Skip to content

Commit 28d4cff

Browse files
gmaxwellgmaxwell
committed
Sanitize command strings before logging them.
Normally bitcoin core does not display any network originated strings without sanitizing or hex encoding. This wasn't done for strcommand in many places. This could be used to play havoc with a terminal displaying the logs, especially with printtoconsole in use. Thanks to Evil-Knievel for reporting this issue.
1 parent fb6140b commit 28d4cff

File tree

3 files changed

+9
-9
lines changed

3 files changed

+9
-9
lines changed

src/main.cpp

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3450,7 +3450,7 @@ void static ProcessGetData(CNode* pfrom)
34503450
bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv, int64_t nTimeReceived)
34513451
{
34523452
RandAddSeedPerfmon();
3453-
LogPrint("net", "received: %s (%u bytes) peer=%d\n", strCommand, vRecv.size(), pfrom->id);
3453+
LogPrint("net", "received: %s (%u bytes) peer=%d\n", SanitizeString(strCommand), vRecv.size(), pfrom->id);
34543454
if (mapArgs.count("-dropmessagestest") && GetRand(atoi(mapArgs["-dropmessagestest"])) == 0)
34553455
{
34563456
LogPrintf("dropmessagestest DROPPING RECV MESSAGE\n");
@@ -4285,7 +4285,7 @@ bool ProcessMessages(CNode* pfrom)
42854285

42864286
// Scan for message start
42874287
if (memcmp(msg.hdr.pchMessageStart, Params().MessageStart(), MESSAGE_START_SIZE) != 0) {
4288-
LogPrintf("PROCESSMESSAGE: INVALID MESSAGESTART %s peer=%d\n", msg.hdr.GetCommand(), pfrom->id);
4288+
LogPrintf("PROCESSMESSAGE: INVALID MESSAGESTART %s peer=%d\n", SanitizeString(msg.hdr.GetCommand()), pfrom->id);
42894289
fOk = false;
42904290
break;
42914291
}
@@ -4294,7 +4294,7 @@ bool ProcessMessages(CNode* pfrom)
42944294
CMessageHeader& hdr = msg.hdr;
42954295
if (!hdr.IsValid())
42964296
{
4297-
LogPrintf("PROCESSMESSAGE: ERRORS IN HEADER %s peer=%d\n", hdr.GetCommand(), pfrom->id);
4297+
LogPrintf("PROCESSMESSAGE: ERRORS IN HEADER %s peer=%d\n", SanitizeString(hdr.GetCommand()), pfrom->id);
42984298
continue;
42994299
}
43004300
string strCommand = hdr.GetCommand();
@@ -4310,7 +4310,7 @@ bool ProcessMessages(CNode* pfrom)
43104310
if (nChecksum != hdr.nChecksum)
43114311
{
43124312
LogPrintf("ProcessMessages(%s, %u bytes): CHECKSUM ERROR nChecksum=%08x hdr.nChecksum=%08x\n",
4313-
strCommand, nMessageSize, nChecksum, hdr.nChecksum);
4313+
SanitizeString(strCommand), nMessageSize, nChecksum, hdr.nChecksum);
43144314
continue;
43154315
}
43164316

@@ -4327,12 +4327,12 @@ bool ProcessMessages(CNode* pfrom)
43274327
if (strstr(e.what(), "end of data"))
43284328
{
43294329
// Allow exceptions from under-length message on vRecv
4330-
LogPrintf("ProcessMessages(%s, %u bytes): Exception '%s' caught, normally caused by a message being shorter than its stated length\n", strCommand, nMessageSize, e.what());
4330+
LogPrintf("ProcessMessages(%s, %u bytes): Exception '%s' caught, normally caused by a message being shorter than its stated length\n", SanitizeString(strCommand), nMessageSize, e.what());
43314331
}
43324332
else if (strstr(e.what(), "size too large"))
43334333
{
43344334
// Allow exceptions from over-long size
4335-
LogPrintf("ProcessMessages(%s, %u bytes): Exception '%s' caught\n", strCommand, nMessageSize, e.what());
4335+
LogPrintf("ProcessMessages(%s, %u bytes): Exception '%s' caught\n", SanitizeString(strCommand), nMessageSize, e.what());
43364336
}
43374337
else
43384338
{
@@ -4349,7 +4349,7 @@ bool ProcessMessages(CNode* pfrom)
43494349
}
43504350

43514351
if (!fRet)
4352-
LogPrintf("ProcessMessage(%s, %u bytes) FAILED peer=%d\n", strCommand, nMessageSize, pfrom->id);
4352+
LogPrintf("ProcessMessage(%s, %u bytes) FAILED peer=%d\n", SanitizeString(strCommand), nMessageSize, pfrom->id);
43534353

43544354
break;
43554355
}

src/net.cpp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1971,7 +1971,7 @@ void CNode::BeginMessage(const char* pszCommand) EXCLUSIVE_LOCK_FUNCTION(cs_vSen
19711971
ENTER_CRITICAL_SECTION(cs_vSend);
19721972
assert(ssSend.size() == 0);
19731973
ssSend << CMessageHeader(pszCommand, 0);
1974-
LogPrint("net", "sending: %s ", pszCommand);
1974+
LogPrint("net", "sending: %s ", SanitizeString(pszCommand));
19751975
}
19761976

19771977
void CNode::AbortMessage() UNLOCK_FUNCTION(cs_vSend)

src/rpcserver.cpp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -849,7 +849,7 @@ void JSONRequest::parse(const Value& valRequest)
849849
throw JSONRPCError(RPC_INVALID_REQUEST, "Method must be a string");
850850
strMethod = valMethod.get_str();
851851
if (strMethod != "getblocktemplate")
852-
LogPrint("rpc", "ThreadRPCServer method=%s\n", strMethod);
852+
LogPrint("rpc", "ThreadRPCServer method=%s\n", SanitizeString(strMethod));
853853

854854
// Parse params
855855
Value valParams = find_value(request, "params");

0 commit comments

Comments
 (0)