[Bug]: incorrect offset in reading APDU answer of GetVersion
#6586
Comments
darosior
added
bug
|
This issue is stale because it has been open 30 days with no activity. Remove stale label, comment, or consider closing it. |
|
lol.
…On Monday, May 6th, 2024 at 6:25 AM, github-actions[bot] ***@***.***> wrote:
Closed [#6586](#6586) as completed.
—
Reply to this email directly, [view it on GitHub](#6586 (comment)), or [unsubscribe](https://github.com/notifications/unsubscribe-auth/AFLK3F3243F6PGNWZCUMZ4LZA4A3HAVCNFSM6AAAAABFOS37YSVHI2DSMVQWIX3LMV45UABCJFZXG5LFIV3GK3TUJZXXI2LGNFRWC5DJN5XDWMJSG4YDSNZZGQ2DCMI).
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Impacted Library name
No response
Impacted Library version
No response
Describe the bug
The
parseGetVersionResponsefunction seems to be incorrectly updating the offset counter after reading the SE target id. I believe it is due to a copy paste error.Earlier in the function the flags are parsed:
ledger-live/libs/device-core/src/commands/use-cases/parseGetVersionResponse.ts
Lines 20 to 23 in dd1d17f
Later when parsing the SE target id (in case the target id corresponds to a bootloader one and it's either the new or old format but WE CAN'T know this is not documented), the offset counter is updated by the value of the length of the flags slice, not the length of the SE target id slice!
ledger-live/libs/device-core/src/commands/use-cases/parseGetVersionResponse.ts
Lines 56 to 58 in dd1d17f
In passing, please document your APDU protocol. This is really not a fun exercise to have to reverse-engineer it from the confusing Ledger Live codebase.
Expected behavior
I don't think this changes the behaviour but could lead to a pretty nasty bug should this function be updated in the future.
Additional context
No response
The text was updated successfully, but these errors were encountered: