From a946aa8d3ec7009ac670eeb65a525efe5eeb6e84 Mon Sep 17 00:00:00 2001
From: Mike Hearn <hearn@google.com>
Date: Tue, 26 Nov 2013 12:52:21 +0100
Subject: Store and use a sanitized subVer

---
 src/rpcnet.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/rpcnet.cpp')

diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp
index 9f8dea80b0..8f0df798b4 100644
--- a/src/rpcnet.cpp
+++ b/src/rpcnet.cpp
@@ -126,7 +126,10 @@ Value getpeerinfo(const Array& params, bool fHelp)
         if (stats.dPingWait > 0.0)
             obj.push_back(Pair("pingwait", stats.dPingWait));
         obj.push_back(Pair("version", stats.nVersion));
-        obj.push_back(Pair("subver", stats.strSubVer));
+        // Use the sanitized form of subver here, to avoid tricksy remote peers from
+        // corrupting or modifiying the JSON output by putting special characters in
+        // their ver message.
+        obj.push_back(Pair("subver", stats.cleanSubVer));
         obj.push_back(Pair("inbound", stats.fInbound));
         obj.push_back(Pair("startingheight", stats.nStartingHeight));
         obj.push_back(Pair("banscore", stats.nMisbehavior));
-- 
cgit v1.2.3