Browse Source

Wallet: Sanitise -wallet parameter

pull/1/head
Luke Dashjr 6 years ago
parent
commit
d678771c66
  1. 3
      src/utilstrencodings.cpp
  2. 3
      src/utilstrencodings.h
  3. 6
      src/wallet/wallet.cpp

3
src/utilstrencodings.cpp

@ -19,7 +19,8 @@ static const string CHARS_ALPHA_NUM = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNO @@ -19,7 +19,8 @@ static const string CHARS_ALPHA_NUM = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNO
static const string SAFE_CHARS[] =
{
CHARS_ALPHA_NUM + " .,;-_/:?@()", // SAFE_CHARS_DEFAULT
CHARS_ALPHA_NUM + " .,;-_?@" // SAFE_CHARS_UA_COMMENT
CHARS_ALPHA_NUM + " .,;-_?@", // SAFE_CHARS_UA_COMMENT
CHARS_ALPHA_NUM + ".-_", // SAFE_CHARS_FILENAME
};
string SanitizeString(const string& str, int rule)

3
src/utilstrencodings.h

@ -26,7 +26,8 @@ @@ -26,7 +26,8 @@
enum SafeChars
{
SAFE_CHARS_DEFAULT, //!< The full set of allowed chars
SAFE_CHARS_UA_COMMENT //!< BIP-0014 subset
SAFE_CHARS_UA_COMMENT, //!< BIP-0014 subset
SAFE_CHARS_FILENAME, //!< Chars allowed in filenames
};
/**

6
src/wallet/wallet.cpp

@ -3765,6 +3765,12 @@ bool CWallet::InitLoadWallet() @@ -3765,6 +3765,12 @@ bool CWallet::InitLoadWallet()
std::string walletFile = GetArg("-wallet", DEFAULT_WALLET_DAT);
if (walletFile.find_first_of("/\\") != std::string::npos) {
return InitError(_("-wallet parameter must only specify a filename (not a path)"));
} else if (SanitizeString(walletFile, SAFE_CHARS_FILENAME) != walletFile) {
return InitError(_("Invalid characters in -wallet filename"));
}
CWallet * const pwallet = CreateWalletFromFile(walletFile);
if (!pwallet) {
return false;

Loading…
Cancel
Save