Skip to content
This repository has been archived by the owner on May 27, 2020. It is now read-only.
Permalink
Browse files Browse the repository at this point in the history
Do some random sanity checking for stratum message parsing
  • Loading branch information
ckolivas committed Jun 10, 2014
1 parent e8b0a29 commit e1c5050
Showing 1 changed file with 41 additions and 14 deletions.
55 changes: 41 additions & 14 deletions util.c
@@ -1,5 +1,5 @@
/*
* Copyright 2011-2013 Con Kolivas
* Copyright 2011-2014 Con Kolivas
* Copyright 2010 Jeff Garzik
*
* This program is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -720,6 +720,34 @@ bool hex2bin(unsigned char *p, const char *hexstr, size_t len)
return ret;
}

static bool _valid_hex(char *s, const char *file, const char *func, const int line)
{
bool ret = false;
int i, len;

if (unlikely(!s)) {
applog(LOG_ERR, "Null string passed to valid_hex from"IN_FMT_FFL, file, func, line);
return ret;
}
len = strlen(s);
if (unlikely(!len)) {
applog(LOG_ERR, "Zero length string passed to valid_hex from"IN_FMT_FFL, file, func, line);
return ret;
}
for (i = 0; i < len; i++) {
unsigned char idx = s[i];

if (unlikely(hex2bin_tbl[idx] < 0)) {
applog(LOG_ERR, "Invalid char %x passed to valid_hex from"IN_FMT_FFL, idx, file, func, line);
return ret;
}
}
ret = true;
return ret;
}

#define valid_hex(s) _valid_hex(s, __FILE__, __func__, __LINE__)

static const int b58tobin_tbl[] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
Expand Down Expand Up @@ -1375,7 +1403,7 @@ bool extract_sockaddr(char *url, char **sockaddr_url, char **sockaddr_port)
if (url_len < 1)
return false;

sprintf(url_address, "%.*s", url_len, url_begin);
snprintf(url_address, 254, "%.*s", url_len, url_begin);

if (port_len) {
char *slash;
Expand Down Expand Up @@ -1685,14 +1713,13 @@ static bool parse_notify(struct pool *pool, json_t *val)
ntime = __json_array_string(val, 7);
clean = json_is_true(json_array_get(val, 8));

if (!job_id || !prev_hash || !coinbase1 || !coinbase2 || !bbversion || !nbit || !ntime) {
if (!valid_hex(job_id) || !valid_hex(prev_hash) || !valid_hex(coinbase1) ||
!valid_hex(coinbase2) || !valid_hex(bbversion) || !valid_hex(nbit) ||
!valid_hex(ntime)) {
/* Annoying but we must not leak memory */
if (job_id)
free(job_id);
if (coinbase1)
free(coinbase1);
if (coinbase2)
free(coinbase2);
free(job_id);
free(coinbase1);
free(coinbase2);
goto out;
}

Expand Down Expand Up @@ -1880,7 +1907,7 @@ static bool parse_reconnect(struct pool *pool, json_t *val)
if (!port)
port = pool->stratum_port;

sprintf(address, "%s:%s", url, port);
snprintf(address, 254, "%s:%s", url, port);

if (!extract_sockaddr(address, &sockaddr_url, &stratum_port))
return false;
Expand Down Expand Up @@ -2551,14 +2578,14 @@ bool initiate_stratum(struct pool *pool)
if (!sessionid)
applog(LOG_DEBUG, "Failed to get sessionid in initiate_stratum");
nonce1 = json_array_string(res_val, 1);
if (!nonce1) {
applog(LOG_INFO, "Failed to get nonce1 in initiate_stratum");
if (!valid_hex(nonce1)) {
applog(LOG_INFO, "Failed to get valid nonce1 in initiate_stratum");
free(sessionid);
goto out;
}
n2size = json_integer_value(json_array_get(res_val, 2));
if (!n2size) {
applog(LOG_INFO, "Failed to get n2size in initiate_stratum");
if (n2size < 2 || n2size > 16) {
applog(LOG_INFO, "Failed to get valid n2size in initiate_stratum");
free(sessionid);
free(nonce1);
goto out;
Expand Down

0 comments on commit e1c5050

Please sign in to comment.