From 2f3fba27a39b2999e280eca9fdcc83eeed10fd55 Mon Sep 17 00:00:00 2001 From: Con Kolivas Date: Fri, 7 Nov 2014 00:35:47 +1100 Subject: [PATCH] Use a sanity check on idstring from the job_id passed in parse_submit --- src/stratifier.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/stratifier.c b/src/stratifier.c index 63756614..d905d081 100644 --- a/src/stratifier.c +++ b/src/stratifier.c @@ -2304,8 +2304,8 @@ static json_t *parse_submit(stratum_instance_t *client, json_t *json_msg, char *fname = NULL, *s, *nonce2; enum share_err err = SE_NONE; ckpool_t *ckp = client->ckp; + char idstring[20] = {}; workbase_t *wb = NULL; - char idstring[20]; uint32_t ntime32; uchar hash[32]; int nlen, len; @@ -2375,12 +2375,12 @@ static json_t *parse_submit(stratum_instance_t *client, json_t *json_msg, id = current_workbase->id; err = SE_INVALID_JOBID; json_set_string(json_msg, "reject-reason", SHARE_ERR(err)); - strcpy(idstring, job_id); + strncpy(idstring, job_id, 19); ASPRINTF(&fname, "%s.sharelog", current_workbase->logdir); goto out_unlock; } wdiff = wb->diff; - strcpy(idstring, wb->idstring); + strncpy(idstring, wb->idstring, 19); ASPRINTF(&fname, "%s.sharelog", wb->logdir); /* Fix broken clients sending too many chars. Nonce2 is part of the * read only json so use a temporary variable and modify it. */