Opened 12 years ago
#205 new defect
"an inbound callRemote ... failed" log entries include all arguments of the failed call
Reported by: | davidsarah | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | undecided |
Component: | logging | Version: | 0.6.4 |
Keywords: | memory confidentiality | Cc: |
Description
This can cause performance problems and also leak secrets. An example of the former from Tahoe-LAFS:
allmydata.storage.backends.cloud.cloud_common.CloudError: ("try 1 failed: PUT object ('shares/oh/ohcac6xn5ot7hxwfcstdeqcf4e/0.16624',) {}", '') ] 03:53:03.778 L23 []#87614 an inbound callRemote that we [n4zt] executed (on behalf of someone else, TubID uzie) failed 03:53:03.778 L10 []#87615 reqID=66831, rref=<allmydata.storage.bucket.BucketWriter object at 0x3bf6b50>, methname=RIBucketWriter.write 03:53:03.792 L10 []#87616 args=[8716681284L, '<VERY long string>'] 03:53:03.792 L10 []#87617 kwargs={} 03:53:03.792 L10 []#87618 the LOCAL failure was: [...] Note that in this case the Tahoe-LAFS code has avoided including the data that we attempted to write in the exception message (for !CloudError), but foolscap has logged it, causing a temporary memory leak, and possibly resulting in performance problems when argument strings are large. In other cases, logging the arguments of remote operations may leak secrets into the log.
Note: See
TracTickets for help on using
tickets.