mirror of
https://github.com/cloudflare/cloudflared.git
synced 2025-05-11 23:56:35 +00:00
AUTH-2977 log file protection
This commit is contained in:
Dalton
Dalton Cherry
parent
5499c77e62
commit
70114c2145
@ -3,6 +3,7 @@ package logger
|
|||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -106,7 +107,7 @@ func New(opts ...Option) (Service, error) {
|
|||||||
|
|
||||||
l := NewOutputWriter(SharedWriteManager)
|
l := NewOutputWriter(SharedWriteManager)
|
||||||
if config.logFileDirectory != "" {
|
if config.logFileDirectory != "" {
|
||||||
l.Add(NewFileRollingWriter(config.logFileDirectory,
|
l.Add(NewFileRollingWriter(SanitizeLogPath(config.logFileDirectory),
|
||||||
"cloudflared",
|
"cloudflared",
|
||||||
int64(config.maxFileSize),
|
int64(config.maxFileSize),
|
||||||
config.maxFileCount),
|
config.maxFileCount),
|
||||||
@ -139,3 +140,13 @@ func ParseLevelString(lvl string) ([]Level, error) {
|
|||||||
}
|
}
|
||||||
return []Level{}, fmt.Errorf("not a valid log level: %q", lvl)
|
return []Level{}, fmt.Errorf("not a valid log level: %q", lvl)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SanitizeLogPath checks that the logger log path
|
||||||
|
func SanitizeLogPath(path string) string {
|
||||||
|
newPath := strings.TrimSpace(path)
|
||||||
|
// make sure it has a log file extension and is not a directory
|
||||||
|
if filepath.Ext(newPath) != ".log" && !(isDirectory(newPath) || strings.HasSuffix(newPath, "/")) {
|
||||||
|
newPath = newPath + ".log"
|
||||||
|
}
|
||||||
|
return newPath
|
||||||
|
}
|
||||||
|
|||||||
46
logger/create_test.go
Normal file
46
logger/create_test.go
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
package logger
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestLogLevelParse(t *testing.T) {
|
||||||
|
lvls, err := ParseLevelString("fatal")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, []Level{FatalLevel}, lvls)
|
||||||
|
|
||||||
|
lvls, err = ParseLevelString("error")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, []Level{FatalLevel, ErrorLevel}, lvls)
|
||||||
|
|
||||||
|
lvls, err = ParseLevelString("info")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, []Level{FatalLevel, ErrorLevel, InfoLevel}, lvls)
|
||||||
|
|
||||||
|
lvls, err = ParseLevelString("info")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, []Level{FatalLevel, ErrorLevel, InfoLevel}, lvls)
|
||||||
|
|
||||||
|
lvls, err = ParseLevelString("warn")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, []Level{FatalLevel, ErrorLevel, InfoLevel}, lvls)
|
||||||
|
|
||||||
|
lvls, err = ParseLevelString("debug")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, []Level{FatalLevel, ErrorLevel, InfoLevel, DebugLevel}, lvls)
|
||||||
|
|
||||||
|
_, err = ParseLevelString("blah")
|
||||||
|
assert.Error(t, err)
|
||||||
|
|
||||||
|
_, err = ParseLevelString("")
|
||||||
|
assert.Error(t, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestPathSanitizer(t *testing.T) {
|
||||||
|
assert.Equal(t, "somebad/path/log.bat.log", SanitizeLogPath("\t somebad/path/log.bat\n\n"))
|
||||||
|
assert.Equal(t, "proper/path/cloudflared.log", SanitizeLogPath("proper/path/cloudflared.log"))
|
||||||
|
assert.Equal(t, "proper/path/", SanitizeLogPath("proper/path/"))
|
||||||
|
assert.Equal(t, "proper/path/cloudflared.log", SanitizeLogPath("\tproper/path/cloudflared\n\n"))
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user