From 4a4e12a7adaddf6a8437ae9233aa393a9caf7257 Mon Sep 17 00:00:00 2001 From: Con Kolivas Date: Sun, 19 Oct 2014 20:19:21 +1100 Subject: [PATCH] Fix nonce2 sanitisation --- src/stratifier.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/stratifier.c b/src/stratifier.c index 0741fb6e..16246c9f 100644 --- a/src/stratifier.c +++ b/src/stratifier.c @@ -2231,10 +2231,13 @@ static json_t *parse_submit(stratum_instance_t *client, json_t *json_msg, wdiff = wb->diff; strcpy(idstring, wb->idstring); ASPRINTF(&fname, "%s.sharelog", wb->logdir); - /* Fix broken clients sending too many chars */ + /* Fix broken clients sending too many chars. Nonce2 is part of the + * read only json so use a temporary variable and modify it. */ len = wb->enonce2varlen * 2; - if ((int)strlen(nonce2) > len) + if ((int)strlen(nonce2) > len) { + nonce2 = strdupa(nonce2); nonce2[len] = '\0'; + } sdiff = submission_diff(client, wb, nonce2, ntime32, nonce, hash); bswap_256(sharehash, hash); __bin2hex(hexhash, sharehash, 32);