Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore redis key if not UTF8 #1997

Merged
merged 1 commit into from
Feb 6, 2023
Merged

Ignore redis key if not UTF8 #1997

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@
- Fix sentry-rails' controller span nesting [#1973](https://github.com/getsentry/sentry-ruby/pull/1973)
- Fixes [#1899](https://github.com/getsentry/sentry-ruby/issues/1899)
- Do not report exceptions when a Rails runner exits with `exit 0` [#1988](https://github.com/getsentry/sentry-ruby/pull/1988)
- Ignore redis key if not UTF8 [#1997](https://github.com/getsentry/sentry-ruby/pull/1997)
- Fixes [#1992](https://github.com/getsentry/sentry-ruby/issues/1992)

### Miscellaneous
[
Expand Down
3 changes: 2 additions & 1 deletion sentry-ruby/lib/sentry/redis.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,8 @@ def commands_description
def parsed_commands
commands.map do |statement|
command, key, *arguments = statement
command_set = { command: command.to_s.upcase, key: key }
command_set = { command: command.to_s.upcase }
command_set[:key] = key if Utils::EncodingHelper.valid_utf_8?(key)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since key is kinda important in commands, do you think it'd be better insert a placeholder like "<invalid encoded key>" instead?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the type of redis command signifies that there's a key there, I think that's fine.
This is edge-case behaviour anyway.


if Sentry.configuration.send_default_pii
command_set[:arguments] = arguments
Expand Down
6 changes: 3 additions & 3 deletions sentry-ruby/spec/sentry/redis_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,17 +30,17 @@
expect(request_span.data).to eq({ server: "127.0.0.1:6379/0" })
end

it "removes bad encoding commands gracefully" do
it "removes bad encoding keys and arguments gracefully" do
transaction = Sentry.start_transaction
Sentry.get_current_scope.set_span(transaction)

# random bytes
redis.set("key", "foo \x1F\xE6")
redis.set("key \x1F\xE6", "val \x1F\xE6")

request_span = transaction.span_recorder.spans.last
description = request_span.description

expect(description).to eq("SET key")
expect(description).to eq("SET")

expect do
JSON.generate(description)
Expand Down