Qt/RPCConsole: Don't store commands with potentially sensitive inform…

…ation in the history Filters importprivkey, signrawtransaction, walletpassphrase, walletpassphrasechange, and encryptwallet
jorzhikgit · Dec 29, 2016 · 9044908 · 9044908
1 parent fc95daa
commit 9044908
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 9 deletions.
diff --git a/src/qt/rpcconsole.cpp b/src/qt/rpcconsole.cpp
@@ -63,6 +63,14 @@ const struct {
     {NULL, NULL}
 };
 
+// don't add private key handling cmd's to the history
+const QStringList RPCConsole::historyFilter = QStringList()
+    << "importprivkey"
+    << "signrawtransaction"
+    << "walletpassphrase"
+    << "walletpassphrasechange"
+    << "encryptwallet";
+
 /* Object for executing console RPC commands in a separate thread.
 */
 class RPCExecutor : public QObject
@@ -755,15 +763,26 @@ void RPCConsole::on_lineEdit_returnPressed()
 
         message(CMD_REQUEST, cmd);
         Q_EMIT cmdRequest(cmd);
-        // Remove command, if already in history
-        history.removeOne(cmd);
-        // Append command to history
-        history.append(cmd);
-        // Enforce maximum history size
-        while(history.size() > CONSOLE_HISTORY)
-            history.removeFirst();
-        // Set pointer to end of history
-        historyPtr = history.size();
+
+        bool storeHistory = true;
+        Q_FOREACH(QString unallowedCmd, historyFilter)
+        {
+            if (cmd.trimmed().startsWith(unallowedCmd))
+                storeHistory = false; break;
+        }
+
+        if (storeHistory)
+        {
+            // Remove command, if already in history
+            history.removeOne(cmd);
+            // Append command to history
+            history.append(cmd);
+            // Enforce maximum history size
+            while(history.size() > CONSOLE_HISTORY)
+                history.removeFirst();
+            // Set pointer to end of history
+            historyPtr = history.size();
+        }
         // Scroll console view to end
         scrollToEnd();
     }

diff --git a/src/qt/rpcconsole.h b/src/qt/rpcconsole.h
@@ -140,6 +140,7 @@ public Q_SLOTS:
     ClientModel *clientModel;
     QStringList history;
     int historyPtr;
+    const static QStringList historyFilter;
     QString cmdBeforeBrowsing;
     QList<NodeId> cachedNodeids;
     const PlatformStyle *platformStyle;