Conversation
sundb
added
the
release-notes
src/server.h
Outdated
| void debugPauseProcess(void); | ||
|
|
||
| /* Log redaction helpers: return "*redacted*" when hide-user-data-from-log is on. */ | ||
| static inline const char *logRedactCstr(const char *s) {return server.hide_user_data_from_log ? "*redacted*" : (s ? s : "(null)");} |
There was a problem hiding this comment.
what about using define?
#define logRedactCstr(s) \
(server.hide_user_data_from_log ? "*redacted*" : ((s) ? (s) : "(null)"))
There was a problem hiding this comment.
I believe keeping it as a static inline function already gives us probably the same zero-cost, compiler-inlined, type-safe behavior we need, so turning it into a macro would just add a little risk for probably no real payoff.
There was a problem hiding this comment.
I don't use define because of the overhead, but to align with the things nearby (#define serverLog below), but I can't find this method anywhere else to put it.
Let's see what others think.
There was a problem hiding this comment.
what about renaming to redactLogCstr? Redact should be the action.
There was a problem hiding this comment.
what about renaming to
redactLogCstr? Redact should be the action.
Sure, that sounds better.
This PR continues the work #14645, to further ensure sensitive user data is not exposed in logs when hide_user_data_from_log is enabled. - Redact empty key notices during RDB load. - Redact key names in eviction/expiration debug logs. - Block DEBUG SCRIPT output and suppress raw string dump in crash object debug when redaction is enabled. - Redact malformed MODULE LOAD argument snippets and unresolved module configuration logs. - Redact empty key notices during RDB load. - Redact key names during Lua globals allow‑list warnings.
2 participants
This PR continues the work from #13400, following the discussion in #11747, to further ensure sensitive user data is not exposed in logs when hide_user_data_from_log is enabled.