Commit Graph

44 Commits

Author SHA1 Message Date
PastaPastaPasta
d64b7229cd
chore: bump copyrights (#4873)
* chore: bump copyright in configure.ac

* chore: bump copyright via copyright_header.py

ran command `python3 contrib/devtools/copyright_header.py update .`
2022-06-08 02:36:46 +03:00
Wladimir J. van der Laan
0d59e4d5f8 Merge #14922: windows: Set _WIN32_WINNT to 0x0601 (Windows 7)
0164b0f5cf80cd00a4914d9fea0bcb9508cb7607 build: Remove WINVER pre define in Makefile.leveldb.inlcude (Chun Kuan Lee)
d0522ec94ebbaa564f5f6b31236d4df032664411 Drop defunct Windows compat fixes (Ben Woosley)
d8a299206780b38959d732cbe40ba1dd25834f0e windows: Call SetProcessDEPPolicy directly (Chun Kuan Lee)
1bd9ffdd44000b208d29d35451f4dc9f1ac9318f windows: Set _WIN32_WINNT to 0x0601 (Windows 7) (Chun Kuan Lee)

Pull request description:

  The current minimum support Windows version is Vista. So set it to 0x0600
  5a88def8ad/mingw-w64-headers/include/sdkddkver.h (L19)

Tree-SHA512: 38e2afc79426ae547131c8ad3db2e0a7f54a95512f341cfa0c06e4b2fe79521ae67d2795ef96b0192e683e4f1ba6183c010d7b4b8d6b3e68b9bf48c374c59e7d
2022-03-04 23:38:33 -05:00
PastaPastaPasta
cd29362eea
Merge bitcoin#23181: refactor: remove references to deprecated values under std::allocator (#4534)
* Merge bitcoin/bitcoin#23181: refactor: remove references to deprecated values under std::allocator

ea4b61a1570178ebe5851b5fb4065222e3926f7e refactor: remove references to deprecated values under std::allocator (Pasta)

Pull request description:

  Removes usages of allocator::pointer, allocator::const_pointer, allocator::reference and allocator::const_reference which are deprecated in c++17 and **removed** in c++20. See https://en.cppreference.com/w/cpp/memory/allocator

  Also prefers `using` over `typedef` see: https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rt-using I'll be happy to revert this if requested so

ACKs for top commit:
  laanwj:
    Re-ACK ea4b61a1570178ebe5851b5fb4065222e3926f7e

Tree-SHA512: 9353e47a7de27bcd91b341eb2d832318b51fce9f508fcc791f05c02c5a160f430f4e7214e76f4b3e29639750d311c679789d8b7409255b13637391e4575c9ebe

* extend 23181

Co-authored-by: W. J. van der Laan <laanwj@protonmail.com>
2021-10-23 19:26:55 +03:00
PastaPastaPasta
e2d12d184e
Use make_unique instead of using new (#4502)
Signed-off-by: pasta <pasta@dashboost.org>
2021-10-11 20:11:42 +03:00
MarcoFalke
41494eea70
Merge #13954: Warn (don't fail!) on spelling errors. Fix typos reported by codespell.
f8a81f73ac lint: Add spell check linter (codespell) (practicalswift)
ada356208e Fix typos reported by codespell (practicalswift)

Pull request description:

  * Check for common misspellings using `codespell`.
  * Fix recently introduced typos reported by `codespell`.

Tree-SHA512: 9974c0e640b411c7d0ebc5b45de253c19bac7fe3002cd98601ff8da8db584224c2fd7d331aee3df612c9f2cfef540d647a9b4c5a1a73fd208dc93ce4bf9e5e3e
2021-07-19 12:51:24 -05:00
UdjinM6
886024ba25
Merge pull request #4203 from UdjinM6/pr4196
ci: Add `--enable-werror` to arm and c++17 builds (and fix all issues found via these builds)
2021-07-17 02:37:07 +03:00
Wladimir J. van der Laan
b566c464ed Merge #18443: lockedpool: avoid sensitive data in core files (FreeBSD)
f85203097f78d9daa1d35c4097a80beab31da2a4 lockedpool: avoid sensitive data in core files (FreeBSD) (Vasil Dimov)

Pull request description:

  This is a followup to
  23991ee53 / https://github.com/bitcoin/bitcoin/pull/15600
  to also use madvise(2) on FreeBSD to avoid sensitive data allocated
  with secure_allocator ending up in core files in addition to preventing
  it from going to the swap.

