wallet: Remove trailing separators from -walletdir arg #14146
Conversation
|
|
PierreRochard
force-pushed
the
wallet-env-bug
branch
from
be3ebab to
7d641c6
Compare
Reviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
|
src/wallet/db.cpp
Outdated
There was a problem hiding this comment.
I would prefer the code down there. It might cause an infinity loop on Unix if the wallet filename is wallet\
while (fs::detail::is_directory_separator(env_directory.string().back())) {
env_directory.remove_trailing_separator();
}There was a problem hiding this comment.
Thank you, that's much cleaner, fixed!
promag
left a comment
promag
left a comment
There was a problem hiding this comment.
Move the path cleanup here?
bitcoin/src/wallet/walletutil.cpp
Line 12 in c39fa34
src/wallet/test/db_tests.cpp
Outdated
There was a problem hiding this comment.
nit, remove space after ++i.
src/wallet/test/db_tests.cpp
Outdated
There was a problem hiding this comment.
Use boost::filesystem::path::preferred_separator?
There was a problem hiding this comment.
@promag Not sure if you're aware, but anything boost::filesystem:: should use fs:: as is already being done here. See https://github.com/bitcoin/bitcoin/blob/master/src/fs.h.
There was a problem hiding this comment.
Yes, just wanted give full type for reference.
There was a problem hiding this comment.
Thank you, that's great, fixed!
You can take a look at appveyor CI. That might be helpful. |
fanquake
changed the title
PierreRochard
force-pushed
the
wallet-env-bug
branch
from
7d641c6 to
d129dba
Compare
PierreRochard
changed the title
|
Force push diff: PierreRochard@5a28a99 |
src/wallet/walletutil.cpp
Outdated
|
|
||
| // Ensure that the directory does not end with a trailing separator to avoid | ||
| // creating two Berkeley environments in the same directory | ||
| while (fs::detail::is_directory_separator(path.string().back())) { |
There was a problem hiding this comment.
I think you could add above:
if (gArgs.IsArgSet("-walletdir")) {
path = gArgs.GetArg("-walletdir", "");
boost::system::error_code error;
path = fs::canonical(path, error);
if (error || !fs::is_directory(path)) {
...fs::canonical checks if it exists and also cleans the path. For instance, locally calling canonical("/Users/promag/.///.//") gives /Users/promag.
There was a problem hiding this comment.
Ah fs::canonical is even better! What do you think about me adding this to WalletInit::Verify here and then gArgs.ForceSetArg with the new clean path?
That way we keep the error checking in one place and the path gets cleaned up once, rather than every time GetWalletDir is called.
There was a problem hiding this comment.
Sounds good, you could replace fs::exists with fs::canonical in
Line 182 in 465a583
There was a problem hiding this comment.
The nuance with that approach is that we want to avoid transforming a relative file path to an absolute one, per @ryanofsky's commit message there:
Specifying paths relative to the current working directory in a daemon process can be dangerous, because files can fail to be located even if the configuration doesn't change, but the daemon is started up differently.
I'm thinking to first check wallet_dir.is_absolute() and then use fs::canonical
src/wallet/test/walletutil_tests.cpp
Outdated
| { | ||
| fs::path expected_wallet_dir = SetDataDir("get_wallet_dir"); | ||
| std::string trailing_separators; | ||
| for (int i = 0; i < 4; ++i) { |
There was a problem hiding this comment.
I would add a couple of cases instead.
PierreRochard
force-pushed
the
wallet-env-bug
branch
from
d129dba to
a07e9e5
Compare
|
Took up @promag's excellent suggestion to clean up the path with |
PierreRochard
force-pushed
the
wallet-env-bug
branch
from
a07e9e5 to
ab3bf76
Compare
src/wallet/test/init_tests.cpp
Outdated
| #include <wallet/test/init_test_fixture.h> | ||
|
|
||
| #include <wallet/wallet.h> | ||
| #include <wallet/init.cpp> |
There was a problem hiding this comment.
Why this include cpp file?
There was a problem hiding this comment.
The WalletInit class was moved from the header file to the cpp file in this pull request #12836
Should I move it back or is there a bigger picture architectural issue that I'm not seeing?
There was a problem hiding this comment.
Include src/walletinitinterface.h?
There was a problem hiding this comment.
🤔 how would I create an instance of the WalletInit class to test its implementation of Verify?
