Browse Source

stratum: parse_reconnect(): treat pool-sent URL as untrusted.

Thanks to Mick Ayzenberg <mick@dejavusecurity.com> for reminding
that this existed and highlighting the offender.

Also to Luke-jr for actually fixing this in bfgminer. :D
djm34
Noel Maersk 11 years ago
parent
commit
78cc408369
  1. 12
      util.c

12
util.c

@ -1718,15 +1718,14 @@ static void __suspend_stratum(struct pool *pool) @@ -1718,15 +1718,14 @@ static void __suspend_stratum(struct pool *pool)
static bool parse_reconnect(struct pool *pool, json_t *val)
{
char *sockaddr_url, *stratum_port, *tmp;
char *url, *port, address[256];
if (opt_disable_client_reconnect) {
applog(LOG_WARNING, "Stratum client.reconnect forbidden, aborting.");
applog(LOG_WARNING, "Stratum client.reconnect received but is disabled, not reconnecting.");
return false;
}
memset(address, 0, 255);
char *url, *port, address[256];
char *sockaddr_url, *stratum_port, *tmp; /* Tempvars. */
url = (char *)json_string_value(json_array_get(val, 0));
if (!url)
url = pool->sockaddr_url;
@ -1735,8 +1734,7 @@ static bool parse_reconnect(struct pool *pool, json_t *val) @@ -1735,8 +1734,7 @@ static bool parse_reconnect(struct pool *pool, json_t *val)
if (!port)
port = pool->stratum_port;
sprintf(address, "%s:%s", url, port);
snprintf(address, sizeof(address), "%s:%s", url, port);
if (!extract_sockaddr(address, &sockaddr_url, &stratum_port))
return false;

Loading…
Cancel
Save