diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2017-03-07 09:50:41 +0100 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2017-09-26 16:12:47 +0200 |
commit | 0cd9273fd959c6742574259d026039f7da0309a2 (patch) | |
tree | 575776245a1af0acffb9f22a987ef7bbf1d86eba /test/functional | |
parent | 94c9015bca861085f76ca3c045e17d0591aa6c8b (diff) |
rpc: Prevent `dumpwallet` from overwriting files
Prevent arbitrary files from being overwritten. There have been reports
that users have overwritten wallet files this way. It may also avoid
other security issues.
Fixes #9934. Adds mention to release notes and adds a test.
Diffstat (limited to 'test/functional')
-rwxr-xr-x | test/functional/wallet-dump.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/test/functional/wallet-dump.py b/test/functional/wallet-dump.py index e4757c8c03..12db95e5d9 100755 --- a/test/functional/wallet-dump.py +++ b/test/functional/wallet-dump.py @@ -7,7 +7,7 @@ import os from test_framework.test_framework import BitcoinTestFramework -from test_framework.util import assert_equal +from test_framework.util import (assert_equal, assert_raises_jsonrpc) def read_dump(file_name, addrs, hd_master_addr_old): @@ -105,5 +105,8 @@ class WalletDumpTest(BitcoinTestFramework): assert_equal(found_addr_chg, 90*2 + 50) # old reserve keys are marked as change now assert_equal(found_addr_rsv, 90*2) + # Overwriting should fail + assert_raises_jsonrpc(-8, "already exists", self.nodes[0].dumpwallet, tmpdir + "/node0/wallet.unencrypted.dump") + if __name__ == '__main__': WalletDumpTest().main () |