(I'll take "read this book / article" as an answer if I'm out of my depth here haha)
There was a problem hiding this comment.
The program will find the implementation by C++ virtual method table?
There was a problem hiding this comment.
There is already an instance. Just replace the include.
There was a problem hiding this comment.
Ah ok, fixed, I added init.h as well as it has the global instance in it
|
|
| m_walletdir_path_cases["trailing"] = m_datadir / "wallets" / sep; | ||
| m_walletdir_path_cases["trailing2"] = m_datadir / "wallets" / sep / sep; | ||
|
|
||
|
|
src/wallet/test/init_tests.cpp
Outdated
| #include <wallet/test/init_test_fixture.h> | ||
|
|
||
| #include <wallet/wallet.h> | ||
| #include <wallet/init.cpp> |
There was a problem hiding this comment.
There is already an instance. Just replace the include.
PierreRochard
force-pushed
the
wallet-env-bug
branch
2 times, most recently
from
3f4d819 to
63fad10
Compare
|
I replaced the |
PierreRochard
force-pushed
the
wallet-env-bug
branch
from
63fad10 to
2d47163
Compare
|
I solved the problem on my local Windows machine, the fixture destructor was removing the current working directory - apparently this is ok on posix but not on Windows, force push diff: 6e2616d |
|
The unit tests is spamming error messages while running test_bitcoin. Would it confuse the user? |
It definitely could, I've actually been researching how to properly mock |
|
@PierreRochard Haven't tested, but can we use |
2d47163 wallet: Remove trailing separators from -walletdir arg (Pierre Rochard) ea3009e wallet: Add walletdir arg unit tests (Pierre Rochard) Pull request description: If a user passes in a path with a trailing separator as the `walletdir`, multiple BerkeleyEnvironments may be created in the same directory which can lead to data corruption. Discovered while reviewing #12493 (comment) Tree-SHA512: f2bbf1749d904fd3f326b88f2ead58c8386034355910906d7faea155d518642e9cd4ceb3cae272f2d9d8feb61f126523e1c97502799d24e4315bb53e49fd7c09
ryanofsky
left a comment
ryanofsky
left a comment
There was a problem hiding this comment.
utACK 2d47163. This fix looks like it does the right thing, but it seems like it would be cleaner and more obvious to do the canonicalization in the GetWalletDir() function rather than WalletInit::Verify().
In particular I don't like how GetWalletDir() can return the wrong result if it is called before WalletInit::Verify() and the right result after. Ideally GetWalletDir() would just return the same, canonical result all the time, and I'm curious if canonicalizing in GetWalletDir() wouldn't work for some reason.
Another more minor issue predating this PR is that WalletInit::Verify() does the is_absolute check after checking whether the directory exists, and so might access the filesystem with a path relative to the working directory. Since bitcoind is a daemon, it's better if it can be agnostic to the working directory, and only access the filesystem with absolute paths (AbsPathForConfigVal util function is handy for this).
99d33a6 appveyor: Script improvement part II (Chun Kuan Lee) Pull request description: - decrease clone depth to 5 - Upgrade to python 3.7 that we can use `PYTHONUTF8` from PEP540. - Set clcache version to `v4.2.0` - Do not fetch the latest vcpkg package (The issue does not exist anymore) - Set test_bitcoin report sink and log sink to stdout and redirect stderr to NUL to drop confusing error messages that introduced by bitcoin#14146 - discard vcpkg, bench_bitcoin output - Set functional test `--failfast` flag - Make the log be as clear as possible. (Only ~100 lines) Tree-SHA512: e7e1f5c2698e8a5d15394edfb4b574508081e99ef4a353995f55657cb51e642567a128d6432a899ecae6f742494c143ac16e2e64df6c26e1e575421ee4a1df50
Due to the use of boost::filesystem::canonical(), the minimum required version of Boost is actually 1.48.0. Use of canonical was introduced in bitcoin#14146. See also Boost filesystem 1.48.0 release notes: https://github.com/boostorg/filesystem/blob/6b5e38134a336b6ea777cd8a69b6ae929819db7e/doc/release_history.html#L508
