From cd5739ab83318591fdd6207b96ff3a3198ebb988 Mon Sep 17 00:00:00 2001
From: Jose Tomas Robles Hahn <jtrobles@cordada.com>
Date: Mon, 23 Oct 2023 18:02:30 -0300
Subject: [PATCH] fix: Fix GH code scanning alerts 'Clear-text logging of
 sensitive info'

Fixes: https://github.com/cordada/lib-cl-sii-python/security/code-scanning/5
Fixes: https://github.com/cordada/lib-cl-sii-python/security/code-scanning/6
Fixes: https://github.com/cordada/lib-cl-sii-python/security/code-scanning/7
Fixes: https://github.com/cordada/lib-cl-sii-python/security/code-scanning/8
---
 src/cl_sii/libs/xml_utils.py | 15 ++++++---------
 src/cl_sii/rtc/xml_utils.py  |  4 +---
 2 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/src/cl_sii/libs/xml_utils.py b/src/cl_sii/libs/xml_utils.py
index f378bd08..2ff7d1fa 100644
--- a/src/cl_sii/libs/xml_utils.py
+++ b/src/cl_sii/libs/xml_utils.py
@@ -233,11 +233,10 @@ def parse_untrusted_xml(value: bytes) -> XmlElement:
         #   "parsing aborted"
         #   "out of memory"
 
-        # For sanity crop the XML-encoded content to max 1 KiB (arbitrary value).
-        log_msg = "Unexpected XML 'ExpatError' at line {} offset {}: {}. Content: %s".format(
+        log_msg = "Unexpected XML 'ExpatError' at line {} offset {}: {}.".format(
             exc.lineno, exc.offset, xml.parsers.expat.errors.messages[exc.code]
         )
-        logger.exception(log_msg, str(value[:1024]))
+        logger.exception(log_msg)
 
         exc_msg = "Unexpected error while parsing value as XML. Line {}, offset {}.".format(
             exc.lineno, exc.offset
@@ -249,9 +248,8 @@ def parse_untrusted_xml(value: bytes) -> XmlElement:
         #   it is just to raise the same exception with the same message) because it is a good
         #   idea to determine whether the source of the problem really is the response content.
 
-        # For sanity crop the XML-encoded content to max 1 KiB (arbitrary value).
-        log_msg = "Unexpected 'LxmlError' that is not an 'XMLSyntaxError'. Content: %s"
-        logger.exception(log_msg, str(value[:1024]))
+        log_msg = "Unexpected 'LxmlError' that is not an 'XMLSyntaxError'."
+        logger.exception(log_msg)
 
         exc_msg = "Unexpected error while parsing value as XML."
         raise UnknownXmlParsingError(exc_msg) from exc
@@ -261,9 +259,8 @@ def parse_untrusted_xml(value: bytes) -> XmlElement:
         #   it is just to raise the same exception with the same message) because it is a good
         #   idea to determine whether the source of the problem really is the response content.
 
-        # For sanity crop the XML-encoded content to max 1 KiB (arbitrary value).
-        log_msg = "Unexpected error while parsing value as XML. Content: %s"
-        logger.exception(log_msg, str(value[:1024]))
+        log_msg = "Unexpected error while parsing value as XML."
+        logger.exception(log_msg)
 
         exc_msg = "Unexpected error while parsing value as XML."
         raise UnknownXmlParsingError(exc_msg) from exc
diff --git a/src/cl_sii/rtc/xml_utils.py b/src/cl_sii/rtc/xml_utils.py
index 3c5e4dc9..bc6a9147 100644
--- a/src/cl_sii/rtc/xml_utils.py
+++ b/src/cl_sii/rtc/xml_utils.py
@@ -94,9 +94,7 @@ def verify_aec_signature(
     except Exception:
         signature_verified = None
         logger.exception(
-            "Unexpected error when trying to verify digital signature of XML document. "
-            "X509 certificate: %s",
-            signature_x509_cert,
+            "Unexpected error when trying to verify digital signature of XML document."
         )
     else:
         signature_verified = True