ACKs for top commit:
  sipa:
    ACK f85203097f78d9daa1d35c4097a80beab31da2a4 if someone verifies this works as intended on *BSD.
  laanwj:
    ACK f85203097f78d9daa1d35c4097a80beab31da2a4
  practicalswift:
    Code-review ACK f85203097f78d9daa1d35c4097a80beab31da2a4 assuming a reviewer with FreeBSD access verifies that the PR goal is achieved :)

Tree-SHA512: 2e6d4ab6a9fbe18732c8ba530eacc17f58128c97140758b80c905b5b838922a2bcaa5f9abc45ab69d5a1a2baa0cba322f006048b60a877228e089c7e64dadd2a
2021-07-15 13:26:07 -05:00
Wladimir J. van der Laan
8e8048e1c3 Merge #15600: lockedpool: When possible, use madvise to avoid including sensitive information in core dumps
d831831822885717e9841f1ff67c19add566fa45 lockedpool: When possible, use madvise to avoid including sensitive information in core dumps (Luke Dashjr)

Pull request description:

  If we're mlocking something, it's because it's sensitive information. Therefore, don't include it in core dump files, ~~and unmap it from forked processes~~.

  The return value is not checked because the madvise calls might fail on older kernels as a rule (unsure).

ACKs for top commit:
  practicalswift:
    Code review ACK d831831822885717e9841f1ff67c19add566fa45 -- patch looks correct
  laanwj:
    ACK d831831822885717e9841f1ff67c19add566fa45
  jonatack:
    ACK d831831822885717e9841f1ff67c19add566fa45
  vasild:
    ACK d831831822885717e9841f1ff67c19add566fa45

Tree-SHA512: 9a6c1fef126a4bbee0698bfed5a01233460fbcc86380d984e80dfbdfbed3744fef74527a8e3439ea226167992cff9d3ffa8f2d4dbd5ae96ebe0c12f3eee0eb9e
2021-07-13 21:19:48 -05:00
UdjinM6
a18707e397
Remove/fix unused variables 2021-07-13 19:43:30 +03:00
Wladimir J. van der Laan
6fd162e296 Merge #16158: Fix logic of memory_cleanse() on MSVC and clean up docs
f53a70ce95231d34bb14cd6c58503927e8d7ff59 Improve documentation of memory_cleanse() (Tim Ruffing)
cac30a436cab3641bba3b774d3d3ddbc426e7908 Clean up logic in memory_cleanse() for MSVC (Tim Ruffing)

Pull request description:

  When working on https://github.com/bitcoin-core/secp256k1/issues/185, I noticed that the logic in memory_cleanse(), which is supposed to clear memory securely, is weird on MSVC. While it's correct, it's at least a code smell because the code clears the memory twice on MSVC. This weirdness was introduced by #11558.

  This PR fixes the logic on MSVC and also improves the docs around this function. Best reviewed in individual commits, see the commit messages for more rationale. The second commit touches only comments.

ACKs for top commit:
  practicalswift:
    utACK f53a70ce95231d34bb14cd6c58503927e8d7ff59 :-)
  laanwj:
    code review ACK f53a70ce95231d34bb14cd6c58503927e8d7ff59

Tree-SHA512: 1c2fd98ae62b34b3e6e59d1178b293af969a9e06cbb7df02a699ce8802f145a336f72edb178c520e3ecec81f7e8083828f90a5ba6367d966a2c7d7c0dd6c0475
2021-07-12 20:16:37 -05:00
Wladimir J. van der Laan
461a6c0eb1
Merge #15117: Fix invalid memory write in case of failing mmap(...) in PosixLockedPageAllocator::AllocateLocked
ca126d490b0ff6960e135f3c77b2b2d4892a5744 Fix out-of-bounds write in case of failing mmap(...) in PosixLockedPageAllocator::AllocateLocked (practicalswift)

Pull request description:

  `mmap(...)` returns `MAP_FAILED` (`(void *) -1`) in case of allocation failure.

  `PosixLockedPageAllocator::AllocateLocked(...)` did not check for allocation failures prior to this PR.

  Instead the invalid memory address `(void *) -1` (`0xffffffffffffffff`) was passed to the caller as if it was a valid address.

  After some operations the address is wrapped around from `0xffffffffffffffff` to `0x00000003ffdf` (`0xffffffffffffffff + 262112 == 0x00000003ffdf`);

  The resulting address `0x00000003ffdf` is then written to.

