ensure wallet file access, fix #4507

2025-08-23 17:47:31 +00:00 · 2018-07-10 16:03:24 +02:00 · 2018-07-10 16:03:24 +02:00 · dba9eb9b3a
commit dba9eb9b3a
parent 04432fe93e
5 changed files with 22 additions and 1 deletions
--- a/gui/kivy/main_window.py
+++ b/gui/kivy/main_window.py
@ -509,6 +509,9 @@ class ElectrumWindow(App):
            return
        wallet = self.daemon.load_wallet(path, None)
        if wallet:
+            if not wallet.storage.file_writable():
+                self.show_error(_("Wallet file not writable"))
+                return
            if wallet.has_password():
                self.password_dialog(wallet, _('Enter PIN code'), lambda x: self.load_wallet(wallet), self.stop)
            else:
--- a/gui/kivy/uix/dialogs/wallets.py
+++ b/gui/kivy/uix/dialogs/wallets.py
@ -61,5 +61,9 @@ class WalletDialog(Factory.Popup):
        d.open()

    def open_wallet(self, app):
-        app.load_wallet_by_name(self.ids.wallet_selector.selection[0])
+        path = self.ids.wallet_selector.selection[0]
+        if not os.access(path, os.W_OK) or not os.access(path, os.R_OK):
+            app.show_error(_("Wallet file not writable"))
+            return
+        app.load_wallet_by_name(path)

--- a/gui/qt/init.py
+++ b/gui/qt/init.py
@ -204,6 +204,8 @@ class ElectrumGui:
        opens the wallet and creates a new window for it'''
        try:
            wallet = self.daemon.load_wallet(path, None)
+            if wallet and not wallet.storage.file_writable():
+                raise Exception(_("Wallet file not writable"))
        except BaseException as e:
            traceback.print_exc(file=sys.stdout)
            d = QMessageBox(QMessageBox.Warning, _('Error'),
--- a/lib/base_wizard.py
+++ b/lib/base_wizard.py
@ -91,6 +91,9 @@ class BaseWizard(object):
        self.run(action, *args)

    def new(self):
+        if not self.storage.file_writable():
+            self.show_error(_("Wallet file not writable"))
+            return
        name = os.path.basename(self.storage.path)
        title = _("Create") + ' ' + name
        message = '\n'.join([
--- a/lib/storage.py
+++ b/lib/storage.py
@ -165,6 +165,15 @@ class WalletStorage(PrintError):
    def file_exists(self):
        return self.path and os.path.exists(self.path)

+    def file_writable(self):
+        if not self.file_exists():
+            if not os.access(os.path.dirname(self.path), os.W_OK):
+                return False
+        else:
+            if not os.access(self.path, os.W_OK):
+                return False
+        return True
+
    @staticmethod
    def get_eckey_from_password(password):
        secret = pbkdf2.PBKDF2(password, '', iterations=1024, macmodule=hmac, digestmodule=hashlib.sha512).read(64)