fixed Password Exposure in IPMI Tool Command Execution (#12028)

2025-12-15 18:12:35 +01:00 · 2025-11-13 16:10:36 +08:00 · 2025-11-13 16:10:36 +08:00 · 028dd86945
commit 028dd86945
parent f0a0936675
2 changed files with 20 additions and 3 deletions
--- a/utils/src/main/java/org/apache/cloudstack/utils/process/ProcessRunner.java
+++ b/utils/src/main/java/org/apache/cloudstack/utils/process/ProcessRunner.java
@ -67,11 +67,13 @@ public final class ProcessRunner {
    public ProcessRunner(ExecutorService executor) {
        this.executor = executor;
        commandLogReplacements.add(new Ternary<>("ipmitool", "-P\\s+\\S+", "-P *****"));
+        commandLogReplacements.add(new Ternary<>("ipmitool", "(?i)password\\s+\\S+\\s+\\S+", "password **** ****"));
    }

    /**
     * Executes a process with provided list of commands with a max default timeout
     * of 5 minutes
+     *
     * @param commands list of string commands
     * @return returns process result
     */
@ -82,6 +84,7 @@ public final class ProcessRunner {
    /**
     * Executes a process with provided list of commands with a given timeout that is less
     * than or equal to DEFAULT_MAX_TIMEOUT
+     *
     * @param commands list of string commands
     * @param timeOut timeout duration
     * @return returns process result
@ -109,14 +112,16 @@ public final class ProcessRunner {
                }
            });
            try {
-                logger.debug("Waiting for a response from command [{}]. Defined timeout: [{}].", commandLog, timeOut.getStandardSeconds());
+                logger.debug("Waiting for a response from command [{}]. Defined timeout: [{}].", commandLog,
+                        timeOut.getStandardSeconds());
                retVal = processFuture.get(timeOut.getStandardSeconds(), TimeUnit.SECONDS);
            } catch (ExecutionException e) {
-                logger.warn("Failed to complete the requested command [{}] due to execution error.", commands, e);
+                logger.warn("Failed to complete the requested command [{}] due to execution error.", commandLog, e);
                retVal = -2;
                stdError = e.getMessage();
            } catch (TimeoutException e) {
-                logger.warn("Failed to complete the requested command [{}] within timeout. Defined timeout: [{}].", commandLog, timeOut.getStandardSeconds(), e);
+                logger.warn("Failed to complete the requested command [{}] within timeout. Defined timeout: [{}].",
+                        commandLog, timeOut.getStandardSeconds(), e);
                retVal = -1;
                stdError = "Operation timed out, aborted.";
            } finally {
--- a/utils/src/test/java/org/apache/cloudstack/utils/process/ProcessRunnerTest.java
+++ b/utils/src/test/java/org/apache/cloudstack/utils/process/ProcessRunnerTest.java
@ -60,4 +60,16 @@ public class ProcessRunnerTest {
        Assert.assertTrue(log.contains(password));
        Assert.assertEquals(1, countSubstringOccurrences(log, password));
    }
+
+    @Test
+    public void testRemoveCommandSensitiveInfoForLoggingIpmiPasswordCommand() {
+        String userId = "3";
+        String newPassword = "Sup3rSecr3t!";
+        String command = String.format("/usr/bin/ipmitool user set password %s %s", userId, newPassword);
+        String log = processRunner.removeCommandSensitiveInfoForLogging(command);
+
+        Assert.assertFalse(log.contains(userId));
+        Assert.assertFalse(log.contains(newPassword));
+        Assert.assertTrue(log.contains("password **** ****"));
+    }
 }