Merge pull request #244 from getsentry/fix-243

nateberkopec · nateberkopec · commit ef394aaa04a5 · 2014-11-18T20:21:00.000-05:00
Fix error in empty object sanitization
diff --git a/lib/raven/processor.rb b/lib/raven/processor.rb
@@ -17,8 +17,7 @@ def process(data)
 
     def parse_json_or_nil(string)
       begin
-        result = OkJson.decode(string)
-        result.is_a?(String) ? nil : result
+        OkJson.decode(string)
       rescue Raven::OkJson::Error
         nil
       end
diff --git a/lib/raven/processor/sanitizedata.rb b/lib/raven/processor/sanitizedata.rb
@@ -6,36 +6,30 @@ class Processor::SanitizeData < Processor
     VALUES_RE = /^\d{16}$/
 
     def process(value)
-      fields_re = /(#{(DEFAULT_FIELDS + @sanitize_fields).join("|")})/i
+      value.inject(value) { |memo,(k,v)|  memo[k] = sanitize(k,v); memo }
+    end
 
-      value.inject(value) do |value,(k,v)|
-        v = k if v.nil?
-        if v.is_a?(Hash) || v.is_a?(Array)
-          process(v)
-        elsif v.is_a?(String) && (json = parse_json_or_nil(v))
-          #if this string is actually a json obj, convert and sanitize
-          value = modify_in_place(value, [k,v], process(json).to_json)
-        elsif v.is_a?(Integer) && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
-          value = modify_in_place(value, [k,v], INT_MASK)
-        elsif VALUES_RE.match(v.to_s) || fields_re.match(k.to_s)
-          value = modify_in_place(value, [k,v], STRING_MASK)
-        else
-          value
-        end
+    def sanitize(k,v)
+      if v.is_a?(Hash)
+        process(v)
+      elsif v.is_a?(Array)
+        v.map{|a| sanitize(nil, a)}
+      elsif v.is_a?(String) && (json = parse_json_or_nil(v))
+        #if this string is actually a json obj, convert and sanitize
+        json.is_a?(Hash) ? process(json).to_json : v
+      elsif v.is_a?(Integer) && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
+        INT_MASK
+      elsif v.is_a?(String)  && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
+        STRING_MASK
+      else
+        v
       end
-      value
     end
 
     private
 
-    def modify_in_place(original_parent, original_child, new_child)
-      if original_parent.is_a?(Array)
-        index = original_parent.index(original_child[0])
-        original_parent[index] = new_child
-      elsif original_parent.is_a?(Hash)
-        original_parent[original_child[0]] = new_child
-      end
-      original_parent
+    def fields_re
+      @fields_re ||= /(#{(DEFAULT_FIELDS + @sanitize_fields).join("|")})/i
     end
   end
 end
diff --git a/spec/raven/processors/sanitizedata_processor_spec.rb b/spec/raven/processors/sanitizedata_processor_spec.rb
@@ -94,4 +94,14 @@
     expect(result["ccnumba_int"]).to eq(Raven::Processor::SanitizeData::INT_MASK)
   end
 
+  it 'sanitizes hashes nested in arrays' do
+    data = {
+      "empty_array"=> [],
+      "array"=>[{'password' => 'secret'}],
+    }
+
+    result = @processor.process(data)
+
+    expect(result["array"][0]['password']).to eq(Raven::Processor::SanitizeData::STRING_MASK)
+  end
 end
