Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix handling of stratum+tcp:// format #197

Merged
merged 1 commit into from
Jul 9, 2017
Merged

Fix handling of stratum+tcp:// format #197

merged 1 commit into from
Jul 9, 2017

Conversation

fireice-uk
Copy link
Owner

@fireice-uk fireice-uk commented Jul 8, 2017
edited
Loading

Simple fix for #194

psychocrypt
psychocrypt requested changes Jul 9, 2017
View reviewed changes
socket.cpp
@@ -56,7 +56,10 @@ bool plain_socket::set_hostname(const char* sAddr)
sAddrMb[ln] = '\0';

if ((sTmp = strstr(sAddrMb, "//")) != nullptr)
{
sTmp += 2;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can produce a buffer overflow if the user add ony stratum+tcp// as address, can you please add a check that the new pointer is not behind '/0'

Copy link
Owner Author

@fireice-uk fireice-uk Jul 9, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you might be reading the code wrong. This actually got me to when I was writing it if you look at it carefully =).

In case the sAddrMb = "x//\0", sTmp = "//\0", and after addition, sTmp = "\0". strlen(sTmp) = 0, so the args to memmove are

memmove(sAddrMb, sTmp ( = "\0"), 1), so sAddrMb = "\0"

There is no need to check for being behind \0 because the searched for string has a fixed length.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes you are right. thx for the clarification.

@psychocrypt psychocrypt merged commit 74c6914 into dev Jul 9, 2017
@psychocrypt psychocrypt deleted the topic-uri-fix branch July 9, 2017 17:05
@psychocrypt psychocrypt self-assigned this Jul 9, 2017
@psychocrypt psychocrypt added the bug label Jul 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@psychocrypt psychocrypt psychocrypt approved these changes

Assignees

@psychocrypt psychocrypt

Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fireice-uk @psychocrypt