  Before this patch (with failing `mmap` call):

  ```
  $ src/bitcoind
  …
  2019-01-06T16:28:14Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
  2019-01-06T16:28:14Z Using RdRand as an additional entropy source
  Segmentation fault (core dumped)
  ```

  Before this patch (under `valgrind` with failing `mmap` call):

  ```
  $ valgrind src/bitcoind
  …
  2019-01-06T16:28:51Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
  ==17812== Invalid write of size 1
  ==17812==    at 0x500B7E: void __gnu_cxx::new_allocator<unsigned char>::construct<unsigned char>(unsigned char*) (new_allocator.h:136)
  ==17812==    by 0x500B52: _ZNSt16allocator_traitsI16secure_allocatorIhEE12_S_constructIhJEEENSt9enable_ifIXsr6__and_INS2_18__construct_helperIT_JDpT0_EE4typeEEE5valueEvE4typeERS1_PS6_DpOS7_ (alloc_traits.h:243)
  ==17812==    by 0x500B22: _ZNSt16allocator_traitsI16secure_allocatorIhEE9constructIhJEEEDTcl12_S_constructfp_fp0_spclsr3stdE7forwardIT0_Efp1_EEERS1_PT_DpOS4_ (alloc_traits.h:344)
  ==17812==    by 0x500982: unsigned char* std::__uninitialized_default_n_a<unsigned char*, unsigned long, secure_allocator<unsigned char> >(unsigned char*, unsigned long, secure_allocator<unsigned char>&) (stl_uninitialized.h:631)
  ==17812==    by 0x60BFC2: std::vector<unsigned char, secure_allocator<unsigned char> >::_M_default_initialize(unsigned long) (stl_vector.h:1347)
  ==17812==    by 0x60BD86: std::vector<unsigned char, secure_allocator<unsigned char> >::vector(unsigned long, secure_allocator<unsigned char> const&) (stl_vector.h:285)
  ==17812==    by 0x60BB55: ECC_Start() (key.cpp:351)
  ==17812==    by 0x16AC90: AppInitSanityChecks() (init.cpp:1162)
  ==17812==    by 0x15BAC9: AppInit(int, char**) (bitcoind.cpp:138)
  ==17812==    by 0x15B6C8: main (bitcoind.cpp:201)
  ==17812==  Address 0x3ffdf is not stack'd, malloc'd or (recently) free'd
  …
  Segmentation fault (core dumped)
  ```

  After this patch (with failing `mmap` call):

  ```
  $ src/bitcoind
  …
  2019-01-06T15:50:18Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
  2019-01-06T15:50:18Z Using RdRand as an additional entropy source
  2019-01-06T15:50:18Z

  ************************
  EXCEPTION: St9bad_alloc
  std::bad_alloc
  bitcoin in AppInit()

  ************************
  EXCEPTION: St9bad_alloc
  std::bad_alloc
  bitcoin in AppInit()

  2019-01-06T15:50:18Z Shutdown: In progress...
  2019-01-06T15:50:18Z Shutdown: done
  ```

  To simulate the failing `mmap` call apply the following to `master`:

  ```diff
  diff --git a/src/support/lockedpool.cpp b/src/support/lockedpool.cpp
  index 8d577cf52..ce79e569b 100644
  --- a/src/support/lockedpool.cpp
  +++ b/src/support/lockedpool.cpp
  @@ -247,7 +247,8 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess)
   {
       void *addr;
       len = align_up(len, page_size);
  -    addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
  +    // addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
  +    addr = MAP_FAILED;
       if (addr) {
           *lockingSuccess = mlock(addr, len) == 0;
       }
  ```

Tree-SHA512: 66947f5fc0fbb19afb3e1edbd51df07df9d16b77018cff3d48d30f378a53d6a0dc62bc36622b3966b7e374e61edbcca114ef4ac8ae8d725022c1a597edcbf7c7
2021-06-28 13:40:52 -05:00
MarcoFalke
7475782bc0
Merge #13163: Make it clear which functions that are intended to be translation unit local
c3f34d06be Make it clear which functions that are intended to be translation unit local (practicalswift)

Pull request description:

  Make it clear which functions that are intended to be translation unit local.

  Do not share functions that are meant to be translation unit local with other translation units. Use internal linkage for those consistently.

Tree-SHA512: 05eebd233d5cfbf6116724eec3a99b465bf534ca220f2b6f5e56341a7da41387454d3cb6ceadd8ab6714a5df94069e4ad0dcab8801ccc7e8949be7199a19fb53
2021-05-25 14:09:36 +03:00
PastaPastaPasta
c5b919d084
Update copyright (#4115)
* run: `python3 contrib/devtools/copyright_header.py update .`

* bump copyright year
2021-04-20 22:33:02 +03:00
fanquake
bedce7256a
Merge #16161: util: Fix compilation errors in support/lockedpool.cpp
30fb598737f6efb7802d707a1fa989872e7f8b7b Fix segfault in allocator_tests/arena_tests (Jeffrey Czyz)
15c84f53f47bf6e6a9c4c9dfe50c78d98f7ec07f Define ARENA_DEBUG in Travis test runs (Jeffrey Czyz)
ad715488222f2f2ce2e2cff632eae94fd49ea9c5 Fix compilation errors in support/lockedpool.cpp (Jeffrey Czyz)

Pull request description:

  Changes in #12048 cause a compilation error in Arena::walk() when
  ARENA_DEBUG is defined. Specifically, Arena's chunks_free map was
  changed to have a different value type.

  Additionally, missing includes cause other compilation errors when
  ARENA_DEBUG is defined.

  Reproduced with:

  make CPPFLAGS=-DARENA_DEBUG

ACKs for top commit:
  laanwj:
    ACK 30fb598737f6efb7802d707a1fa989872e7f8b7b
  fanquake:
    ACK 30fb598737f6efb7802d707a1fa989872e7f8b7b - thanks for following up jkczyz.

Tree-SHA512: 4eec368a4e9c67e4e2a27bc05608a807c2892d50c60d06ed21490cd274c0369f9671bc05b3006acc2a193316caf4896454c9c299603bfed29bd488f1987ec446
2020-10-26 20:35:28 -04:00
Wladimir J. van der Laan
162bba0a6c
Merge #12048: Use best-fit strategy in Arena, now O(log(n)) instead O(n)
5fbf7c4 fix nits: variable naming, typos (Martin Ankerl)
1e0ee90 Use best-fit strategy in Arena, now O(log(n)) instead O(n) (Martin Ankerl)

Pull request description:

  This replaces the first-fit algorithm used in the Arena with a best-fit. According to "Dynamic Storage Allocation: A Survey and Critical Review", Wilson et. al. 1995, http://www.scs.stanford.edu/14wi-cs140/sched/readings/wilson.pdf, both startegies work well in practice.

  The advantage of using best-fit is that we can switch the O(n) allocation to O(log(n)). Additionally, some previously O(log(n)) operations are now O(1) operations by using hash maps. The end effect is that the benchmark runs about 2.5 times faster on my machine:

      # Benchmark, evals, iterations, total, min, max, median
      old: BenchLockedPool, 5, 530, 5.25749, 0.00196938, 0.00199755, 0.00198172
      new: BenchLockedPool, 5, 1300, 5.11313, 0.000781493, 0.000793314, 0.00078606

  I've run all unit tests and benchmarks, and increased the number of iterations so that BenchLockedPool takes about 5 seconds again.

Tree-SHA512: 6551e384671f93f10c60df530a29a1954bd265cc305411f665a8756525e5afe2873a8032c797d00b6e8c07e16d9827465d0b662875433147381474a44119ccce
2020-10-22 11:36:39 -04:00
MarcoFalke
005d241fea Merge #11878: Add Travis check for duplicate includes
c36b720d00 Add Travis check for duplicate includes (practicalswift)
280023f31d Remove duplicate includes (practicalswift)

Pull request description:

  This enforces parts of the project header include guidelines (added by @sipa in #10575).

  Example run:

  ```
  $ git diff
  diff --git a/src/warnings.cpp b/src/warnings.cpp
  index c52a1fd..d8994dd 100644
  --- a/src/warnings.cpp
  +++ b/src/warnings.cpp
  @@ -5,6 +5,8 @@

   #include <sync.h>
   #include <clientversion.h>
  +#include <string>
   #include <util.h>
   #include <warnings.h>
  +#include <util.h>

  diff --git a/src/warnings.h b/src/warnings.h
  index e8e982c..8d2252e 100644
  --- a/src/warnings.h
  +++ b/src/warnings.h
  @@ -7,6 +7,7 @@
   #define BITCOIN_WARNINGS_H

   #include <stdlib.h>
   #include <string>
  +#include <stdlib.h>

   void SetMiscWarning(const std::string& strWarning);
  $ contrib/devtools/lint-includes.sh
  Duplicate include(s) in src/warnings.h:
  #include <stdlib.h>

  Include(s) from src/warnings.h duplicated in src/warnings.cpp:
  #include <string>

  Duplicate include(s) in src/warnings.cpp:
  #include <util.h>
  $ echo $?
  1
  $ git checkout .
  $ contrib/devtools/lint-includes.sh
  $ echo $?
  0
  ```

Tree-SHA512: f653d23c58ebc024dfc5b1fb8570698fd3c515c75b60b5cabbc43595548c488fca92349fa4c8b64460edbe61c879ff1d24f37f959e18552e202a7342460ddbf1
2020-07-01 20:12:03 -05:00
MarcoFalke
bb035972ee
Merge #12716: Fix typos and cleanup in various files
4d9b4256d8 Fix typos (Dimitris Apostolou)

Pull request description:

  Unfortunately I messed up my repo while trying to squash #12593 so I created a PR with just the correct fixes.

