Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TiDB-Lightning will print some sensitive message when it runs in server mode #36374

Closed
lichunzhu opened this issue Jul 20, 2022 · 2 comments · Fixed by #36375 or #52336
Closed

TiDB-Lightning will print some sensitive message when it runs in server mode #36374

lichunzhu opened this issue Jul 20, 2022 · 2 comments · Fixed by #36375 or #52336
Labels
affects-6.0 affects-6.1 affects-6.5 affects-7.1 affects-7.5 affects-8.0 component/lightning This issue is related to Lightning of TiDB. severity/moderate type/bug The issue is confirmed as a bug.

Comments

@lichunzhu
Copy link
Contributor

Bug Report

Please answer these questions before submitting your issue. Thanks!

1. Minimal reproduce step (Required)

Run TiDB-Lightning in server mode and start an import task.

2. What did you expect to see? (Required)

Lightning's log doesn't contain sensitive information.

3. What did you see instead (Required)

Lightning's log contains sensitive information.

4. What is your TiDB version? (Required)

master
@lichunzhu lichunzhu added type/bug The issue is confirmed as a bug. component/lightning This issue is related to Lightning of TiDB. labels Jul 20, 2022
@lichunzhu lichunzhu mentioned this issue Jul 20, 2022
Merged
2 tasks
ti-chi-bot pushed a commit that referenced this issue Jul 21, 2022
@lichunzhu
lightning: hide sensitive log for server mode lightning (#36375)
a1b38f8 
close #36374
This was referenced Jul 21, 2022
Closed
Merged
@niubell
Copy link
Contributor

niubell commented Jul 26, 2022

/remove-label affects-6.2

ti-chi-bot pushed a commit that referenced this issue Aug 23, 2022
@ti-srebot
lightning: hide sensitive log for server mode lightning (#36375) (#36408
dcffd65 
)

close #36374
This was referenced Aug 29, 2022
Merged
Merged
@kennytm
Copy link
Contributor

kennytm commented Apr 3, 2024

I'm pretty sure #36375's regexp and test case are both written wrongly

tidb/br/pkg/utils/sensitive.go

Line 10 in a1b38f8

passwordPatterns = `(password[\s]*=[\s]*(\\")?)(.*?)((\\")?\\n)`

tidb/br/pkg/utils/sensitive_test.go

Line 17 in a1b38f8

`host = "127.0.0.1"\n user = "root"\n password = "/Q7B9DizNLLTTfiZHv9WoEAKamfpIUs="\n port = 3306\n`,

you don't need to escape the backslash inside the backquote-strings! `\n` will produce a literal \ followed by an n, not a newline character. The passwords are still visible in the log because the regexp isn't able to match any real text.

@kennytm kennytm reopened this Apr 3, 2024
@kennytm kennytm mentioned this issue Apr 3, 2024
Merged
13 tasks
ti-chi-bot bot pushed a commit that referenced this issue Apr 3, 2024
@kennytm
lightning: Don't log "received task config" in server mode (#52336)
555ce02 
close #36374
@ti-chi-bot ti-chi-bot mentioned this issue Apr 11, 2024
Merged
13 tasks
ti-chi-bot bot pushed a commit that referenced this issue Apr 11, 2024
@ti-chi-bot
lightning: Don't log "received task config" in server mode (#52336) (#…
faeb33e 
…52497)

close #36374
@ti-chi-bot ti-chi-bot mentioned this issue May 7, 2024
Merged
13 tasks
ti-chi-bot bot pushed a commit that referenced this issue May 8, 2024
@ti-chi-bot
lightning: Don't log "received task config" in server mode (#52336) (#…
c3ce61d 
…53069)

close #36374
@ti-chi-bot ti-chi-bot mentioned this issue Jun 4, 2024
Merged
13 tasks
ti-chi-bot bot pushed a commit that referenced this issue Jun 5, 2024
@ti-chi-bot
lightning: Don't log "received task config" in server mode (#52336) (#…
296329e 
…53771)

close #36374
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
affects-6.0 affects-6.1 affects-6.5 affects-7.1 affects-7.5 affects-8.0 component/lightning This issue is related to Lightning of TiDB. severity/moderate type/bug The issue is confirmed as a bug.
Projects
None yet
Milestone
No milestone
4 participants
@kennytm @niubell @lichunzhu @ti-chi-bot