Merge pull request #495 from Cypherock/hotfix/invalid-query-handling

fix (app): Correct exit condition when query is invalid
Cypherock · Apr 6, 2024 · 1b13a7b · 1b13a7b
2 parents 9a45290 + 318b54c
commit 1b13a7b
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 7 deletions.
diff --git a/apps/btc_family/btc_txn.c b/apps/btc_family/btc_txn.c
@@ -373,7 +373,7 @@ static bool fetch_valid_input(btc_query_t *query) {
   // Validate inputs for safety from attack. Ref:
   // https://blog.trezor.io/details-of-firmware-updates-for-trezor-one-version-1-9-1-and-trezor-model-t-version-2-3-1-1eba8f60f2dd
   for (int idx = 0; idx < btc_txn_context->metadata.input_count; idx++) {
-    if (!btc_get_query(query, BTC_QUERY_SIGN_TXN_TAG) &&
+    if (!btc_get_query(query, BTC_QUERY_SIGN_TXN_TAG) ||
         !check_which_request(query, BTC_SIGN_TXN_REQUEST_INPUT_TAG)) {
       return false;
     }
@@ -424,7 +424,7 @@ static bool fetch_valid_output(btc_query_t *query) {
   btc_txn_context->change_output_idx = -1;
 
   for (int idx = 0; idx < btc_txn_context->metadata.output_count; idx++) {
-    if (!btc_get_query(query, BTC_QUERY_SIGN_TXN_TAG) &&
+    if (!btc_get_query(query, BTC_QUERY_SIGN_TXN_TAG) ||
         !check_which_request(query, BTC_SIGN_TXN_REQUEST_OUTPUT_TAG)) {
       return false;
     }

diff --git a/apps/evm_family/evm_sign_txn.c b/apps/evm_family/evm_sign_txn.c
@@ -297,7 +297,7 @@ STATIC bool fetch_valid_transaction(evm_query_t *query) {
   // allocate memory for storing transaction
   txn_context->transaction = (uint8_t *)malloc(total_size);
   while (true) {
-    if (!evm_get_query(query, EVM_QUERY_SIGN_TXN_TAG) &&
+    if (!evm_get_query(query, EVM_QUERY_SIGN_TXN_TAG) ||
         !check_which_request(query, EVM_SIGN_TXN_REQUEST_TXN_DATA_TAG)) {
       return status;
     }

diff --git a/apps/near_app/near_txn.c b/apps/near_app/near_txn.c
@@ -268,7 +268,7 @@ static bool handle_initiate_query(const near_query_t *query) {
 }
 
 static bool fetch_valid_input(near_query_t *query) {
-  if (!near_get_query(query, NEAR_QUERY_SIGN_TXN_TAG) &&
+  if (!near_get_query(query, NEAR_QUERY_SIGN_TXN_TAG) ||
       !check_which_request(query, NEAR_SIGN_TXN_REQUEST_TXN_TAG)) {
     return false;
   }

diff --git a/apps/solana_app/solana_sign_txn.c b/apps/solana_app/solana_sign_txn.c
@@ -288,7 +288,7 @@ STATIC bool solana_fetch_valid_transaction(solana_query_t *query) {
   // allocate memory for storing transaction
   solana_txn_context->transaction = (uint8_t *)malloc(total_size);
   while (1) {
-    if (!solana_get_query(query, SOLANA_QUERY_SIGN_TXN_TAG) &&
+    if (!solana_get_query(query, SOLANA_QUERY_SIGN_TXN_TAG) ||
         !check_which_request(query, SOLANA_SIGN_TXN_REQUEST_TXN_DATA_TAG)) {
       return false;
     }
@@ -391,7 +391,7 @@ STATIC bool solana_get_user_verification() {
 }
 
 STATIC bool fetch_seed(solana_query_t *query, uint8_t *seed_out) {
-  if (!solana_get_query(query, SOLANA_QUERY_SIGN_TXN_TAG) &&
+  if (!solana_get_query(query, SOLANA_QUERY_SIGN_TXN_TAG) ||
       !check_which_request(query, SOLANA_SIGN_TXN_REQUEST_VERIFY_TAG)) {
     return false;
   }

diff --git a/version.txt b/version.txt
@@ -1,3 +1,3 @@
-firmware version=000:006:000:002
+firmware version=000:006:000:003
 hardware version=000:001:000:000
 magic number=45227A01