Tree-SHA512: 295d77b51bd2a9381f1802c263de7ffb2edd670d9647391e32f9a414705b3c8b483bb0e469a9b85ab6a70919ea13397fa8dfda2aea7a398b64b187f178fe6a06
Signed-off-by: pasta <pasta@dashboost.org>
2020-06-11 23:20:48 -05:00
Luke Dashjr
38ccf6f628
Bugfix: Include <memory> for std::unique_ptr 2020-04-08 11:46:27 -05:00
PastaPastaPasta
8a1ec935a0
Backport 11651 (#3358)
* scripted-diff: Replace #include "" with #include <> (ryanofsky)

-BEGIN VERIFY SCRIPT-
for f in \
  src/*.cpp \
  src/*.h \
  src/bench/*.cpp \
  src/bench/*.h \
  src/compat/*.cpp \
  src/compat/*.h \
  src/consensus/*.cpp \
  src/consensus/*.h \
  src/crypto/*.cpp \
  src/crypto/*.h \
  src/crypto/ctaes/*.h \
  src/policy/*.cpp \
  src/policy/*.h \
  src/primitives/*.cpp \
  src/primitives/*.h \
  src/qt/*.cpp \
  src/qt/*.h \
  src/qt/test/*.cpp \
  src/qt/test/*.h \
  src/rpc/*.cpp \
  src/rpc/*.h \
  src/script/*.cpp \
  src/script/*.h \
  src/support/*.cpp \
  src/support/*.h \
  src/support/allocators/*.h \
  src/test/*.cpp \
  src/test/*.h \
  src/wallet/*.cpp \
  src/wallet/*.h \
  src/wallet/test/*.cpp \
  src/wallet/test/*.h \
  src/zmq/*.cpp \
  src/zmq/*.h
do
  base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-

Signed-off-by: Pasta <pasta@dashboost.org>

* scripted-diff: Replace #include "" with #include <> (Dash Specific)

-BEGIN VERIFY SCRIPT-
for f in \
  src/bls/*.cpp \
  src/bls/*.h \
  src/evo/*.cpp \
  src/evo/*.h \
  src/governance/*.cpp \
  src/governance/*.h \
  src/llmq/*.cpp \
  src/llmq/*.h \
  src/masternode/*.cpp \
  src/masternode/*.h \
  src/privatesend/*.cpp \
  src/privatesend/*.h
do
  base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-

Signed-off-by: Pasta <pasta@dashboost.org>

* build: Remove -I for everything but project root

Remove -I from build system for everything but the project root,
and built-in dependencies.

Signed-off-by: Pasta <pasta@dashboost.org>

# Conflicts:
#	src/Makefile.test.include

* qt: refactor: Use absolute include paths in .ui files

* qt: refactor: Changes to make include paths absolute

This makes all include paths in the GUI absolute.

Many changes are involved as every single source file in
src/qt/ assumes to be able to use relative includes.

Signed-off-by: Pasta <pasta@dashboost.org>

# Conflicts:
#	src/qt/dash.cpp
#	src/qt/optionsmodel.cpp
#	src/qt/test/rpcnestedtests.cpp

* test: refactor: Use absolute include paths for test data files

* Recommend #include<> syntax in developer notes

* refactor: Include obj/build.h instead of build.h

* END BACKPORT #11651 Remove trailing whitespace causing travis failure

* fix backport 11651

Signed-off-by: Pasta <pasta@dashboost.org>

* More of 11651

* fix blockchain.cpp

Signed-off-by: pasta <pasta@dashboost.org>

* Add missing "qt/" in includes

* Add missing "test/" in includes

* Fix trailing whitespaces

Co-authored-by: Wladimir J. van der Laan <laanwj@gmail.com>
Co-authored-by: Russell Yanofsky <russ@yanofsky.org>
Co-authored-by: MeshCollider <dobsonsa68@gmail.com>
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
2020-03-20 01:46:56 +03:00
Wladimir J. van der Laan
39a8e20de6
Merge #11558: Minimal code changes to allow msvc compilation
fbf327b Minimal code changes to allow msvc compilation. (Aaron Clauson)

Pull request description:

  These changes are required to allow the Bitcoin source to build with Microsoft's C++ compiler (#11562 is also required).

  I looked around for a better place for the typedef of ssize_t which is in random.h. The best candidate looks like src/compat.h but I figured including that header in random.h is a bigger change than the typedef. Note that the same typedef is in at least two other places including the OpenSSL and Berkeley DB headers so some of the Bitcoin code already picks it up.

