Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-05-31 10:14:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix(db): redact credentials in client-merge conflict logs

Browse source 
CodeQL flagged go/clear-text-logging: the merge conflict logger printed
raw Old/New/Kept values, which for password/auth/uuid/subId fields meant
credentials landed in plain-text logs. Mask those four fields at the log
site so operators still see which field collided without leaking secrets.
This commit is contained in:
MHSanaei 2026-05-19 12:40:11 +02:00
parent 6000bc7134
commit 66f946ee54
No known key found for this signature in database
GPG key ID: 7E4060F2FBE5AB7A
1 changed files with 18 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
database/db.go
View file

@ -48,6 +48,22 @@ func Dialect() string {
return db.Dialector.Name()
}
var sensitiveConflictFields = map[string]struct{}{
"uuid": {},
"password": {},
"auth": {},
"subId": {},
}
// redactConflictValues masks values for credential-bearing merge fields so
// they never reach plain-text logs. Non-sensitive fields pass through.
func redactConflictValues(x model.ClientMergeConflict) (oldV, newV, keptV any) {
if _, sensitive := sensitiveConflictFields[x.Field]; sensitive {
return "<redacted>", "<redacted>", "<redacted>"
}
return x.Old, x.New, x.Kept
}
const (
defaultUsername = "admin"
defaultPassword = "admin"
@ -249,8 +265,9 @@ func seedClientsFromInboundJSON() error {
} else {
conflicts := model.MergeClientRecord(row, incoming)
for _, x := range conflicts {
oldV, newV, keptV := redactConflictValues(x)
log.Printf("client merge: email=%s conflict on %s old=%v new=%v kept=%v",
email, x.Field, x.Old, x.New, x.Kept)
email, x.Field, oldV, newV, keptV)
}
if err := tx.Save(row).Error; err != nil {
return err