Skip to content

Fix stale CN input length causing OOB reads#3

Merged
MoneroOcean merged 1 commit into
mainfrom
codex/propose-fix-for-input-safety-vulnerability
May 27, 2026
Merged

Fix stale CN input length causing OOB reads#3
MoneroOcean merged 1 commit into
mainfrom
codex/propose-fix-for-input-safety-vulnerability

Conversation

@MoneroOcean

Copy link
Copy Markdown
Owner

Motivation

  • Prevent a memory-safety and PoW-correctness bug in the CN path where m_input_cn_len could remain stale when consecutive jobs reuse the same algo/seed/mem configuration, leading to memcpy() reading past the decoded blob.

Description

  • Update m_input_cn_len immediately after decoding and validating inputs for every non-RX job and remove the redundant assignment from the reconfiguration-only branch so CN copying and hashing always use the current blob length (moner-job.cpp).

Testing

  • Ran npm test, but the native addon build could not complete because fetching the nan dependency from npm was blocked with HTTP 403, so the test suite could not execute (no automated tests passed in this environment).

Codex Task

@MoneroOcean MoneroOcean merged commit f8e999b into main May 27, 2026
1 check passed
@MoneroOcean MoneroOcean deleted the codex/propose-fix-for-input-safety-vulnerability branch May 27, 2026 17:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant