新增被测件:慎重考虑写入日志文件信息的隐私性。避免把敏感信息写入日志文件

wuhaoyang
Guo XIn 10 months ago
parent f7b554f2d8
commit 6fef801bcb
  1. 59
      sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/LogFileWriteChecker.cc

@ -0,0 +1,59 @@
#include "spdlog/spdlog.h"
#include <log4cpp/Category.hh>
#include <log4cpp/Appender.hh>
#include <log4cpp/FileAppender.hh>
#include <log4cpp/Layout.hh>
#include <log4cpp/PatternLayout.hh>
std::string username = "user1";
std::string orgName = "org1";
std::string armsName = "arms1";
// 创建一个rotating file sink,日志文件大小达到1MB时滚动并创建新的日志文件,最多保存3个历史文件
auto rotating_logger = spdlog::rotating_logger_mt("my_logger", "logs/mylogfile.log", 1048576, 3);
// 设置日志级别为info及以上
rotating_logger->set_level(spdlog::level::info);
int writeLogFile1() {
// 写入不同级别的日志信息
rotating_logger->track("This is an track message");
rotating_logger->debug("This is an debug message");
rotating_logger->info("This is an info message");
rotating_logger->warn("This is a warning");
rotating_logger->error("This is an error");
rotating_logger->track("This is an track message" + armsName); // error
rotating_logger->debug("This is an debug message %s, %s", username, orgName); // error
rotating_logger->info("This is an info message" + armsName); // error
rotating_logger->warn("This is a warning" + armsName); // error
rotating_logger->error("This is an error" + armsName); // error
return 0;
}
int writeLogFile2() {
log4cpp::PatternLayout* layout = new log4cpp::PatternLayout();
layout->setConversionPattern("%d{%Y-%m-%d %H:%M:%S} [%p] %c: %m%n");
// 创建FileAppender,并关联布局
log4cpp::FileAppender *fileAppender = new log4cpp::FileAppender("fileAppender", "logs/mylogfile.log");
fileAppender->setLayout(layout);
// 获取或创建一个category,并将appender添加给它
log4cpp::Category& root = log4cpp::Category::getRoot();
root.addAppender(fileAppender);
root.setPriority(log4cpp::Priority::INFO); // 设置最低记录的日志级别
// 写入不同级别的日志信息
log4cpp::Category& myCat = log4cpp::Category::getInstance(std::string("MyCategory"));
myCat.track("This is an track message" + armsName); // error
myCat.debug("This is an debug message %s, %s", username, orgName); // error
myCat.info("This is an info message" + armsName); // error
myCat.warn("This is a warning" + armsName); // error
myCat.error("This is an error" + armsName); // error
delete layout;
return 0;
}
Loading…
Cancel
Save