Skip to content

Commit

Permalink
Merge #20741: doc: Update 'Secure string handling'
Browse files Browse the repository at this point in the history 
7117d75 Update 'Secure string handling' (Prayank)

Pull request description:

  - Add information about possible path traversal attack
  - [wallet_name](https://bitcoincore.org/en/doc/0.20.0/rpc/wallet/createwallet/) (string): _The name for the new wallet. If this is a 'path', the wallet will be created at the 'path' location._

  Fixes bitcoin/bitcoin#20128 (Not really fixing it but workaround)

  This PR is an alternative to bitcoin/bitcoin#20393

ACKs for top commit:
  michaelfolkson:
    ACK 7117d75
  RiccardoMasutti:
    ACK bitcoin/bitcoin@7117d75
  benthecarman:
    ACK 7117d75

Tree-SHA512: 0d6c4f8db5feba848bbb583e87a99e6c4b655deaa2b566164e2632acc1aabf470d4626d2dc4b82c4997effc30d9b474d860d0e0d3e896648c5cc9bfdb623da6d
  • Loading branch information
@laanwj
laanwj committed Jan 9, 2021
2 parents 9158d6f + 7117d75 commit 5574e48
Showing 1 changed file with 8 additions and 7 deletions.
15 changes: 8 additions & 7 deletions doc/JSON-RPC-interface.md
View file
Expand Up @@ -88,13 +88,14 @@ RPC interface will be abused.
- **Secure string handling:** The RPC interface does not guarantee any
escaping of data beyond what's necessary to encode it as JSON,
although it does usually provide serialized data using a hex
representation of the bytes. If you use RPC data in your programs or
provide its data to other programs, you must ensure any problem
strings are properly escaped. For example, multiple websites have
been manipulated because they displayed decoded hex strings that
included HTML `<script>` tags. For this reason, and other
non-security reasons, it is recommended to display all serialized data
in hex form only.
representation of the bytes. If you use RPC data in your programs or
provide its data to other programs, you must ensure any problem strings
are properly escaped. For example, the `createwallet` RPC accepts
arguments such as `wallet_name` which is a string and could be used
for a path traversal attack without application level checks. Multiple
websites have been manipulated because they displayed decoded hex strings
that included HTML `<script>` tags. For this reason, and others, it is
recommended to display all serialized data in hex form only.

## RPC consistency guarantees

Expand Down

0 comments on commit 5574e48

Please sign in to comment.