Skip to content
Permalink
Browse files Browse the repository at this point in the history
stratum: parse_reconnect(): treat pool-sent URL as untrusted.
Thanks to Mick Ayzenberg <mick@dejavusecurity.com> for reminding
that this existed and highlighting the offender.

Also to Luke-jr for actually fixing this in bfgminer. :D
  • Loading branch information
veox committed Jun 5, 2014
1 parent b65574b commit 78cc408
Showing 1 changed file with 5 additions and 7 deletions.
12 changes: 5 additions & 7 deletions util.c
Expand Up @@ -1718,15 +1718,14 @@ static void __suspend_stratum(struct pool *pool)

static bool parse_reconnect(struct pool *pool, json_t *val)
{
char *sockaddr_url, *stratum_port, *tmp;
char *url, *port, address[256];

if (opt_disable_client_reconnect) {
applog(LOG_WARNING, "Stratum client.reconnect forbidden, aborting.");
applog(LOG_WARNING, "Stratum client.reconnect received but is disabled, not reconnecting.");
return false;
}

memset(address, 0, 255);
char *url, *port, address[256];
char *sockaddr_url, *stratum_port, *tmp; /* Tempvars. */

url = (char *)json_string_value(json_array_get(val, 0));
if (!url)
url = pool->sockaddr_url;
Expand All @@ -1735,8 +1734,7 @@ static bool parse_reconnect(struct pool *pool, json_t *val)
if (!port)
port = pool->stratum_port;

sprintf(address, "%s:%s", url, port);

snprintf(address, sizeof(address), "%s:%s", url, port);
if (!extract_sockaddr(address, &sockaddr_url, &stratum_port))
return false;

Expand Down

0 comments on commit 78cc408

Please sign in to comment.