Diffusion Bitcoin ABC 6417e4a81988

[land-bot] Fix a bug where the unencrypted CONDUIT_TOKEN could be logged by…
6417e4a81988
Actions

Description

[land-bot] Fix a bug where the unencrypted CONDUIT_TOKEN could be logged by subshells

Summary:
The caller provides their Conduit token so that land-bot can land the change as them.
Since this token is secret, we need to ensure it cannot be accidentally logged by subshells.

This also prevents malicious patches from stealing CONDUIT_TOKEN, though there's unlikely to
be a realizable attack vector here since the token is supplied by the caller in the first place.

Test Plan:
First, see D5930 for reference.

CONDUIT_TOKEN=my-secret-token ./land-patch --dry-run -r D5930

Pre-patch, observe this output in the log:

+ echo my-secret-token

Post-patch, observe this output in the log:

CONDUIT_TOKEN: unbound variable

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D5931

Details

Provenance

jasonbcox	Authored on Apr 29 2020, 18:04
jasonbcox	Pushed on May 4 2020, 15:51

Reviewer

Restricted Project

Differential Revision

D5931: [land-bot] Fix a bug where the unencrypted CONDUIT_TOKEN could be logged by subshells

Parents

rABCeffcdf625e49: Clear mock time between tests

Branches

Unknown

Tags

Unknown

Event Timeline

jasonbcox committed rABC6417e4a81988: [land-bot] Fix a bug where the unencrypted CONDUIT_TOKEN could be logged by… (authored by jasonbcox).May 4 2020, 15:51

jasonbcox added an edge: D5931: [land-bot] Fix a bug where the unencrypted CONDUIT_TOKEN could be logged by subshells.

Changes (1)

Path

Size

contrib/

source-control-tools/

land-patch.sh

rABC6417e4a81988

View Options

contrib/source-control-tools/land-patch.sh