diff options
| author | David Storch <david.storch@10gen.com> | 2018-02-20 13:44:09 -0500 |
|---|---|---|
| committer | David Storch <david.storch@10gen.com> | 2018-02-20 15:01:47 -0500 |
| commit | 6b08990f795c3521465ea096fd6e898b6fedd51b (patch) | |
| tree | 76bce01a16f116f8ad8ae950776c90bfd9a34241 /src/mongo | |
| parent | 9e428f7bf5e6e6163f6bb9deafec15961995813c (diff) | |
| download | mongo-6b08990f795c3521465ea096fd6e898b6fedd51b.tar.gz | |
SERVER-33302 Add missing calls to redact() in error paths.
Diffstat (limited to 'src/mongo')
| -rw-r--r-- | src/mongo/db/commands.cpp | 2 | ||||
| -rw-r--r-- | src/mongo/db/commands.h | 4 | ||||
| -rw-r--r-- | src/mongo/db/service_entry_point_common.cpp | 2 |
3 files changed, 6 insertions, 2 deletions
diff --git a/src/mongo/db/commands.cpp b/src/mongo/db/commands.cpp index 94f93bddc4e..2aaeda9b5ed 100644 --- a/src/mongo/db/commands.cpp +++ b/src/mongo/db/commands.cpp @@ -382,7 +382,7 @@ static Status _checkAuthorizationImpl(Command* c, c->redactForLogging(&cmdToLog); return Status(ErrorCodes::Unauthorized, str::stream() << "not authorized on " << dbname << " to execute command " - << cmdToLog.toString()); + << redact(cmdToLog.getObject())); } if (!status.isOK()) { return status; diff --git a/src/mongo/db/commands.h b/src/mongo/db/commands.h index 9ed9e27ccca..805879b08d2 100644 --- a/src/mongo/db/commands.h +++ b/src/mongo/db/commands.h @@ -317,6 +317,10 @@ public: * Redacts "cmdObj" in-place to a form suitable for writing to logs. * * The default implementation does nothing. + * + * This is NOT used to implement user-configurable redaction of PII. Instead, that is + * implemented via the set of redact() free functions, which are no-ops when log redaction is + * disabled. All PII must pass through one of the redact() overloads before being logged. */ virtual void redactForLogging(mutablebson::Document* cmdObj) const {} diff --git a/src/mongo/db/service_entry_point_common.cpp b/src/mongo/db/service_entry_point_common.cpp index 98695b1864c..e87c424b80a 100644 --- a/src/mongo/db/service_entry_point_common.cpp +++ b/src/mongo/db/service_entry_point_common.cpp @@ -128,7 +128,7 @@ void generateLegacyQueryErrorResponse(const AssertionException* exception, log(LogComponent::kQuery) << "assertion " << exception->toString() << " ns:" << queryMessage.ns << " query:" << (queryMessage.query.valid(BSONVersion::kLatest) - ? queryMessage.query.toString() + ? redact(queryMessage.query) : "query object is corrupt"); if (queryMessage.ntoskip || queryMessage.ntoreturn) { log(LogComponent::kQuery) << " ntoskip:" << queryMessage.ntoskip |