1
0
mirror of https://github.com/GOSTSec/sgminer synced 2025-01-25 14:04:25 +00:00

Use sanity checking to prevent a possible overflow with invalid data being given by the pool for difficulty as reported by luke-Jr.

This commit is contained in:
Con Kolivas 2013-02-05 21:10:18 +11:00
parent 81025611ac
commit ffdcaed49d

View File

@ -2163,8 +2163,12 @@ static bool solves_block(const struct work *work)
} }
memset(diffcmp, 0, 32); memset(diffcmp, 0, 32);
diffcmp[(diffbytes >> 2) + 1] = diffvalue >> (32 - diffshift); diffbytes >>= 2;
diffcmp[diffbytes >> 2] = diffvalue << diffshift; /* Sanity check looking for overflow */
if (unlikely(diffbytes > 6))
return false;
diffcmp[diffbytes + 1] = diffvalue >> (32 - diffshift);
diffcmp[diffbytes] = diffvalue << diffshift;
for (i = 7; i >= 0; i--) { for (i = 7; i >= 0; i--) {
if (hash32[i] > diffcmp[i]) if (hash32[i] > diffcmp[i])
@ -3455,8 +3459,11 @@ static void set_blockdiff(const struct work *work)
} }
memset(diffhash, 0, 32); memset(diffhash, 0, 32);
diffhash[(diffbytes >> 2) + 1] = diffvalue >> (32 - diffshift); diffbytes >>= 2;
diffhash[diffbytes >> 2] = diffvalue << diffshift; if (unlikely(diffbytes > 6))
return;
diffhash[diffbytes + 1] = diffvalue >> (32 - diffshift);
diffhash[diffbytes] = diffvalue << diffshift;
swab256(rhash, diffhash); swab256(rhash, diffhash);