From d2b1a6175374b887e2076105997b956ecc221f64 Mon Sep 17 00:00:00 2001
From: Patrick Lodder <patricklodder@users.noreply.github.com>
Date: Wed, 3 Nov 2021 09:53:04 -0400
Subject: [PATCH] Give QApplication dummy arguments

Discards any Qt built-in command line arguments and replaces them
with dummy argv that only contains the binary name. Solves CVE-2021-3401.

Manually ported from bitcoin/bitcoin@a2714a5c
---
 src/qt/bitcoin.cpp        | 11 +++++++----
 src/qt/test/test_main.cpp |  5 ++++-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/qt/bitcoin.cpp b/src/qt/bitcoin.cpp
index 2a4e9c444..25f6bb6c0 100644
--- a/src/qt/bitcoin.cpp
+++ b/src/qt/bitcoin.cpp
@@ -197,7 +197,7 @@ class BitcoinApplication: public QApplication
 {
     Q_OBJECT
 public:
-    explicit BitcoinApplication(int &argc, char **argv);
+    explicit BitcoinApplication();
     ~BitcoinApplication();
 
 #ifdef ENABLE_WALLET
@@ -312,8 +312,11 @@ void BitcoinCore::shutdown()
     }
 }
 
-BitcoinApplication::BitcoinApplication(int &argc, char **argv):
-    QApplication(argc, argv),
+static int qt_argc = 1;
+static const char* qt_argv = "dogecoin-qt";
+
+BitcoinApplication::BitcoinApplication():
+    QApplication(qt_argc, const_cast<char **>(&qt_argv)),
     coreThread(0),
     optionsModel(0),
     clientModel(0),
@@ -550,7 +553,7 @@ int main(int argc, char *argv[])
     Q_INIT_RESOURCE(bitcoin);
     Q_INIT_RESOURCE(bitcoin_locale);
 
-    BitcoinApplication app(argc, argv);
+    BitcoinApplication app;
 #if QT_VERSION > 0x050100
     // Generate high-dpi pixmaps
     QApplication::setAttribute(Qt::AA_UseHighDpiPixmaps);
diff --git a/src/qt/test/test_main.cpp b/src/qt/test/test_main.cpp
index d44d71131..700ca5490 100644
--- a/src/qt/test/test_main.cpp
+++ b/src/qt/test/test_main.cpp
@@ -33,6 +33,9 @@ Q_IMPORT_PLUGIN(qkrcodecs)
 
 extern void noui_connect();
 
+static int qt_argc = 1;
+static const char* qt_argv = "dogecoin-qt";
+
 // This is all you need to run all the tests
 int main(int argc, char *argv[])
 {
@@ -46,7 +49,7 @@ int main(int argc, char *argv[])
 
     // Don't remove this, it's needed to access
     // QCoreApplication:: in the tests
-    QCoreApplication app(argc, argv);
+    QCoreApplication app(qt_argc, const_cast<char **>(&qt_argv));
     app.setApplicationName("Bitcoin-Qt-test");
 
     SSL_library_init();