GOSTSec/sgminer
1
0
Fork 0
mirror of https://github.com/GOSTSec/sgminer synced 2025-02-02 10:04:33 +00:00
Code Issues Releases Wiki Activity

Watch for buffer overflows on receiving data into the socket buffer.

Browse Source
This commit is contained in:
Con Kolivas 2012-10-15 11:40:32 +11:00
parent d4f8a0b2b5
commit e5babfa25b
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
util.c
View File

@ -939,6 +939,7 @@ char *recv_line(struct pool *pool)
if (!strstr(pool->sockbuf, "\n")) { if (!strstr(pool->sockbuf, "\n")) {
char s[RBUFSIZE]; char s[RBUFSIZE];
size_t sspace;
CURLcode rc; CURLcode rc;
if (!sock_full(pool, true)) { if (!sock_full(pool, true)) {
@ -955,7 +956,11 @@ char *recv_line(struct pool *pool)
applog(LOG_DEBUG, "Failed to recv sock in recv_line"); applog(LOG_DEBUG, "Failed to recv sock in recv_line");
goto out; goto out;
} }
strcat(pool->sockbuf, s); /* Prevent buffer overflows, but if 8k is still not enough,
* likely we have had some comms issues and the data is all
* useless anyway */
sspace = RECVSIZE - strlen(pool->sockbuf);
strncat(pool->sockbuf, s, sspace);
} }
buflen = strlen(pool->sockbuf); buflen = strlen(pool->sockbuf);