-
Notifications
You must be signed in to change notification settings - Fork 36.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sanitize uacomment #6647
Sanitize uacomment #6647
Conversation
@@ -22,7 +22,15 @@ | |||
/** This is needed because the foreach macro can't get over the comma in pair<t1, t2> */ | |||
#define PAIRTYPE(t1, t2) std::pair<t1, t2> | |||
|
|||
std::string SanitizeString(const std::string& str); | |||
static const int SAFE_CHARS_DEFAULT = 0; //!< Default rule in SanitizeString() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: would a enum
not be more adequate for a such operation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 for using enum. This is a perfect fit for one.
Not sure passing in the characters in a string is better. The idea makes sense, but having it like this keeps open the possibility of optimizing SanitizeString to use something else than string.find() on every character.
Concept ACK. |
strSubVersion = FormatSubVersion(CLIENT_NAME, CLIENT_VERSION, mapMultiArgs.count("-uacomment") ? mapMultiArgs["-uacomment"] : std::vector<string>()); | ||
// sanitize comments per BIP-0014, format user agent and check total size | ||
std::vector<string> uacomments; | ||
BOOST_FOREACH(string cmt, mapMultiArgs["-uacomment"]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alternative: error out if SanitizeString(x) != x, instead of silently dropping characters
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Made it to return error~~, but I am thinking about using warnings instead for the whole uacomment thing.~~
afb1e38
to
dfafd6f
Compare
Force pushed changes requested in the comments. |
* SanitizeString() can be requested to be more strict * Throw error when SanitizeString() changes uacomments * Fix tests
dfafd6f
to
1c1b1b3
Compare
1c1b1b3 [uacomment] Sanitize per BIP-0014 (MarcoFalke)
Tested ACK |
Misc upstream PRs Cherry-picked from the following upstream PRs: - bitcoin/bitcoin#6077 - Second commit only (first was already applied to 0.11.X and then reverted) - bitcoin/bitcoin#6284 - bitcoin/bitcoin#6489 - bitcoin/bitcoin#6462 - bitcoin/bitcoin#6647 - bitcoin/bitcoin#6235 - bitcoin/bitcoin#6905 - bitcoin/bitcoin#6780 - Excluding second commit (QT) and third commit (requires bitcoin/bitcoin#6993) - bitcoin/bitcoin#6961 - Excluding QT parts, and a small `src/policy/policy.cpp` change which depends on a bunch of other PRs, which we'll have to remember to come back to. - bitcoin/bitcoin#7044 - bitcoin/bitcoin#8856 - bitcoin/bitcoin#9002 Part of #2074 and #2132.
SanitizeString()
can be requested to be more strictSanitizeString()
touacomment
s