From 1bfec2be32acdeb5119875d59f8ad8d88570e782 Mon Sep 17 00:00:00 2001
From: Tanguy Pruvot <tanguy.pruvot@gmail.com>
Date: Tue, 1 May 2018 15:03:59 +0200
Subject: [PATCH] stratum: precheck addresses are valid base58

---
 stratum/base58.cpp | 16 ++++++++++++++++
 stratum/client.cpp |  6 +++++-
 stratum/util.h     |  1 +
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/stratum/base58.cpp b/stratum/base58.cpp
index 856683e..631fde0 100644
--- a/stratum/base58.cpp
+++ b/stratum/base58.cpp
@@ -96,3 +96,19 @@ bool base58_decode(const char *input, char *output)
 
 	return true;
 }
+
+bool is_base58(char *input)
+{
+	// All alphanumeric characters except "0", "O", "I" and "l"
+	size_t i=0, len = strlen(input);
+	char *c = input;
+	while (i < len) {
+		bool isdigit = (c[i] >= '1' && c[i] <= '9');
+		bool isalpha = (c[i] >= 'a' && c[i] <= 'z') || (c[i] >= 'A' && c[i] <= 'Z');
+		if (!isdigit && !isalpha) return false;
+		if (c[i] == 'I' || c[i] == 'O' || c[i] == 'l') return false;
+		i++;
+	}
+	return true;
+}
+
diff --git a/stratum/client.cpp b/stratum/client.cpp
index bdc6bb2..60a0d9b 100644
--- a/stratum/client.cpp
+++ b/stratum/client.cpp
@@ -256,8 +256,12 @@ bool client_authorize(YAAMP_CLIENT *client, json_value *json_params)
 		CommonUnlock(&g_db_mutex);
 	}
 
+	bool is_bad_address = !is_base58(client->username);
 	// when auto exchange is disabled, only authorize good wallet address...
-	if (!g_autoexchange && !client_validate_user_address(client)) {
+	if (!g_autoexchange && !client_validate_user_address(client))
+		is_bad_address = true;
+
+	if (is_bad_address) {
 
 		clientlog(client, "bad mining address %s", client->username);
 		client_send_result(client, "false");
diff --git a/stratum/util.h b/stratum/util.h
index 7afdd1b..bf57bfd 100644
--- a/stratum/util.h
+++ b/stratum/util.h
@@ -74,6 +74,7 @@ string merkle_with_first(vector<string> steps, string f);
 //////////////////////////////////////////////////////////////////////////
 
 bool base58_decode(const char *input, char *output);
+bool is_base58(char *input);
 
 void base64_encode(char *base64, const char *normal);
 void base64_decode(char *normal, const char *base64);