From 780b5255fab3a3fc655eaaeecde342eb1f03a6d0 Mon Sep 17 00:00:00 2001
From: pmitchev <petar@imeleon.com>
Date: Tue, 30 Sep 2014 18:55:39 +0300
Subject: [PATCH] Fixed duplicate share vulnerability with the nonce

zone117x fix
---
 lib/pool.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/pool.js b/lib/pool.js
index 54e7af85c..ba59a953c 100644
--- a/lib/pool.js
+++ b/lib/pool.js
@@ -518,7 +518,11 @@ function handleMinerMethod(method, params, ip, portData, sendReply, pushMessage)
                 return;
             }
 
+	    params.nonce = params.nonce.substr(0, 8).toLowerCase();
+
             if (job.submissions.indexOf(params.nonce) !== -1){
+                var minerText = miner ? (' ' + miner.login + '@' + miner.ip) : '';
+                log('warn', logSystem, 'Duplicate share: ' + JSON.stringify(params) + ' from ' + minerText);
                 sendReply('Duplicate share');
                 return;
             }