missing protection of nil pointer dereference in scwallet.

[CertiK-Geth]

System information

Geth version: geth v1.16.1
OS & Version: Windows/Linux/OSX
Commit hash : efbba96@master branch

Locations

• accounts/scwallet/wallet.go:524
• accounts/scwallet/wallet.go:527
• accounts/scwallet/wallet.go:635
• accounts/scwallet/wallet.go:778

Expected behavior

In the accounts/scwallet/wallet.go file, there is a vulnerability where the code does not check if the pointer returned by w.Hub.pairing(w) is nil before dereferencing it. This can lead to a potential panic if the pointer is nil. The issue is present in multiple functions, such as selfDerive, Derive, and findAccountPath.
Code Snippets:

func (w *Wallet) selfDerive() {
//..
		pairing := w.Hub.pairing(w)
//...
				// Display a log message to the user for new (or previously empty accounts)
				if _, known := pairing.Accounts[nextAddrs[i]]; !known || !empty || nextAddrs[i] != w.deriveNextAddrs[i] {
					w.log.Info("Smartcard wallet discovered new account", "address", nextAddrs[i], "path", path, "balance", balance, "nonce", nonce)
				}
				pairing.Accounts[nextAddrs[i]] = path

---

func (w *Wallet) Derive(path accounts.DerivationPath, pin bool) (accounts.Account, error) {
//...

	if pin {
		pairing := w.Hub.pairing(w)
		pairing.Accounts[account.Address] = path
		if err := w.Hub.setPairing(w, pairing); err != nil {
			return accounts.Account{}, err
		}
	}
}

---

func (w *Wallet) findAccountPath(account accounts.Account) (accounts.DerivationPath, error) {
	pairing := w.Hub.pairing(w)
	if path, ok := pairing.Accounts[account.Address]; ok {
		return path, nil
	}
	//..
}

Actual behavior

Ensure the result of w.Hub.pairing(w) is checked for nil before being used.

[KapilSareen]

I would like to take this up!

[CertiK-Geth]

@KapilSareen Thank you for your pull request! We hope this addresses the pending issue of the nil pointer dereference, as part of CertiK's code scanning efforts for go-ethereum.