Tree-SHA512: aa6cc6283015e08ab074641f9abdc116c4dc58574dc90f75e7a5af4cc82946d3052370e5cbe855fb6180c00f8dc66997d3724ff0412e4b7417e51b6602154825
2020-02-27 09:51:33 -06:00
Pieter Wuille
d6c4485412 Merge #11351: Refactor: Modernize disallowed copy constructors/assignment
2a07f878a Refactor: Modernize disallowed copy constructors/assignment (Dan Raviv)

Pull request description:

  Use C++11's better capability of expressing an interface of a non-copyable class by publicly deleting its copy ctor and assignment operator instead of just declaring them private.

Tree-SHA512: 878f446be5a136bb2a90643aaeaca62948b575e6ef71ccc5b4b8f373e66f36ced00665128f36504e0ccfee639863d969329c4276154ef9f2a9de9137f0801e01
2020-01-11 18:22:25 -06:00
Wladimir J. van der Laan
fdf3f25a0a
Merge #10969: Declare single-argument (non-converting) constructors "explicit"
64fb0ac Declare single-argument (non-converting) constructors "explicit" (practicalswift)

Pull request description:

  Declare single-argument (non-converting) constructors `explicit`.

  In order to avoid unintended implicit conversions.

  For a more thorough discussion, see ["C.46: By default, declare single-argument constructors explicit"](http://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#c46-by-default-declare-single-argument-constructors-explicit) in the C++ Core Guidelines (Stroustrup & Sutter).

Tree-SHA512: e0c6922e56b11fa402621a38656d8b1122d16dd8f160e78626385373cf184ac7f26cb4c1851eca47e9b0dbd5e924e39a85c3cbdcb627a05ee3a655ecf5f7a0f1
2020-01-10 10:33:57 -06:00
MarcoFalke
6984c98882 Merge #10645: Use nullptr (C++11) instead of zero (0) as the null pointer constant
36d326e8b Use nullptr instead of zero (0) as the null pointer constant (practicalswift)

Pull request description:

  Use `nullptr` instead of zero (0) as the null pointer constant.

  The road towards `nullptr` (C++11) is split into two PRs:
  * `NULL` → `nullptr` is handled in PR #10483 (scripted)
  * `0` → `nullptr` is handled in PR #10645 (manual, this PR)

  By using the C++11 keyword `nullptr` we are guaranteed a prvalue of type `std::nullptr_t`.

  For a more thorough discussion, see "A name for the null pointer: nullptr" (Sutter &
  Stroustrup), http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2007/n2431.pdf

Tree-SHA512: 5412404b40a94ea2d9fc8f81573559c4ffe559749301d486b09d41a7a736345ad602d08ac590930bb00a49692b6075520cf3d543e4da6ccd5b29fa9bcc3f15ea
2020-01-02 22:01:28 -06:00
MarcoFalke
013de95158 Merge #10965: Replace deprecated throw() with noexcept specifier (C++11)
986255026 Use the noexcept specifier (C++11) instead of deprecated throw() (practicalswift)

Pull request description:

  Use the `noexcept` specifier (C++11) instead of deprecated `throw()`.

Tree-SHA512: cf9b6b18f61f2f59bbeceb2e43b5cd07a60f5e569c8def05c410cb72326d597c80cb731059969ef89fa5fddaae1242225886e6109fcb535c4ad62d56ebcdf1ea

throw() -> noexcept

Signed-off-by: Pasta <pasta@dashboost.org>
2020-01-02 22:01:25 -06:00
Pasta
1a0d52814e
#10483 scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal instead of the macro NULL
-BEGIN VERIFY SCRIPT-
sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h
sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp
sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp
sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp
sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp
sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp
-END VERIFY SCRIPT-

Signed-off-by: Pasta <pasta@dashboost.org>
2019-08-12 09:07:03 -05:00
Wladimir J. van der Laan
72fbee959b
Merge #11196: Switch memory_cleanse implementation to BoringSSL's to ensure memory clearing even with -lto
1444c2e Switch memory_cleanse implementation to BoringSSL's to ensure memory clearing even with link-time optimization. (Adam Langley)

Pull request description:

  The implementation we currently use from OpenSSL prevents the compiler from optimizing away clensing operations on blocks of memory that are about to be released, but this protection is not extended to link-time optimization. This commit copies the solution cooked up by Google compiler engineers which uses inline assembly directives to instruct the compiler not to optimize out the call under any circumstances. As the code is in-lined, this has the added advantage of removing one more OpenSSL dependency.

  Regarding license compatibility, Google's contributions to BoringSSL library, including this code, is made available under the ISC license, which is MIT compatible.

  BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f

Tree-SHA512: 8134998663c1501e3ce48fbbd6ab41de981f0855e3f4d25d2e86ff8056c917d82c751c88e9c39660319ebfbc8283dce594c3e4fc7f87080a212a2cdba57ea511
2019-07-23 09:14:28 -05:00
Wladimir J. van der Laan
9bcadebf77
Merge #10631: Use the override specifier (C++11) where we expect to be overriding the virtual function of a base class
aa95947 Use the override specifier (C++11) where we expect to be overriding the virtual function of a base class (practicalswift)

Tree-SHA512: 3835e9b4ceaa4b2db485a25dfa3e5fe50c2e3ecb22ca9d5331aed7728aa496d4378fb84c0a1a3c47b0adecc10a00bca99cc239cbaf94cf2ce5b4cda497db6023
2019-07-17 10:05:12 -05:00
Wladimir J. van der Laan
31f4a602a5
Merge #9517: [refactor] Switched httpserver.cpp to use RAII wrapped libevents.
1ae86ec Changed event RAII helper functions to inline to deal with duplicate symbol linker errors. (Karl-Johan Alm)
fd369d2 Switched httpserver.cpp to use RAII wrapped libevents. (Kalle Alm)

Tree-SHA512: 877e431f211024d42a3b0800e860e02833398611433e8393f8d5d4970f47f4bd670b900443678c067fec110c087aaab7dc1981ccbf17f6057676fdbbda89aed9
2019-07-11 10:34:46 -05:00
Wladimir J. van der Laan
3d3443b6a9
Merge #8808: Do not shadow variables (gcc set)
ad1ae7a Check and enable -Wshadow by default. (Pavel Janík)
9de90bb Do not shadow variables (gcc set) (Pavel Janík)

Tree-SHA512: 9517feb423dc8ddd63896016b25324673bfbe0bffa97f22996f59d7a3fcbdc2ebf2e43ac02bc067546f54e293e9b2f2514be145f867321e9031f895c063d9fb8
2019-02-01 00:41:12 -06:00
Alexander Block
d1debfc267
Implement mt_pooled_secure_allocator and use it for BLS secure allocation (#2375)
* Add pooled_secure_allocator and mt_pooled_secure_allocator

* Use mt_pooled_secure_allocator for BLS secure allocation

The old solution relied on thread-local-storage and was thus not compatible
to libc6 2.11 (which is the minimum supported version we use).

Also, the old solution turned out to be erroneous. It would have crashed
or memory leaked when ownership of CBLSPrivateKey would be handled over
to another thread.

* Add new header files to Makefile.am

* Fix copyright headers of new files

* Bail out early from secure deallocation

* Clean up global BLS keys when shutting down
2018-10-26 07:04:22 +02:00
Wladimir J. van der Laan
f7174fb655 Merge #10308: [wallet] Securely erase potentially sensitive keys/values
6c914ac [wallet] Securely erase potentially sensitive keys/values (Thomas Snider)

Tree-SHA512: 071d88c4093108d4e4eced35a6ffcebe3f499798194f5b1be661ffa5b78b5f55311667f6d2a72758d85290f61f958381ee95d380b9045ca18e9e1875f0e686c8
2018-01-26 12:59:29 +01:00
Wladimir J. van der Laan
718e6223b2 Merge #9387: [Refactor] RAII of libevent stuff using unique ptrs with deleters
05a55a6 Added EVENT_CFLAGS to test makefile to explicitly include libevent headers. (Karl-Johan Alm)
280a559 Added some simple tests for the RAII-style events. (Karl-Johan Alm)
7f7f102 Switched bitcoin-cli.cpp to use RAII unique pointers with deleters. (Karl-Johan Alm)
e5534d2 Added std::unique_ptr<> wrappers with deleters for libevent modules. (Karl-Johan Alm)
2018-01-18 07:33:44 +01:00
MarcoFalke
df24dfd4bc Merge #9233: Fix some typos
15fa95d Fix some typos (fsb4000)
2018-01-17 17:27:24 +01:00
Wladimir J. van der Laan
921730d97a Merge #9070: Lockedpool fixes
b3ddc5e LockedPool: avoid quadratic-time allocation (Kaz Wesley)
0b59f80 LockedPool: fix explosion for illegal-sized alloc (Kaz Wesley)
21b8f3d LockedPool: test handling of invalid allocations (Kaz Wesley)
2018-01-13 13:44:39 +01:00
Wladimir J. van der Laan
85c5aea08b Merge #9063: Do not shadow variable, use deprecated MAP_ANON if MAP_ANONYMOUS is not defined
4a9f3c5 Do not shadow variable, use deprecated MAP_ANON if MAP_ANONYMOUS is not defined. (Pavel Janík)
2018-01-13 13:44:39 +01:00
Wladimir J. van der Laan
bc3b9294e8 Merge #8753: Locked memory manager
444c673 bench: Add benchmark for lockedpool allocation/deallocation (Wladimir J. van der Laan)
6567999 rpc: Add `getmemoryinfo` call (Wladimir J. van der Laan)
4536148 support: Add LockedPool (Wladimir J. van der Laan)
f4d1fc2 wallet: Get rid of LockObject and UnlockObject calls in key.h (Wladimir J. van der Laan)
999e4c9 wallet: Change CCrypter to use vectors with secure allocator (Wladimir J. van der Laan)
2018-01-13 13:44:39 +01:00
Wladimir J. van der Laan
ec9de93aee Merge #8655: Do not shadow variables (trivials)
4731cab Do not shadow variables (Pavel Janík)
2018-01-11 13:22:22 +01:00
UdjinM6
27f3218de9 HD wallet (#1405)
* HD wallet

