From 04bb1510fda52f33b5c8f0cb9a3b4065418f8ef3 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Tue, 7 May 2019 00:19:48 +0200
Subject: [PATCH] remove args from logging of common-spelled methods dependent
 on class

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 lib/private/Log/ExceptionSerializer.php | 34 +++++++++++++++++--------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/lib/private/Log/ExceptionSerializer.php b/lib/private/Log/ExceptionSerializer.php
index 499bb4101e9..b9932cfa05c 100644
--- a/lib/private/Log/ExceptionSerializer.php
+++ b/lib/private/Log/ExceptionSerializer.php
@@ -21,7 +21,9 @@
 
 namespace OC\Log;
 
+use OC\Core\Controller\SetupController;
 use OC\HintException;
+use OC\Setup;
 
 class ExceptionSerializer {
 	const methodsWithSensitiveParameters = [
@@ -76,24 +78,36 @@ class ExceptionSerializer {
 
 		// files_external: UserStoragesController
 		'update',
+	];
 
-		// Setup
-		'install',
-
-		// SetupController
-		'run',
-		'display',
-		'loadAutoConfig',
+	const methodsWithSensitiveParametersByClass = [
+		SetupController::class => [
+			'run',
+			'display',
+			'loadAutoConfig',
+		],
+		Setup::class => [
+			'install'
+		]
 	];
 
+	private function editTrace(array &$sensitiveValues, array $traceLine): array {
+		$sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
+		$traceLine['args'] = ['*** sensitive parameters replaced ***'];
+		return $traceLine;
+	}
+
 	private function filterTrace(array $trace) {
 		$sensitiveValues = [];
 		$trace = array_map(function (array $traceLine) use (&$sensitiveValues) {
+			$className = $traceLine['class'];
+			if (isset(self::methodsWithSensitiveParametersByClass[$className])
+				&& in_array($traceLine['function'], self::methodsWithSensitiveParametersByClass[$className], true)) {
+				return $this->editTrace($sensitiveValues, $traceLine);
+			}
 			foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
 				if (strpos($traceLine['function'], $sensitiveMethod) !== false) {
-					$sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
-					$traceLine['args'] = ['*** sensitive parameters replaced ***'];
-					return $traceLine;
+					return $this->editTrace($sensitiveValues, $traceLine);
 				}
 			}
 			return $traceLine;
-- 
2.39.5