From 4f1ee98489885a73c0c999448369707ee9c517cb Mon Sep 17 00:00:00 2001 From: Michael Kirk Date: Wed, 12 Jul 2017 09:51:10 -0400 Subject: [PATCH] scrub any data that slips through to logs Similar to phone number scrubbing, we leave a short prefix of the data to help with debugging without leaking much data. // FREEBIE --- Signal/src/util/OWSScrubbingLogFormatter.m | 25 ++++++++++++++----- .../test/util/OWSScrubbingLogFormatterTest.m | 23 +++++++++++++++++ 2 files changed, 42 insertions(+), 6 deletions(-) diff --git a/Signal/src/util/OWSScrubbingLogFormatter.m b/Signal/src/util/OWSScrubbingLogFormatter.m index 3a66f2ccb..79c2af478 100644 --- a/Signal/src/util/OWSScrubbingLogFormatter.m +++ b/Signal/src/util/OWSScrubbingLogFormatter.m @@ -10,17 +10,30 @@ NS_ASSUME_NONNULL_BEGIN - (NSString *)formatLogMessage:(DDLogMessage *)logMessage { - NSString *string = [super formatLogMessage:logMessage]; + NSString *logString = [super formatLogMessage:logMessage]; NSRegularExpression *phoneRegex = [NSRegularExpression regularExpressionWithPattern:@"\\+\\d{7,12}(\\d{3})" options:NSRegularExpressionCaseInsensitive error:nil]; - NSString *filteredString = [phoneRegex stringByReplacingMatchesInString:string - options:0 - range:NSMakeRange(0, [string length]) - withTemplate:@"[ REDACTED_PHONE_NUMBER:xxx$1 ]"]; - return filteredString; + logString = [phoneRegex stringByReplacingMatchesInString:logString + options:0 + range:NSMakeRange(0, [logString length]) + withTemplate:@"[ REDACTED_PHONE_NUMBER:xxx$1 ]"]; + + + // We capture only the first two characters of the hex string for logging. + NSRegularExpression *dataRegex = + [NSRegularExpression regularExpressionWithPattern:@"<([\\da-f]{2})[\\da-f]{6}( [\\da-f]{8})*>" + options:NSRegularExpressionCaseInsensitive + error:nil]; + + logString = [dataRegex stringByReplacingMatchesInString:logString + options:0 + range:NSMakeRange(0, [logString length]) + withTemplate:@"[ REDACTED_DATA:$1... ]"]; + + return logString; } @end diff --git a/Signal/test/util/OWSScrubbingLogFormatterTest.m b/Signal/test/util/OWSScrubbingLogFormatterTest.m index db9edb92e..6c46f3dd6 100644 --- a/Signal/test/util/OWSScrubbingLogFormatterTest.m +++ b/Signal/test/util/OWSScrubbingLogFormatterTest.m @@ -27,6 +27,29 @@ NS_ASSUME_NONNULL_BEGIN timestamp:[NSDate new]]; } +- (void)testDataScrubbed +{ + NSArray *dataStrings = @[ + @"<01234567 89a23def 23234567 89ab1234>", + @"<01234567 89a23def 23234567 89ab1223> ", + @"<01234567 89a23def 23234567 89ab1223> bar <01234567 89abcdef 22234567 89ab1234>" + ]; + + for (NSString *dataString in dataStrings) { + OWSScrubbingLogFormatter *formatter = [OWSScrubbingLogFormatter new]; + NSString *messageText = [NSString stringWithFormat:@"My data is %@", dataString]; + NSString *actual = [formatter formatLogMessage:[self messageWithString:messageText]]; + NSRange redactedRange = [actual rangeOfString:@"[ REDACTED_DATA:01... ]"]; + XCTAssertNotEqual( + NSNotFound, redactedRange.location, "Failed to redact data string: %@ actual: %@", dataString, actual); + + // ensure no more than the redacted portion of the data id is left in the log string + NSRange dataRange = [actual rangeOfString:@"23"]; + XCTAssertEqual( + NSNotFound, dataRange.location, "Failed to redact data string: %@, actual %@", dataString, actual); + } +} + - (void)testPhoneNumbersScrubbed { NSArray *phoneStrings = @[