Mining

Snider/Mining

Fork 0

Commit graph

Author	SHA1	Message	Date
snider	919b17ee9e	fix: Address multiple security issues and add unit tests for various components	2026-01-02 17:39:53 +00:00
snider	1101248397	fix: Address 22 security findings from parallel code review (Pass 2) Security fixes implemented: - CRIT-001: SSRF IPv6 bypass protection (localhost, link-local, ULA, mapped) - CRIT-002: cn_heavyZen3Memory leak fix with cleanup function - CRIT-003: HTTP header size DoS prevention (8KB/16KB limits) - CRIT-004: patchAsmVariants null check after allocation - CRIT-005: autoPause race condition fix with atomics - HIGH-001: OpenSSL strchr null pointer check - HIGH-002: uv_loop_close error handling - HIGH-004/005/006: Miner.cpp race conditions (atomic reset, mutex protection) - HIGH-007: m_workersMemory dangling pointer fix - HIGH-008: JIT buffer overflow bounds checking - HIGH-009: Bearer prefix timing attack mitigation - HIGH-010: CORS origin restriction to localhost - HIGH-011: Per-IP connection limits (10 per IP) for DoS protection - HIGH-012: SSRF 172.x RFC1918 range validation - MED-002: pthread_join return value check on macOS - MED-004: OclKawPowRunner exception-safe initialization - MED-005: Generic error messages to prevent info disclosure - MED-006: CRLF header injection prevention 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-31 19:28:22 +00:00
snider	69376b886f	feat: Rebrand xmrig to miner and vendor XMRig ecosystem Complete rebranding of all components: - Core miner: xmrig -> miner (binary, version.h, CMakeLists.txt) - Proxy: xmrig-proxy -> miner-proxy - CUDA plugin: xmrig-cuda -> miner-cuda - Heatmap: xmrig-nonces-heatmap -> miner-nonces-heatmap - Go CLI wrapper: miner-cli -> miner-ctrl Vendored XMRig ecosystem into miner/ directory: - miner/core - XMRig CPU/GPU miner - miner/proxy - Stratum proxy - miner/cuda - NVIDIA CUDA plugin - miner/heatmap - Nonce visualization tool - miner/config - Configuration UI - miner/deps - Pre-built dependencies Updated dev fee to use project wallet with opt-out (kMinimumDonateLevel=0) Updated branding to Lethean (domain, copyright, version 0.1.0) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-30 19:43:02 +00:00

Author

SHA1

Message

Date

snider

919b17ee9e

fix: Address multiple security issues and add unit tests for various components

2026-01-02 17:39:53 +00:00

snider

1101248397

fix: Address 22 security findings from parallel code review (Pass 2)

Security fixes implemented:
- CRIT-001: SSRF IPv6 bypass protection (localhost, link-local, ULA, mapped)
- CRIT-002: cn_heavyZen3Memory leak fix with cleanup function
- CRIT-003: HTTP header size DoS prevention (8KB/16KB limits)
- CRIT-004: patchAsmVariants null check after allocation
- CRIT-005: autoPause race condition fix with atomics
- HIGH-001: OpenSSL strchr null pointer check
- HIGH-002: uv_loop_close error handling
- HIGH-004/005/006: Miner.cpp race conditions (atomic reset, mutex protection)
- HIGH-007: m_workersMemory dangling pointer fix
- HIGH-008: JIT buffer overflow bounds checking
- HIGH-009: Bearer prefix timing attack mitigation
- HIGH-010: CORS origin restriction to localhost
- HIGH-011: Per-IP connection limits (10 per IP) for DoS protection
- HIGH-012: SSRF 172.x RFC1918 range validation
- MED-002: pthread_join return value check on macOS
- MED-004: OclKawPowRunner exception-safe initialization
- MED-005: Generic error messages to prevent info disclosure
- MED-006: CRLF header injection prevention

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-31 19:28:22 +00:00

snider

69376b886f

feat: Rebrand xmrig to miner and vendor XMRig ecosystem

Complete rebranding of all components:
- Core miner: xmrig -> miner (binary, version.h, CMakeLists.txt)
- Proxy: xmrig-proxy -> miner-proxy
- CUDA plugin: xmrig-cuda -> miner-cuda
- Heatmap: xmrig-nonces-heatmap -> miner-nonces-heatmap
- Go CLI wrapper: miner-cli -> miner-ctrl

Vendored XMRig ecosystem into miner/ directory:
- miner/core - XMRig CPU/GPU miner
- miner/proxy - Stratum proxy
- miner/cuda - NVIDIA CUDA plugin
- miner/heatmap - Nonce visualization tool
- miner/config - Configuration UI
- miner/deps - Pre-built dependencies

Updated dev fee to use project wallet with opt-out (kMinimumDonateLevel=0)
Updated branding to Lethean (domain, copyright, version 0.1.0)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-30 19:43:02 +00:00

3 commits