From d83c49287f880f08bf699d0ac357ac172583b3d9 Mon Sep 17 00:00:00 2001 From: evoskuil Date: Wed, 4 Mar 2026 12:51:04 -0500 Subject: [PATCH 1/2] Don't move const. --- src/net/proxy.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/net/proxy.cpp b/src/net/proxy.cpp index c59294b34..d9f0defec 100644 --- a/src/net/proxy.cpp +++ b/src/net/proxy.cpp @@ -272,7 +272,7 @@ void proxy::do_write(const asio::const_buffer& payload, } const auto started = !queue_.empty(); - queue_.push_back(std::make_pair(payload, std::move(handler))); + queue_.push_back(std::make_pair(payload, handler)); total_ = ceilinged_add(total_.load(), payload.size()); backlog_ = ceilinged_add(backlog_.load(), payload.size()); From 0c08a33e840cd204dfd709aa88992341af4be8d6 Mon Sep 17 00:00:00 2001 From: evoskuil Date: Wed, 4 Mar 2026 15:22:58 -0500 Subject: [PATCH 2/2] Sanitize peer user agent string before logging. --- src/channels/channel_peer.cpp | 1 + src/protocols/protocol_version_106.cpp | 23 ++++++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/src/channels/channel_peer.cpp b/src/channels/channel_peer.cpp index 699594fc7..1cfe6a3f1 100644 --- a/src/channels/channel_peer.cpp +++ b/src/channels/channel_peer.cpp @@ -120,6 +120,7 @@ bool channel_peer::is_handshaked() const NOEXCEPT return !is_null(peer_version_); } +// peer_version_->user_agent is not sanitized here. version::cptr channel_peer::peer_version() const NOEXCEPT { // peer_version_ defaults to nullptr, which implies not handshaked. diff --git a/src/protocols/protocol_version_106.cpp b/src/protocols/protocol_version_106.cpp index c7b496650..20a1c334d 100644 --- a/src/protocols/protocol_version_106.cpp +++ b/src/protocols/protocol_version_106.cpp @@ -285,6 +285,17 @@ minutes protocol_version_106::to_deviation(uint64_t timestamp) NOEXCEPT return std::chrono::duration_cast(time - now); } +static std::string escape_user_agent(const std::string& in) NOEXCEPT +{ + std::string out(in.size(), '*'); + std::transform(in.begin(), in.end(), out.begin(), [](char c) NOEXCEPT + { + return is_ascii_character(c) && !is_ascii_whitespace(c) ? c : '*'; + }); + + return out; +} + bool protocol_version_106::handle_receive_version(const code& ec, const version::cptr& message) NOEXCEPT { @@ -300,12 +311,14 @@ bool protocol_version_106::handle_receive_version(const code& ec, return false; } + const auto user_agent = escape_user_agent(message->user_agent); + // Filter out user agent spam. - auto user_agent = system::replace_copy(message->user_agent, - "(not-your-file-server)/Knots:", "/Sybil:"); - system::replace(user_agent, "(FutureBit-Apollo-Node)", "/FutureBit"); - system::replace(user_agent, "/Satoshi-BTF(BitcoinFinance)-Main-vSeventeen:", - "/BitcoinFinance:"); + ////user_agent = system::replace_copy(user_agent, + //// "(not-your-file-server)/Knots:", "/Sybil:"); + ////system::replace(user_agent, "(FutureBit-Apollo-Node)", "/FutureBit"); + ////system::replace(user_agent, "/Satoshi-BTF(BitcoinFinance)-Main-vSeventeen:", + //// "/BitcoinFinance:"); LOG_ONLY(const auto prefix = (inbound_ ? "Inbound" : "Outbound");) LOGN(prefix << " [" << opposite() << "] version (" << message->value