thodg/cgminer

Browse

Commit e5babfa25b9273e32fe308c77f45a91496f8714c

Con Kolivas 2012-10-15T11:40:32

Watch for buffer overflows on receiving data into the socket buffer. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

diff --git a/util.c b/util.c
index ff2ce5a..f717856 100644
--- a/util.c
+++ b/util.c
@@ -939,6 +939,7 @@ char *recv_line(struct pool *pool)
 
 	if (!strstr(pool->sockbuf, "\n")) {
 		char s[RBUFSIZE];
+		size_t sspace;
 		CURLcode rc;
 
 		if (!sock_full(pool, true)) {
@@ -955,7 +956,11 @@ char *recv_line(struct pool *pool)
 			applog(LOG_DEBUG, "Failed to recv sock in recv_line");
 			goto out;
 		}
-		strcat(pool->sockbuf, s);
+		/* Prevent buffer overflows, but if 8k is still not enough,
+		 * likely we have had some comms issues and the data is all
+		 * useless anyway */
+		sspace = RECVSIZE - strlen(pool->sockbuf);
+		strncat(pool->sockbuf, s, sspace);
 	}
 
 	buflen = strlen(pool->sockbuf);
kmx.io     mail     discord kmxgit v0.4.0