Skip to content

Gcvcallp 3053#145

Open
kordian-pawelec wants to merge 4 commits into
4.0-genesysfrom
GCVCALLP-3053
Open

Gcvcallp 3053#145
kordian-pawelec wants to merge 4 commits into
4.0-genesysfrom
GCVCALLP-3053

Conversation

@kordian-pawelec

Copy link
Copy Markdown
Collaborator

Adding a mechanism to override redact pattern with 4 modes: replace|append|prepend|format

PII input: sip:user@domain.com

Mode Config Output
replace redact_pii_ = 1 redact_template = "REDACTED" redact_mode = "replace" REDACTED

append redact_pii_ = 1 redact_template = "[PII]" redact_mode = "append" sip:user@domain.com[PII]

prepend redact_pii_ = 1 redact_template = "[PII]" redact_mode = "prepend" [PII]sip:user@domain.com

format redact_pii_ = 1 redact_template = "GenesysPII<%s>" redact_mode = "format" GenesysPIIsip:user@domain.com

Default (no template/mode configured): redact_pii_ = 1 → ****

https://inindca.atlassian.net/browse/GCVCALLP-3053

@codacy-production

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 6 complexity

Metric Results
Complexity 6

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@davidtrihy-genesys davidtrihy-genesys left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's buffer overflow potential here that needs to be addressed, I left some comments on how I would address it with a macro, I would use that macro in the append/prepend/format scenarios when done use Claude to ask it for any buffer overflow opportunities and how safe the function is when applied

Comment thread redact_pii.c
return redact_pii_ ? "****" : ZSW(input);
#define REDACT_BUF_SIZE 512

inline const char* redact_pii(const char* input) {

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function needs proper bounds checking of the buffer in all cases except the replace case, we should create a reusable macro like so

#define SAFE_COPY_TO_BUF(_c, _len) \
    do { \
        size_t _n = (_len); \
        if (idx + _n < REDACT_BUF_SIZE) { \
            memcpy(buf + idx, (_c), _n); \
            idx += _n; \
        } else { \
            goto end; \
        } \
    } while (0)

An example with REDACT_APPEND using the macro

    case REDACT_APPEND:
        input_len = strnlen(safe, REDACT_BUF_SIZE);
        SAFE_COPY_TO_BUF(safe, input_len);
        SAFE_COPY_TO_BUF(redact_template.s, redact_template.len);
...
end;
	buf[idx] = '\0';
	return buf;

Also the redact_template should be constructed as a str not char* so that we have constant time access to the length rather than having to run strnlen everytime

One extra thing you'll notice is the use strnlen instead of strlen and it uses the REDACT_BUF_SIZE as the upper bounds guard, this will return 512 if there is null terminator \0 which will ensure we don't try to memcpy unsafely and it will end the copying at that point and null terminate the output buffer.

Comment thread redact_pii.c
inline const char* redact_pii(const char* input) {
static char buf[REDACT_BUF_SIZE];
const char *safe = ZSW(input);
size_t input_len, idx;

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

initialize every member of the function at the start, the code in this comment relies on it

size_t input_len = 0, idx = 0;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants