diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2012-10-12 03:09:05 +0200 |
---|---|---|
committer | Luke Dashjr <luke-jr+git@utopios.org> | 2012-10-20 23:29:07 +0000 |
commit | 49524859ca257fa785fc97122e5bdeb8bc73320e (patch) | |
tree | 75364603d3d40cd9679ac415918bab6d07435473 | |
parent | f9459ef91470563ee46279599135baad80470c4d (diff) |
Fix a use-after-free problem in initialization (#1920)
Don't store the result of c_str().
Luckily, this only affects logging, though it could crash or leak
sensitive data to the log in rare cases.
-rw-r--r-- | src/init.cpp | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/init.cpp b/src/init.cpp index bdddc631da..8a928218b2 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -440,7 +440,7 @@ bool AppInit2() // ********************************************************* Step 4: application initialization: dir lock, daemonize, pidfile, debug log - const char* pszDataDir = GetDataDir().string().c_str(); + std::string strDataDir = GetDataDir().string(); // Make sure only a single Bitcoin process is using the data directory. boost::filesystem::path pathLockFile = GetDataDir() / ".lock"; @@ -448,7 +448,7 @@ bool AppInit2() if (file) fclose(file); static boost::interprocess::file_lock lock(pathLockFile.string().c_str()); if (!lock.try_lock()) - return InitError(strprintf(_("Cannot obtain a lock on data directory %s. Bitcoin is probably already running."), pszDataDir)); + return InitError(strprintf(_("Cannot obtain a lock on data directory %s. Bitcoin is probably already running."), strDataDir.c_str())); #if !defined(WIN32) && !defined(QT_GUI) if (fDaemon) @@ -480,7 +480,7 @@ bool AppInit2() if (!fLogTimestamps) printf("Startup time: %s\n", DateTimeStrFormat("%x %H:%M:%S", GetTime()).c_str()); printf("Default data directory %s\n", GetDefaultDataDir().string().c_str()); - printf("Used data directory %s\n", pszDataDir); + printf("Used data directory %s\n", strDataDir.c_str()); std::ostringstream strErrors; if (fDaemon) @@ -496,7 +496,7 @@ bool AppInit2() { string msg = strprintf(_("Error initializing database environment %s!" " To recover, BACKUP THAT DIRECTORY, then remove" - " everything from it except for wallet.dat."), pszDataDir); + " everything from it except for wallet.dat."), strDataDir.c_str()); return InitError(msg); } @@ -515,7 +515,7 @@ bool AppInit2() string msg = strprintf(_("Warning: wallet.dat corrupt, data salvaged!" " Original wallet.dat saved as wallet.{timestamp}.bak in %s; if" " your balance or transactions are incorrect you should" - " restore from a backup."), pszDataDir); + " restore from a backup."), strDataDir.c_str()); uiInterface.ThreadSafeMessageBox(msg, _("Bitcoin"), CClientUIInterface::OK | CClientUIInterface::ICON_EXCLAMATION | CClientUIInterface::MODAL); } if (r == CDBEnv::RECOVER_FAIL) @@ -634,7 +634,7 @@ bool AppInit2() { string msg = strprintf(_("Error initializing database environment %s!" " To recover, BACKUP THAT DIRECTORY, then remove" - " everything from it except for wallet.dat."), pszDataDir); + " everything from it except for wallet.dat."), strDataDir.c_str()); return InitError(msg); } |