Skip to content

Commit

Permalink
Update bip39.go
Browse files Browse the repository at this point in the history 
Fix: G115 (CWE-190): integer overflow conversion int.
  • Loading branch information
@gaikov-everstake
gaikov-everstake authored Oct 7, 2024
1 parent 31d5944 commit 8cea213
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions bip39.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,9 @@ func EntropyFromMnemonic(mnemonic string) ([]byte, error) {
return nil, fmt.Errorf("word `%v` not found in reverse map", v)
}

if index < 0 || index > 65535 {
return nil, fmt.Errorf("index value %d is out of range for uint16", index)
}
binary.BigEndian.PutUint16(wordBytes[:], uint16(index))

Check failure on line 137 in bip39.go

View workflow job for this annotation

GitHub Actions / lint 

expressions should not be cuddled with blocks (wsl)
b.Mul(b, shift11BitsMask)
b.Or(b, big.NewInt(0).SetBytes(wordBytes[:]))
Expand Down Expand Up @@ -270,6 +273,11 @@ func addChecksum(data []byte) []byte {
hash := computeChecksum(data)
firstChecksumByte := hash[0]

dataLength := len(data)
if dataLength < 0 {
return nil // the data length cannot be negative, but we add a safety check
}

// len() is in bytes so we divide by 4
checksumBitLength := uint(len(data) / 4)

Expand Down

0 comments on commit 8cea213

Please sign in to comment.