Minimal set of changes (no refactoring) backported from Bitcoin upstream to make HD wallets work in Dash 0.12.1.x+

* minimal bip44 (hardcoded account and change)

* minimal bip39

Additional cmd-line options for new wallet:
-mnemonic
-mnemonicpassphrase

* Do not recreate HD wallet on encryption

Adjusted keypool.py test

* Do not store any private keys for hd wallet besides the master one

Derive all keys on the fly.
Original idea/implementation - btc PR9298, backported and improved

* actually use bip39

* pbkdf2 test

* backport wallet-hd.py test

* Allow specifying hd seed, add dumphdseed rpc, fix bugs

- -hdseed cmd-line param to specify HD seed on wallet creation
- dumphdseed rpc to dump HD seed
- allow seed of any size
- fix dumpwallet rpc bug (wasn't decrypting HD seed)
- print HD seed and extended public masterkey on dumpwallet

* top up keypool on HD wallet encryption

* split HD chain: external/internal

* add missing cs_wallet lock in init.cpp

* fix `const char *` issues (use strings)

* default mnemonic passphrase is an empty string in all cases

* store mnemonic/mnemonicpassphrase

replace dumphdseed with dumphdinfo

* Add fCrypted flag to CHDChain

* prepare internal structures for multiple HD accounts

(plus some code cleanup)

* use secure allocator for storing sensitive HD data

* use secure strings for mnemonic(passphrase)

* small fix in GenerateNewHDChain

* use 24 words for mnemonic by default

* make sure mnemonic passphrase provided by user does not exceed 256 symbols

* more usage of secure allocators and memory_cleanse

* code cleanup

* rename: CSecureVector -> SecureVector

* add missing include

* fix warning in rpcdump.cpp

* refactor mnemonic_check (also fix a bug)

* move bip39 functions to CMnemonic

* Few fixes for CMnemonic:
- use `SecureVector` for data, bits, seed
- `Check` should return bool

* init vectors with desired size where possible
2017-05-29 14:51:40 +03:00
UdjinM6
a5ac60b868 Merge remote-tracking branch 'bitcoin/0.12' into HEAD
+ merge fixes
+ keepass on evhttp
2016-02-06 16:48:04 +03:00
MarcoFalke
333e1eaeea
Bump copyright headers to 2015
- Bump copyright headers to 2015
- [devtools] Rewrite fix-copyright-headers.py
- [devtools] Use git pretty-format for year parsing

Github-Pull: #7205
Rebased-From: fa6ad855e9 fa24439ff3 fa71669452
2016-01-05 14:13:33 +01:00
Wladimir J. van der Laan
881027a79d Remove assertion from ~LockedPageManager
This assertion will occur any time that the client quits without
shutting down properly due to an error condition. As the user will
report this error instead of the error that was the root cause, it is
better to remove it.
2015-05-15 11:44:58 +02:00
Philip Kaufmann
a21df62069 ensure consistent header comment naming conventions
- BITCOIN_FOLDER_SUBFOLDER_FILENAME_H
2015-04-20 13:29:22 +02:00
Cory Fields
d7d187e8a4 allocators: split allocators and pagelocker
Pagelocker is only needed for secure (usually wallet) operations, so don't make
the zero-after-free allocator depend on it.
2015-03-20 12:23:44 +01:00
Cory Fields
1630219d90 openssl: abstract out OPENSSL_cleanse
This makes it easier for us to replace it if desired, since it's now only in
one spot. Also, it avoids the openssl include from allocators.h, which
essentially forced openssl to be included from every compilation unit.
2015-02-15 11:34:02 -05:00