Skip to content

Commit ef394aa

Browse files
committed
Merge pull request #244 from getsentry/fix-243
Fix error in empty object sanitization
2 parents 98498b8 + 004f0cd commit ef394aa

File tree

3 files changed

+29
-26
lines changed

3 files changed

+29
-26
lines changed

lib/raven/processor.rb

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,7 @@ def process(data)
1717

1818
def parse_json_or_nil(string)
1919
begin
20-
result = OkJson.decode(string)
21-
result.is_a?(String) ? nil : result
20+
OkJson.decode(string)
2221
rescue Raven::OkJson::Error
2322
nil
2423
end

lib/raven/processor/sanitizedata.rb

Lines changed: 18 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -6,36 +6,30 @@ class Processor::SanitizeData < Processor
66
VALUES_RE = /^\d{16}$/
77

88
def process(value)
9-
fields_re = /(#{(DEFAULT_FIELDS + @sanitize_fields).join("|")})/i
9+
value.inject(value) { |memo,(k,v)| memo[k] = sanitize(k,v); memo }
10+
end
1011

11-
value.inject(value) do |value,(k,v)|
12-
v = k if v.nil?
13-
if v.is_a?(Hash) || v.is_a?(Array)
14-
process(v)
15-
elsif v.is_a?(String) && (json = parse_json_or_nil(v))
16-
#if this string is actually a json obj, convert and sanitize
17-
value = modify_in_place(value, [k,v], process(json).to_json)
18-
elsif v.is_a?(Integer) && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
19-
value = modify_in_place(value, [k,v], INT_MASK)
20-
elsif VALUES_RE.match(v.to_s) || fields_re.match(k.to_s)
21-
value = modify_in_place(value, [k,v], STRING_MASK)
22-
else
23-
value
24-
end
12+
def sanitize(k,v)
13+
if v.is_a?(Hash)
14+
process(v)
15+
elsif v.is_a?(Array)
16+
v.map{|a| sanitize(nil, a)}
17+
elsif v.is_a?(String) && (json = parse_json_or_nil(v))
18+
#if this string is actually a json obj, convert and sanitize
19+
json.is_a?(Hash) ? process(json).to_json : v
20+
elsif v.is_a?(Integer) && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
21+
INT_MASK
22+
elsif v.is_a?(String) && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
23+
STRING_MASK
24+
else
25+
v
2526
end
26-
value
2727
end
2828

2929
private
3030

31-
def modify_in_place(original_parent, original_child, new_child)
32-
if original_parent.is_a?(Array)
33-
index = original_parent.index(original_child[0])
34-
original_parent[index] = new_child
35-
elsif original_parent.is_a?(Hash)
36-
original_parent[original_child[0]] = new_child
37-
end
38-
original_parent
31+
def fields_re
32+
@fields_re ||= /(#{(DEFAULT_FIELDS + @sanitize_fields).join("|")})/i
3933
end
4034
end
4135
end

spec/raven/processors/sanitizedata_processor_spec.rb

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,4 +94,14 @@
9494
expect(result["ccnumba_int"]).to eq(Raven::Processor::SanitizeData::INT_MASK)
9595
end
9696

97+
it 'sanitizes hashes nested in arrays' do
98+
data = {
99+
"empty_array"=> [],
100+
"array"=>[{'password' => 'secret'}],
101+
}
102+
103+
result = @processor.process(data)
104+
105+
expect(result["array"][0]['password']).to eq(Raven::Processor::SanitizeData::STRING_MASK)
106+
end
97107
end

0 commit comments

Comments
 (0)