[hashcash] Re: Version 1 doesn't handle non-version 1 stamps very well.
- From: Justin <justin-hashcash@xxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Sat, 7 Aug 2004 03:03:48 +0000
On 2004-08-06T17:58:03-0700, Hamilton, Michael wrote:
> Version 1 of hashcash has unusual handling of non-version 1 stamps.
This doesn't fix the above problem, but it fixes the segfault, writing
out-of-bounds on an array in strtime() (only one is really a problem,
the one passed to the sstrncpy macro), and missing prototype for
read_append() needed by read_header(). The last two functions can be
reversed rather than adding a prototype, but this way it's a smaller
patch.
diff -dur hashcash-1.00/hashcash.c hashcash-1.00-t/hashcash.c
--- hashcash-1.00/hashcash.c 2004-08-06 21:51:53.000000000 +0000
+++ hashcash-1.00-t/hashcash.c 2004-08-07 02:38:26.713072438 +0000
@@ -1292,6 +1292,8 @@
return tries_expected;
}
+int read_append( char**, int*, int*, char* );
+
char *read_header( FILE* f, char** s, int* smax, int* alloc,
char* a, int amax )
{
Only in hashcash-1.00-t/: hashcash.o
diff -dur hashcash-1.00/libhc.c hashcash-1.00-t/libhc.c
--- hashcash-1.00/libhc.c 2004-08-06 06:30:19.000000000 +0000
+++ hashcash-1.00-t/libhc.c 2004-08-07 02:42:26.464474902 +0000
@@ -233,7 +233,7 @@
#endif
for ( i1=0, i1f=1; i1f || i1!=0; i1f=0,i1=(i1+1) & GROUP_SIZE) {
- sprintf( counter, GFFORMAT, i1 & GROUP_SIZE, 0 );
+ sprintf( counter, GFFORMAT, i1 & GROUP_SIZE/*, 0*/ );
found = find_collision( now_utime, resource, bits, *new_token,
GROUP_SIZE, rnd_str, counter, ext );
if ( found ) { goto done; }
@@ -449,7 +449,7 @@
*bits = atoi( bits_str ); if ( *bits < 0 ) { return 0; }
if ( strspn( cnt, VALID_STR_CHARS ) != cnt_len ) { return 0; }
}
- if ( strspn( rnd, VALID_STR_CHARS ) != rnd_len ) { return 0; }
+ if ( rnd == NULL || strspn( rnd, VALID_STR_CHARS ) != rnd_len ) { return
0; }
return 1;
}
diff -dur hashcash-1.00/utct.c hashcash-1.00-t/utct.c
--- hashcash-1.00/utct.c 2004-06-05 21:45:05.000000000 +0000
+++ hashcash-1.00-t/utct.c 2004-08-07 02:53:29.058251842 +0000
@@ -48,9 +48,9 @@
const char* strtime( time_t* timep, int utc )
{
- static char str[MAX_DATE];
+ static char str[MAX_DATE+1];
struct tm* isdst;
- char date[MAX_DATE];
+ char date[MAX_DATE+1];
char* timestr;
char* zone;
if ( utc ) {
--
"When in our age we hear these words: It will be judged by the result--then we
know at once with whom we have the honor of speaking. Those who talk this way
are a numerous type whom I shall designate under the common name of assistant
professors." -- Kierkegaard, Fear and Trembling (Wong tr.), III, 112
Other related posts:
