Skip to content

Commit 4eabaf5

Browse files
benthecarmanbenthecarman
committed
Sanitize error messages for terminal
We call `sanitize_for_terminal` on the output for successful responses but not on error outputs. We now call it on errors to protect about potentially malicous error messages that could try to manipulate the terminal output.
1 parent 3f98b85 commit 4eabaf5

1 file changed

Lines changed: 6 additions & 8 deletions

File tree

ldk-server-cli/src/main.rs

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -618,7 +618,7 @@ async fn main() {
618618
);
619619
},
620620
Commands::OnchainSend { address, amount, send_all, fee_rate_sat_per_vb } => {
621-
let amount_sats = amount.map(|a| a.to_sat().unwrap_or_else(|e| handle_error_msg(&e)));
621+
let amount_sats = amount.map(|a| a.to_sat().unwrap_or_else(|e| handle_error_msg(e)));
622622
handle_response_result::<_, OnchainSendResponse>(
623623
client
624624
.onchain_send(OnchainSendRequest {
@@ -904,7 +904,7 @@ async fn main() {
904904
cltv_expiry_delta,
905905
} => {
906906
let channel_amount_sats =
907-
channel_amount.to_sat().unwrap_or_else(|e| handle_error_msg(&e));
907+
channel_amount.to_sat().unwrap_or_else(|e| handle_error_msg(e));
908908
let push_to_counterparty_msat = push_to_counterparty.map(|a| a.to_msat());
909909
let channel_config = build_open_channel_config(
910910
forwarding_fee_proportional_millionths,
@@ -933,8 +933,7 @@ async fn main() {
933933
);
934934
},
935935
Commands::SpliceIn { user_channel_id, counterparty_node_id, splice_amount } => {
936-
let splice_amount_sats =
937-
splice_amount.to_sat().unwrap_or_else(|e| handle_error_msg(&e));
936+
let splice_amount_sats = splice_amount.to_sat().unwrap_or_else(|e| handle_error_msg(e));
938937
handle_response_result::<_, SpliceInResponse>(
939938
client
940939
.splice_in(SpliceInRequest {
@@ -946,8 +945,7 @@ async fn main() {
946945
);
947946
},
948947
Commands::SpliceOut { user_channel_id, counterparty_node_id, address, splice_amount } => {
949-
let splice_amount_sats =
950-
splice_amount.to_sat().unwrap_or_else(|e| handle_error_msg(&e));
948+
let splice_amount_sats = splice_amount.to_sat().unwrap_or_else(|e| handle_error_msg(e));
951949
handle_response_result::<_, SpliceOutResponse>(
952950
client
953951
.splice_out(SpliceOutRequest {
@@ -1251,8 +1249,8 @@ fn parse_page_token(token_str: &str) -> Result<PageToken, LdkServerError> {
12511249
Ok(PageToken { token: parts[0].to_string(), index })
12521250
}
12531251

1254-
fn handle_error_msg(msg: &str) -> ! {
1255-
eprintln!("Error: {msg}");
1252+
fn handle_error_msg(msg: String) -> ! {
1253+
eprintln!("Error: {}", sanitize_for_terminal(msg));
12561254
std::process::exit(1);
12571255
}
12581256

0 commit comments

Comments
 (0)