foster/bitcoin-core
0
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-03-06 14:19:59 -05:00
Code Issues Activity
bitcoin-core/src
History
W. J. van der Laan 1884ce2f4c
Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 
6544ea5035 refactor: Block unsafe fs::path std::string conversion calls (Russell Yanofsky)
b39a477ec6 refactor: Add fs::PathToString, fs::PathFromString, u8string, u8path functions (Russell Yanofsky)

Pull request description:

  The `fs::path` class has a `std::string` constructor which will implicitly convert from strings. Implicit conversions like this are not great in general because they can hide complexity and inefficiencies in the code, but this case is especially bad, because after the transition from `boost::filesystem` to `std::filesystem` in #20744 the behavior of this constructor on windows will be more complicated and can mangle path strings. The `fs::path` class also has a `.string()` method which is inverse of the constructor and has the same problems.

  Fix this by replacing the unsafe method calls with `PathToString` and `PathFromString` function calls, and by forbidding unsafe method calls in the future.

ACKs for top commit:
  kiminuo:
    ACK 6544ea5035
  laanwj:
    Code review ACK 6544ea5035
  hebasto:
    re-ACK 6544ea5035, only added `fsbridge_stem` test case, updated comment, and rebased since my [previous](https://github.com/bitcoin/bitcoin/pull/22937#pullrequestreview-765503126) review. Verified with the following command:

Tree-SHA512: c36324740eb4ee55151146626166c00d5ccc4b6f3df777e75c112bcb4d1db436c1d9cc8c29a1e7fb96051457d317961ab42e6c380c3be2771d135771b2b49fa0
2021-10-15 10:01:56 +02:00
..
bench scripted-diff: Rename CAddrMan to AddrMan 2021-09-28 22:21:10 -04:00
compat compat: remove glibc_compat.cpp 2021-09-10 11:18:58 +08:00
config
consensus consensus: use <cstdint> over <stdint.h> in amount.h 2021-09-30 07:42:01 +08:00
crc32c Update crc32c subtree 2021-09-29 14:10:29 +02:00
crypto
index Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
init refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
interfaces Merge bitcoin/bitcoin#23003: multiprocess: Make interfaces::Chain::isTaprootActive non-const 2021-10-13 07:19:13 +02:00
ipc refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
leveldb
logging Make unexpected time type in BCLog::LogMsg() a compile-time error 2021-09-07 19:19:31 +02:00
node Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 2021-10-15 10:01:56 +02:00
policy refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
primitives [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
qt Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 2021-10-15 10:01:56 +02:00
rpc refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
script [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
secp256k1
support
test Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 2021-10-15 10:01:56 +02:00
univalue
util Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 2021-10-15 10:01:56 +02:00
wallet Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 2021-10-15 10:01:56 +02:00
zmq scripted-diff: Rename overloaded int GetArg to GetIntArg 2021-09-27 06:57:20 -04:00
.clang-format
.clang-tidy Enable clang-tidy bugprone-argument-comment and fix violations 2021-09-07 09:11:10 +02:00
addrdb.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
addrdb.h scripted-diff: Rename CAddrMan to AddrMan 2021-09-28 22:21:10 -04:00
addrman.cpp [style] Run changed files through clang formatter. 2021-09-28 22:21:10 -04:00
addrman.h [style] Run changed files through clang formatter. 2021-09-28 22:21:10 -04:00
addrman_impl.h [style] Run changed files through clang formatter. 2021-09-28 22:21:10 -04:00
arith_uint256.cpp
arith_uint256.h
attributes.h
banman.cpp
banman.h
base58.cpp
base58.h
bech32.cpp
bech32.h
bitcoin-cli-res.rc
bitcoin-cli.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
bitcoin-tx-res.rc
bitcoin-tx.cpp bitcoin-tx: Reject non-integral and out of range multisig numbers 2021-10-12 12:45:55 +02:00
bitcoin-util-res.rc
bitcoin-util.cpp
bitcoin-wallet-res.rc
bitcoin-wallet.cpp
bitcoind-res.rc
bitcoind.cpp Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
blockencodings.cpp
blockencodings.h
blockfilter.cpp
blockfilter.h
bloom.cpp bloom: cleanup includes 2021-09-29 09:48:36 +08:00
bloom.h bloom: cleanup includes 2021-09-29 09:48:36 +08:00
chain.cpp
chain.h chain: add BLOCK_ASSUMED_VALID for use with assumeutxo 2021-09-15 15:46:44 -04:00
chainparams.cpp doc: Remove un-actionable TODO from chainparams.cpp 2021-09-28 20:18:20 +02:00
chainparams.h
chainparamsbase.cpp test: Activate all regtest softforks at height 1, unless overridden 2021-09-16 18:53:04 +02:00
chainparamsbase.h
chainparamsseeds.h
checkqueue.h Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
clientversion.cpp
clientversion.h
coins.cpp
coins.h
compat.h
compressor.cpp
compressor.h
core_io.h [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
core_memusage.h
core_read.cpp bitcoin-tx: Avoid treating overflow as OP_0 2021-10-11 09:17:28 +02:00
core_write.cpp [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
cuckoocache.h
dbwrapper.cpp Merge bitcoin/bitcoin#22937: refactor: Forbid calling unsafe fs::path(std::string) constructor and fs::path::string() method 2021-10-15 10:01:56 +02:00
dbwrapper.h
deploymentinfo.cpp
deploymentinfo.h
deploymentstatus.cpp
deploymentstatus.h
dummywallet.cpp Remove -rescan startup parameter 2021-09-30 12:06:27 +13:00
external_signer.cpp
external_signer.h
flatfile.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
flatfile.h
fs.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
fs.h refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
hash.cpp refactor: use {Read,Write}BE32 helpers for BIP32 nChild (de)serialization 2021-10-05 23:53:33 +02:00
hash.h
httprpc.cpp
httprpc.h
httpserver.cpp Merge bitcoin/bitcoin#20487: Add syscall sandboxing using seccomp-bpf (Linux secure computing mode) 2021-10-04 22:45:43 +02:00
httpserver.h
i2p.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
i2p.h
indirectmap.h
init.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
init.h
key.cpp refactor: use {Read,Write}BE32 helpers for BIP32 nChild (de)serialization 2021-10-05 23:53:33 +02:00
key.h doc: Remove stale comment for CPrivKey 2021-09-16 21:16:39 +09:00
key_io.cpp
key_io.h
logging.cpp blockstorage: use debug log category 2021-10-11 21:45:49 +10:00
logging.h blockstorage: use debug log category 2021-10-11 21:45:49 +10:00
Makefile.am scripts: use LIEF for ELF checks in symbol-check.py 2021-10-12 08:36:15 +08:00
Makefile.bench.include
Makefile.crc32c.include build: remove support for weak linking getauxval() 2021-09-24 15:40:04 +08:00
Makefile.leveldb.include
Makefile.qt.include scripted-diff: Prefix makefile variables with QT_ 2021-10-13 21:09:54 +01:00
Makefile.qt_locale.include
Makefile.qttest.include
Makefile.test.include test: Add ParseMoney and ParseScript tests 2021-10-06 20:01:42 +02:00
Makefile.test_fuzz.include
Makefile.test_util.include move-only: unittest: add test/util/chainstate.h 2021-09-15 15:46:48 -04:00
mapport.cpp Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
mapport.h
memusage.h
merkleblock.cpp
merkleblock.h
miner.cpp [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
miner.h
net.cpp Merge bitcoin/bitcoin#22950: [p2p] Pimpl AddrMan to abstract implementation details 2021-10-05 16:48:33 +02:00
net.h Merge bitcoin/bitcoin#22950: [p2p] Pimpl AddrMan to abstract implementation details 2021-10-05 16:48:33 +02:00
net_permissions.cpp
net_permissions.h
net_processing.cpp Merge bitcoin/bitcoin#22950: [p2p] Pimpl AddrMan to abstract implementation details 2021-10-05 16:48:33 +02:00
net_processing.h scripted-diff: Rename CAddrMan to AddrMan 2021-09-28 22:21:10 -04:00
net_types.cpp
net_types.h
netaddress.cpp scripted-diff: Rename CAddrMan to AddrMan 2021-09-28 22:21:10 -04:00
netaddress.h scripted-diff: Rename CAddrMan to AddrMan 2021-09-28 22:21:10 -04:00
netbase.cpp Cleanup headers after #20788 2021-09-11 10:47:02 +03:00
netbase.h
netmessagemaker.h
noui.cpp
noui.h
outputtype.cpp
outputtype.h
pow.cpp
pow.h
prevector.h
protocol.cpp
protocol.h
psbt.cpp
psbt.h
pubkey.cpp refactor: use {Read,Write}BE32 helpers for BIP32 nChild (de)serialization 2021-10-05 23:53:33 +02:00
pubkey.h
random.cpp
random.h
randomenv.cpp build: remove support for weak linking getauxval() 2021-09-24 15:40:04 +08:00
randomenv.h
rest.cpp rest: Return error when header count is not integral 2021-10-12 09:10:19 +02:00
reverse_iterator.h
scheduler.cpp Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
scheduler.h
serialize.h
shutdown.cpp
shutdown.h
signet.cpp Enable clang-tidy bugprone-argument-comment and fix violations 2021-09-07 09:11:10 +02:00
signet.h
span.h
streams.h
sync.cpp log: Avoid broken DEBUG_LOCKORDER log 2021-09-29 18:46:30 +02:00
sync.h sync: inline lock contention logging macro to fix time duration 2021-09-06 23:43:51 +02:00
threadinterrupt.cpp
threadinterrupt.h
threadsafety.h
timedata.cpp scripted-diff: Rename overloaded int GetArg to GetIntArg 2021-09-27 06:57:20 -04:00
timedata.h
tinyformat.h
torcontrol.cpp refactor: Block unsafe fs::path std::string conversion calls 2021-10-05 11:10:47 -04:00
torcontrol.h
txdb.cpp scripted-diff: Rename overloaded int GetArg to GetIntArg 2021-09-27 06:57:20 -04:00
txdb.h
txmempool.cpp Use C++11 member initializer in CTxMemPoolEntry 2021-09-21 16:04:27 +02:00
txmempool.h [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
txorphanage.cpp
txorphanage.h
txrequest.cpp
txrequest.h
uint256.cpp
uint256.h
undo.h
validation.cpp validation: put coins cache write log into bench debug log 2021-10-11 21:45:49 +10:00
validation.h [MOVEONLY] consensus: move amount.h into consensus 2021-09-30 07:41:57 +08:00
validationinterface.cpp
validationinterface.h
version.h
versionbits.cpp
versionbits.h
walletinitinterface.h
warnings.cpp
warnings.h