Merge pull request #3355 from csordasmarton/fix_printing_sensitive_in…

…formation [cli] Do not print sensitive information when exception happens
Ericsson · Jun 18, 2021 · b9ee0b3 · b9ee0b3
2 parents aa9b723 + 26258c9
commit b9ee0b3
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/web/client/codechecker_client/thrift_call.py b/web/client/codechecker_client/thrift_call.py
@@ -92,11 +92,14 @@ def wrapper(self, *args, **kwargs):
                 LOG.error('Thrift bad version error.')
             LOG.error(funcName)
 
-            # It is possible that one of the argument is too large to log the
-            # full content of it (for example the 'b64zip' parameter of the
+            # Do not print the argument list if it contains sensitive
+            # information such as passwords.
+            # Also it is possible that one of the argument is too large to log
+            # the full content of it (for example the 'b64zip' parameter of the
             # 'massStoreRun' API function). For this reason we have to truncate
             # the arguments.
-            LOG.error([truncate_arg(arg) for arg in args])
+            if funcName != "performLogin":
+                LOG.error([truncate_arg(arg) for arg in args])
 
             LOG.error(kwargs)
             LOG.exception("Request failed.")