-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Too broad regex replacement #61
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Consider the following slightly modified access log line from the first regex test:
The requested URI could be an OID from an SNMP MIB or something like that.
The current implementation would replace the 3.3.3.3 in that URI, even though it has nothing to do with the client IP address and isn't, in fact, an IP address at all:
Note that this depends on the real client address being contained in the URI. The following line
doesn't modify the URI:
Hence this could even reveal the real client IP address if only 723.3.3.357 makes sense in that place, and 723.3.0.057 doesn't.
I'll open a PR in a minute that - among other things - addresses this problem by only replacing the groups where they actually matched and modifies the first test case to highlight this problem.
The text was updated successfully, but these errors were encountered: