passwords printed in the crash log (#11930)

When the server crashes during the AUTH command, or another command with an AUTH argument, the password was recorded in the log. Now, when the `auth` keyword is detected (could be in HELLO or MIGRATE, etc), the loop exits before printing any additional arguments.
author: polaris-alioth <polaris.alioth@huawei.com> 2023-03-20 14:18:38 +0800
committer: GitHub <noreply@github.com> 2023-03-20 08:18:38 +0200
commit: 56eef6fb5ab7a755485c19f358761954ca459472 (patch)
tree: 927099425b68baca384feebc44d07f17955458d6 /src/debug.c
parent: 6cf8fc08f59cd34cfcf364ab6a233f100611078c (diff)
download: redis-56eef6fb5ab7a755485c19f358761954ca459472.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/debug.c b/src/debug.c
index 41722a901..83f37cd3d 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -1859,11 +1859,17 @@ void logCurrentClient(client *cc, const char *title) {
     client = catClientInfoString(sdsempty(),cc);
     serverLog(LL_WARNING|LL_RAW,"%s\n", client);
     sdsfree(client);
+    serverLog(LL_WARNING|LL_RAW,"argc: '%d'\n", cc->argc);
     for (j = 0; j < cc->argc; j++) {
         robj *decoded;
         decoded = getDecodedObject(cc->argv[j]);
         sds repr = sdscatrepr(sdsempty(),decoded->ptr, min(sdslen(decoded->ptr), 128));
         serverLog(LL_WARNING|LL_RAW,"argv[%d]: '%s'\n", j, (char*)repr);
+        if (!strcasecmp(decoded->ptr, "auth") || !strcasecmp(decoded->ptr, "auth2")) {
+            sdsfree(repr);
+            decrRefCount(decoded);
+            break;
+        }
         sdsfree(repr);
         decrRefCount(decoded);
     }
author	polaris-alioth <polaris.alioth@huawei.com>	2023-03-20 14:18:38 +0800
committer	GitHub <noreply@github.com>	2023-03-20 08:18:38 +0200
commit	56eef6fb5ab7a755485c19f358761954ca459472 (patch)
tree	927099425b68baca384feebc44d07f17955458d6 /src/debug.c
parent	6cf8fc08f59cd34cfcf364ab6a233f100611078c (diff)
download	redis-56eef6fb5ab7a755485c19f358761954ca459472.tar.gz