[vlc-commits] access/ftp: do not log sensitive information

[Filip Roséen]

vlc | branch: master | Filip Roséen <filip at atch.se> | Mon Sep 26 02:41:20 2016 +0200| [9eb3099ef9de77055191730b92eb693b2fe7ecd9] | committer: Thomas Guillem

access/ftp: do not log sensitive information

PASS and ACCT are by their definition sensitive data, as such we
should not log their payload when such requests are sent.

These changes simply censors the payload, as well as the number of
bytes sent (so that the length of the payload is not leaked).

fixes #17440

Signed-off-by: Thomas Guillem <thomas at gllm.fr>

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=9eb3099ef9de77055191730b92eb693b2fe7ecd9
---

 modules/access/ftp.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/modules/access/ftp.c b/modules/access/ftp.c
index b75f1c5..59bdd31 100644
--- a/modules/access/ftp.c
+++ b/modules/access/ftp.c
@@ -177,7 +177,11 @@ static int ftp_SendCommand( vlc_object_t *obj, access_sys_t *sys,
     if( unlikely(val == -1) )
         return -1;
 
-    msg_Dbg( obj, "sending request: \"%.*s\" (%d bytes)", val - 2, cmd, val );
+    if( strncmp( cmd, "PASS ", 5 ) && strncmp( cmd, "ACCT ", 5 ) )
+        msg_Dbg( obj, "sending request: \"%.*s\" (%d bytes)", val-2, cmd, val );
+    else
+        msg_Dbg( obj, "sending request: \"%.*s XXXX\" (XX bytes)", 4, cmd );
+
     if( ((sys->cmd.p_tls != NULL)
             ? vlc_tls_Write( sys->cmd.p_tls, cmd, val )
             : net_Write( obj, sys->cmd.fd, cmd, val )) != val )