mirror of
https://github.com/GOSTSec/sgminer
synced 2025-01-25 14:04:25 +00:00
Revert "core: correctly parse boolean configuration values."
This reverts commit 8dd1c2d4aff5e40e4a87f59fa09f8de3f2232fc1. Introduced a security bug: since CCAN/opt is used to parse the JSON config (something it is not meant to do), it was possible to specify the default of "api-listen":false in .conf and expect the API to be disabled. However, since CCAN/opt does not check for parameters to OPT_WITHOUT_ARG, this got set to true anyway, and enabled the API on a (possibly unfirewalled) network. For this reason, configuration options are not named uniformly. This should have been reverted as soon as it became known: 4c4b909be6dd8643372ec683ec73f73725cb3a77 (Fri Feb 28) Sorry for that.
This commit is contained in:
parent
1f7b7ef26e
commit
ac3d13880c
@ -1452,20 +1452,18 @@ static char *parse_config(json_t *config, bool fileconf, int parent_iteration)
|
|||||||
int n, size = json_array_size(val);
|
int n, size = json_array_size(val);
|
||||||
|
|
||||||
for (n = 0; n < size && !err; n++) {
|
for (n = 0; n < size && !err; n++) {
|
||||||
if (json_is_string(json_array_get(val, n))) {
|
if (json_is_string(json_array_get(val, n)))
|
||||||
err = opt->cb_arg(json_string_value(json_array_get(val, n)), opt->u.arg);
|
err = opt->cb_arg(json_string_value(json_array_get(val, n)), opt->u.arg);
|
||||||
}
|
|
||||||
else if (json_is_object(json_array_get(val, n)))
|
else if (json_is_object(json_array_get(val, n)))
|
||||||
{
|
{
|
||||||
err = parse_config(json_array_get(val, n), false, n);
|
err = parse_config(json_array_get(val, n), false, n);
|
||||||
json_array_index = parent_iteration;
|
json_array_index = parent_iteration;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else if ((opt->type & OPT_NOARG) && json_is_boolean(val)) {
|
} else if ((opt->type & OPT_NOARG) && json_is_true(val))
|
||||||
err = opt->cb(opt->u.arg);
|
err = opt->cb(opt->u.arg);
|
||||||
} else {
|
else
|
||||||
err = "Invalid value";
|
err = "Invalid value";
|
||||||
}
|
|
||||||
|
|
||||||
if (err) {
|
if (err) {
|
||||||
/* Allow invalid values to be in configuration
|
/* Allow invalid values to be in configuration
|
||||||
|
Loading…
x
Reference in New Issue
Block a user