Page MenuHomePhabricator

Support %P (Password or Secret) in qsprintf()
ClosedPublic

Authored by epriestley on Nov 7 2018, 12:34 AM.
Tags
None
Referenced Files
F15411634: D19782.diff
Wed, Mar 19, 9:30 AM
F15381704: D19782.diff
Fri, Mar 14, 8:59 AM
Unknown Object (File)
Wed, Feb 19, 6:26 PM
Unknown Object (File)
Feb 9 2025, 1:32 PM
Unknown Object (File)
Feb 9 2025, 1:32 PM
Unknown Object (File)
Feb 9 2025, 1:31 PM
Unknown Object (File)
Feb 9 2025, 1:31 PM
Unknown Object (File)
Feb 2 2025, 12:53 AM
Subscribers
None

Details

Summary

Depends on D19781. Fixes T6960. Ref T13217. Ref T13216. Occasionally, we issue queries which contain passwords or secrets. Supporting "%P" (similar to the csprintf() "%P") allows us to mask these in logs and output while still generating the correct values when we actually execute a query.

Test Plan
$ cat test.php 
<?php

require_once 'scripts/init/init-script.php';

$conn = id(new PhabricatorUser())->establishConnection('r');

$query = qsprintf(
  $conn,
  'SELECT %P',
  new PhutilOpaqueEnvelope('hunter2'));

echo $query."\n";
var_dump(queryfx_one($conn, '%Q', $query));
$ php -f test.php 
SELECT ********
array(1) {
  ["hunter2"]=>
  string(7) "hunter2"
}

Diff Detail

Repository
rPHU libphutil
Branch
qobject2
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 21097
Build 28672: Run Core Tests
Build 28671: arc lint + arc unit