3562c15 build: set minimum required Boost to 1.48.0 (fanquake) Pull request description: Due to the use of [`boost::filesystem::canonical()`](https://github.com/bitcoin/bitcoin/blob/80aa83aa406447d9b0932301b37966a30d0e1b6e/src/wallet/load.cpp#L21), the minimum required version of Boost is actually 1.48.0. Use of canonical was introduced in #14146. See also [Boost filesystem 1.48.0 release notes](https://github.com/boostorg/filesystem/blob/6b5e38134a336b6ea777cd8a69b6ae929819db7e/doc/release_history.html#L508). Also discussed in #20080. ACKs for top commit: practicalswift: ACK 3562c15: correct is better than incorrect :) hebasto: ACK 3562c15, this is the status quo. Tree-SHA512: 1d2226c60accb8e2276e023120a72f070392a6c1d3db97fb23e7759c174984226f81fed6d94f3203ef663fb4b3648e65960aaf15ed718895b6673e3ebeb082bd
Due to the use of boost::filesystem::canonical(), the minimum required version of Boost is actually 1.48.0. Use of canonical was introduced in bitcoin#14146. See also Boost filesystem 1.48.0 release notes: https://github.com/boostorg/filesystem/blob/6b5e38134a336b6ea777cd8a69b6ae929819db7e/doc/release_history.html#L508 Github-Pull: bitcoin#20142 Rebased-From: 3562c15
Due to the use of boost::filesystem::canonical(), the minimum required version of Boost is actually 1.48.0. Use of canonical was introduced in bitcoin#14146. See also Boost filesystem 1.48.0 release notes: https://github.com/boostorg/filesystem/blob/6b5e38134a336b6ea777cd8a69b6ae929819db7e/doc/release_history.html#L508
99d33a6 appveyor: Script improvement part II (Chun Kuan Lee) Pull request description: - decrease clone depth to 5 - Upgrade to python 3.7 that we can use `PYTHONUTF8` from PEP540. - Set clcache version to `v4.2.0` - Do not fetch the latest vcpkg package (The issue does not exist anymore) - Set test_bitcoin report sink and log sink to stdout and redirect stderr to NUL to drop confusing error messages that introduced by bitcoin#14146 - discard vcpkg, bench_bitcoin output - Set functional test `--failfast` flag - Make the log be as clear as possible. (Only ~100 lines) Tree-SHA512: e7e1f5c2698e8a5d15394edfb4b574508081e99ef4a353995f55657cb51e642567a128d6432a899ecae6f742494c143ac16e2e64df6c26e1e575421ee4a1df50
…ir arg 2d47163 wallet: Remove trailing separators from -walletdir arg (Pierre Rochard) ea3009e wallet: Add walletdir arg unit tests (Pierre Rochard) Pull request description: If a user passes in a path with a trailing separator as the `walletdir`, multiple BerkeleyEnvironments may be created in the same directory which can lead to data corruption. Discovered while reviewing bitcoin#12493 (comment) Tree-SHA512: f2bbf1749d904fd3f326b88f2ead58c8386034355910906d7faea155d518642e9cd4ceb3cae272f2d9d8feb61f126523e1c97502799d24e4315bb53e49fd7c09
…ir arg 2d47163 wallet: Remove trailing separators from -walletdir arg (Pierre Rochard) ea3009e wallet: Add walletdir arg unit tests (Pierre Rochard) Pull request description: If a user passes in a path with a trailing separator as the `walletdir`, multiple BerkeleyEnvironments may be created in the same directory which can lead to data corruption. Discovered while reviewing bitcoin#12493 (comment) Tree-SHA512: f2bbf1749d904fd3f326b88f2ead58c8386034355910906d7faea155d518642e9cd4ceb3cae272f2d9d8feb61f126523e1c97502799d24e4315bb53e49fd7c09
…ir arg 2d47163 wallet: Remove trailing separators from -walletdir arg (Pierre Rochard) ea3009e wallet: Add walletdir arg unit tests (Pierre Rochard) Pull request description: If a user passes in a path with a trailing separator as the `walletdir`, multiple BerkeleyEnvironments may be created in the same directory which can lead to data corruption. Discovered while reviewing bitcoin#12493 (comment) Tree-SHA512: f2bbf1749d904fd3f326b88f2ead58c8386034355910906d7faea155d518642e9cd4ceb3cae272f2d9d8feb61f126523e1c97502799d24e4315bb53e49fd7c09
8 participants
If a user passes in a path with a trailing separator as the
walletdir, multiple BerkeleyEnvironments may be created in the same directory which can lead to data corruption.Discovered while reviewing #12493 (comment)