests/ethereum_build/build + additional_app_binaries_artifact_dir: ./tests/ethereum_build From 73fe0ee1f2917c705d6442342e34943c46eeb6c4 Mon Sep 17 00:00:00 2001 From: Shahul Hameed <10547529+shahthepro@users.noreply.github.com> Date: Thu, 21 Mar 2024 22:51:01 +0530 Subject: [PATCH 4/4] Revert update workflow --- .github/workflows/build_and_functional_tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_functional_tests.yml b/.github/workflows/build_and_functional_tests.yml index 5fcc52fd..865cfa3b 100644 --- a/.github/workflows/build_and_functional_tests.yml +++ b/.github/workflows/build_and_functional_tests.yml @@ -43,4 +43,4 @@ jobs: with: download_app_binaries_artifact: plugin_binaries additional_app_binaries_artifact: ethereum_build_develop - additional_app_binaries_artifact_dir: ./tests/ethereum_build + additional_app_binaries_artifact_dir: ./tests/ethereum_build/build