cryptogera/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-03-16 08:22:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

util: Filter control characters out of log messages

Browse Source 
Belts and suspenders: make sure outgoing log messages don't contain
potentially suspicious characters, such as terminal control codes.

This escapes control characters except newline ('\n') in C syntax.
It escapes instead of removes them to still allow for troubleshooting
issues where they accidentally end up in strings.

Github-Pull: #17095
Rebased-From: d7820a1250070f3640246ae497e049bee0b3516f
This commit is contained in:
Wladimir J. van der Laan 2019-10-10 13:25:08 +02:00 committed by fanquake
parent ac30fc4f59
commit 0b18ea6f57
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/logging.cpp
View File

@ -204,9 +204,32 @@ std::string BCLog::Logger::LogTimestampStr(const std::string &str)
return strStamped;
}
namespace BCLog {
/** Belts and suspenders: make sure outgoing log messages don't contain
* potentially suspicious characters, such as terminal control codes.
*
* This escapes control characters except newline ('\n') in C syntax.
* It escapes instead of removes them to still allow for troubleshooting
* issues where they accidentally end up in strings.
*/
std::string LogEscapeMessage(const std::string& str) {
std::string ret;
for (char ch_in : str) {
uint8_t ch = (uint8_t)ch_in;
if ((ch >= 32 || ch == '\n') && ch != '\x7f') {
ret += ch_in;
} else {
ret += strprintf("\\x%02x", ch);
}
}
return ret;
}
}
void BCLog::Logger::LogPrintStr(const std::string &str)
{
std::string strTimestamped = LogTimestampStr(str);
std::string strEscaped = LogEscapeMessage(str);
std::string strTimestamped = LogTimestampStr(strEscaped);
if (m_print_to_console) {
// print to console

18
src/test/util_tests.cpp
View File

@ -21,6 +21,11 @@
#include <boost/test/unit_test.hpp>
/* defined in logging.cpp */
namespace BCLog {
std::string LogEscapeMessage(const std::string& str);
}
BOOST_FIXTURE_TEST_SUITE(util_tests, BasicTestingSetup)
BOOST_AUTO_TEST_CASE(util_criticalsection)
@ -1256,4 +1261,17 @@ BOOST_AUTO_TEST_CASE(test_Capitalize)
BOOST_CHECK_EQUAL(Capitalize("\x00\xfe\xff"), "\x00\xfe\xff");
}
BOOST_AUTO_TEST_CASE(test_LogEscapeMessage)
{
// ASCII and UTF-8 must pass through unaltered.
BOOST_CHECK_EQUAL(BCLog::LogEscapeMessage("Valid log message貓"), "Valid log message貓");
// Newlines must pass through unaltered.
BOOST_CHECK_EQUAL(BCLog::LogEscapeMessage("Message\n with newlines\n"), "Message\n with newlines\n");
// Other control characters are escaped in C syntax.
BOOST_CHECK_EQUAL(BCLog::LogEscapeMessage("\x01\x7f Corrupted log message\x0d"), R"(\x01\x7f Corrupted log message\x0d)");
// Embedded NULL characters are escaped too.
const std::string NUL("O\x00O", 3);
BOOST_CHECK_EQUAL(BCLog::LogEscapeMessage(NUL), R"(O\x00O)");
}
BOOST_AUTO_TEST_SUITE_END()