oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: fix high-severity security issues
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Has been cancelled
Details
Integration Tests / test-service-integration (push) Has been cancelled
Details
Python Tests / test-python (push) Has been cancelled
Details
CLI Tests / test-cli (push) Has been cancelled
Details
Security Scanning / security-scan (push) Has been cancelled
Details

Browse Source 
- Remove hardcoded passwords in wallet commands (2 instances)
- Fix SQL injection vectors with parameterized queries (3 instances)
- Replace MD5 hashes with SHA-256 in 14 locations
- Add table name validation in migration scripts
This commit is contained in:
aitbc
2026-04-18 10:42:40 +02:00
parent a8db89f8ef
commit 8424902bee
14 changed files with 34 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cli/commands/wallet.py
View File

@@ -198,10 +198,10 @@ def create(ctx, name: str, wallet_type: str, no_encrypt: bool):
password = None
if not no_encrypt:
if use_daemon:
# For daemon mode, use a default password or prompt
password = getpass.getpass(f"Enter password for wallet '{name}' (press Enter for default): ")
# For daemon mode, require password input
password = getpass.getpass(f"Enter password for wallet '{name}': ")
if not password:
password = "default_wallet_password"
raise click.ClickException("Password cannot be empty for daemon mode")
else:
# For file mode, use existing password prompt logic
password = getpass.getpass(f"Enter password for wallet '{name}': ")
@@ -2066,7 +2066,7 @@ def create_in_chain(ctx, chain_id: str, wallet_name: str, wallet_type: str, no_e
error("Passwords do not match")
return
else:
password = "insecure" # Default password for unencrypted wallets
raise click.ClickException("Password cannot be empty for wallet creation")
metadata = {
"wallet_type": wallet_type,