diff options
author | polaris-alioth <polaris.alioth@huawei.com> | 2023-03-20 14:18:38 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-20 08:18:38 +0200 |
commit | 56eef6fb5ab7a755485c19f358761954ca459472 (patch) | |
tree | 927099425b68baca384feebc44d07f17955458d6 /src/debug.c | |
parent | 6cf8fc08f59cd34cfcf364ab6a233f100611078c (diff) | |
download | redis-56eef6fb5ab7a755485c19f358761954ca459472.tar.gz |
passwords printed in the crash log (#11930)
When the server crashes during the AUTH command, or another command with
an AUTH argument, the password was recorded in the log.
Now, when the `auth` keyword is detected (could be in HELLO or MIGRATE, etc),
the loop exits before printing any additional arguments.
Diffstat (limited to 'src/debug.c')
-rw-r--r-- | src/debug.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/debug.c b/src/debug.c index 41722a901..83f37cd3d 100644 --- a/src/debug.c +++ b/src/debug.c @@ -1859,11 +1859,17 @@ void logCurrentClient(client *cc, const char *title) { client = catClientInfoString(sdsempty(),cc); serverLog(LL_WARNING|LL_RAW,"%s\n", client); sdsfree(client); + serverLog(LL_WARNING|LL_RAW,"argc: '%d'\n", cc->argc); for (j = 0; j < cc->argc; j++) { robj *decoded; decoded = getDecodedObject(cc->argv[j]); sds repr = sdscatrepr(sdsempty(),decoded->ptr, min(sdslen(decoded->ptr), 128)); serverLog(LL_WARNING|LL_RAW,"argv[%d]: '%s'\n", j, (char*)repr); + if (!strcasecmp(decoded->ptr, "auth") || !strcasecmp(decoded->ptr, "auth2")) { + sdsfree(repr); + decrRefCount(decoded); + break; + } sdsfree(repr); decrRefCount(decoded); } |