diff options
| author | Wladimir J. van der Laan <[email protected]> | 2014-10-20 11:25:54 +0200 |
|---|---|---|
| committer | Wladimir J. van der Laan <[email protected]> | 2014-10-20 11:36:40 +0200 |
| commit | 64ffc995d685cf8a53ef868572e835ce42269ec6 (patch) | |
| tree | 379c2207b7818d2d4b2359fbf6bf2fb48f98f164 /src/noui.cpp | |
| parent | Merge pull request #4468 (diff) | |
| parent | Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the me... (diff) | |
| download | discoin-64ffc995d685cf8a53ef868572e835ce42269ec6.tar.xz discoin-64ffc995d685cf8a53ef868572e835ce42269ec6.zip | |
Merge pull request #5095
d4746d5 Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log. (Mark Friedenbach)
Diffstat (limited to 'src/noui.cpp')
| -rw-r--r-- | src/noui.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/noui.cpp b/src/noui.cpp index f786a20db..8f3b0275b 100644 --- a/src/noui.cpp +++ b/src/noui.cpp @@ -14,6 +14,9 @@ static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style) { + bool fSecure = style & CClientUIInterface::SECURE; + style &= ~CClientUIInterface::SECURE; + std::string strCaption; // Check for usage of predefined caption switch (style) { @@ -30,7 +33,8 @@ static bool noui_ThreadSafeMessageBox(const std::string& message, const std::str strCaption += caption; // Use supplied caption (can be empty) } - LogPrintf("%s: %s\n", strCaption, message); + if (!fSecure) + LogPrintf("%s: %s\n", strCaption, message); fprintf(stderr, "%s: %s\n", strCaption.c_str(), message.c_str()); return false; } |