Merge pull request #3263 from Icinga/bugfix/password-logged-cleartext-2810
Censor arguments in stack traces
This commit is contained in:
lippserd
GitHub
commit
02b4a82037
|
|
@ -3,6 +3,7 @@
|
|||
|
||||
namespace Icinga\Controllers;
|
||||
|
||||
use Icinga\Exception\IcingaException;
|
||||
use Zend_Controller_Plugin_ErrorHandler;
|
||||
use Icinga\Application\Icinga;
|
||||
use Icinga\Application\Logger;
|
||||
|
|
@ -83,7 +84,7 @@ class ErrorController extends ActionController
|
|||
break;
|
||||
default:
|
||||
$this->getResponse()->setHttpResponseCode(500);
|
||||
Logger::error("%s\n%s", $exception, $exception->getTraceAsString());
|
||||
Logger::error("%s\n%s", $exception, IcingaException::getConfidentialTraceAsString($exception));
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -94,7 +95,7 @@ class ErrorController extends ActionController
|
|||
|
||||
do {
|
||||
$this->view->messages[] = $exception->getMessage();
|
||||
$this->view->stackTraces[] = $exception->getTraceAsString();
|
||||
$this->view->stackTraces[] = IcingaException::getConfidentialTraceAsString($exception);
|
||||
$exception = $exception->getPrevious();
|
||||
} while ($exception !== null);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -60,4 +60,44 @@ class IcingaException extends Exception
|
|||
$exception->getMessage()
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the same as {@link Exception::getTraceAsString()} for the given exception,
|
||||
* but show only the types of scalar arguments
|
||||
*
|
||||
* @param Exception $exception
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public static function getConfidentialTraceAsString(Exception $exception)
|
||||
{
|
||||
$trace = array();
|
||||
|
||||
foreach ($exception->getTrace() as $index => $frame) {
|
||||
$trace[] = "#{$index} {$frame['file']}({$frame['line']}): ";
|
||||
|
||||
if (isset($frame['class'])) {
|
||||
$trace[] = $frame['class'];
|
||||
}
|
||||
|
||||
if (isset($frame['type'])) {
|
||||
$trace[] = $frame['type'];
|
||||
}
|
||||
|
||||
$trace[] = "{$frame['function']}(";
|
||||
|
||||
$args = array();
|
||||
foreach ($frame['args'] as $arg) {
|
||||
$type = gettype($arg);
|
||||
$args[] = $type === 'object' ? 'Object(' . get_class($arg) . ')' : ucfirst($type);
|
||||
}
|
||||
|
||||
$trace[] = implode(', ', $args);
|
||||
$trace[] = ")\n";
|
||||
}
|
||||
|
||||
$trace[] = '#' . ($index + 1) . ' {main}';
|
||||
|
||||
return implode($trace);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@
|
|||
namespace Icinga\Module\Doc\Renderer;
|
||||
|
||||
use Exception;
|
||||
use Icinga\Exception\IcingaException;
|
||||
use RecursiveIteratorIterator;
|
||||
use Icinga\Application\Icinga;
|
||||
use Icinga\Web\View;
|
||||
|
|
@ -201,7 +202,7 @@ abstract class DocRenderer extends RecursiveIteratorIterator
|
|||
try {
|
||||
return $this->render();
|
||||
} catch (Exception $e) {
|
||||
return $e->getMessage() . ': ' . $e->getTraceAsString();
|
||||
return $e->getMessage() . ': ' . IcingaException::getConfidentialTraceAsString($e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue