From ae17c132a01e24177f866f8a29d2893ce61f3583 Mon Sep 17 00:00:00 2001 From: Chen Chen Date: Wed, 18 May 2022 19:29:46 -0500 Subject: [PATCH 1/2] storage: make key/value printing explicitly redactable This commit makes the formatting functions in storage/enginepb return explicitly redactable strings. Resolve #70288. Release note: None --- pkg/roachpb/data.go | 4 +++- pkg/storage/enginepb/BUILD.bazel | 1 + pkg/storage/enginepb/mvcc.go | 10 ++++------ pkg/storage/enginepb/mvcc_test.go | 12 ++++++++++++ pkg/storage/mvcc_value.go | 7 +++---- 5 files changed, 23 insertions(+), 11 deletions(-) diff --git a/pkg/roachpb/data.go b/pkg/roachpb/data.go index 9efc6fc14f8d..35f1c56de3d2 100644 --- a/pkg/roachpb/data.go +++ b/pkg/roachpb/data.go @@ -2488,7 +2488,9 @@ var _ = (SequencedWriteBySeq{}).Find func init() { // Inject the format dependency into the enginepb package. - enginepb.FormatBytesAsKey = func(k []byte) string { return Key(k).String() } + enginepb.FormatBytesAsKey = func(k []byte) redact.RedactableString { + return redact.Sprint(Key(k)) + } } // SafeValue implements the redact.SafeValue interface. diff --git a/pkg/storage/enginepb/BUILD.bazel b/pkg/storage/enginepb/BUILD.bazel index 059bac3749d2..b4329be6bd5a 100644 --- a/pkg/storage/enginepb/BUILD.bazel +++ b/pkg/storage/enginepb/BUILD.bazel @@ -66,5 +66,6 @@ go_test( "//pkg/util/uuid", "@com_github_cockroachdb_redact//:redact", "@com_github_stretchr_testify//assert", + "@com_github_stretchr_testify//require", ], ) diff --git a/pkg/storage/enginepb/mvcc.go b/pkg/storage/enginepb/mvcc.go index 8e9c9a427633..c22ca362c951 100644 --- a/pkg/storage/enginepb/mvcc.go +++ b/pkg/storage/enginepb/mvcc.go @@ -341,13 +341,11 @@ func (t TxnMeta) SafeFormat(w redact.SafePrinter, _ rune) { } // FormatBytesAsKey is injected by module roachpb as dependency upon initialization. -// TODO(sarkesian): Make this explicitly redactable. See #70288 -var FormatBytesAsKey = func(k []byte) string { - return string(k) +var FormatBytesAsKey = func(k []byte) redact.RedactableString { + return redact.Sprint(string(k)) } // FormatBytesAsValue is injected by module roachpb as dependency upon initialization. -// TODO(sarkesian): Make this explicitly redactable. See #70288 -var FormatBytesAsValue = func(v []byte) string { - return string(v) +var FormatBytesAsValue = func(v []byte) redact.RedactableString { + return redact.Sprint(string(v)) } diff --git a/pkg/storage/enginepb/mvcc_test.go b/pkg/storage/enginepb/mvcc_test.go index 7acf323287ff..6ebbabe6a6f7 100644 --- a/pkg/storage/enginepb/mvcc_test.go +++ b/pkg/storage/enginepb/mvcc_test.go @@ -19,6 +19,7 @@ import ( "github.com/cockroachdb/cockroach/pkg/util/uuid" "github.com/cockroachdb/redact" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) func TestFormatMVCCMetadata(t *testing.T) { @@ -105,3 +106,14 @@ func TestTxnSeqIsIgnored(t *testing.T) { } } } + +func TestFormatBytesAsKeyAndValue(t *testing.T) { + // Injected by roachpb + require.Equal(t, string(enginepb.FormatBytesAsKey([]byte("foo"))), "‹\"foo\"›") + require.Equal(t, string(enginepb.FormatBytesAsKey([]byte("foo")).Redact()), "‹×›") + + // Injected by storage + encodedIntVal := []byte{0x0, 0x0, 0x0, 0x0, 0x1, 0xf} + require.Equal(t, string(enginepb.FormatBytesAsValue(encodedIntVal)), "‹/INT/-8›") + require.Equal(t, string(enginepb.FormatBytesAsValue(encodedIntVal).Redact()), "‹×›") +} diff --git a/pkg/storage/mvcc_value.go b/pkg/storage/mvcc_value.go index 2edb4819b611..2b5bc11cfb48 100644 --- a/pkg/storage/mvcc_value.go +++ b/pkg/storage/mvcc_value.go @@ -12,7 +12,6 @@ package storage import ( "encoding/binary" - "fmt" "github.com/cockroachdb/cockroach/pkg/roachpb" "github.com/cockroachdb/cockroach/pkg/storage/enginepb" @@ -279,11 +278,11 @@ func decodeExtendedMVCCValue(buf []byte) (MVCCValue, error) { func init() { // Inject the format dependency into the enginepb package. - enginepb.FormatBytesAsValue = func(v []byte) string { + enginepb.FormatBytesAsValue = func(v []byte) redact.RedactableString { val, err := DecodeMVCCValue(v) if err != nil { - return fmt.Sprintf("err=%v", err) + return redact.Sprintf("err=%v", err) } - return val.String() + return redact.Sprint(val) } } From 5f898b2c0cecbed8cff68a295033ef50e11e1a68 Mon Sep 17 00:00:00 2001 From: Rafi Shamim Date: Tue, 24 May 2022 13:23:17 -0400 Subject: [PATCH 2/2] vendor: update to pgconn 1.12.1 This includes a fix to error handling during password auth Release note: None --- DEPS.bzl | 12 ++++++------ build/bazelutil/distdir_files.bzl | 4 ++-- go.mod | 4 ++-- go.sum | 8 ++++---- vendor | 2 +- 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/DEPS.bzl b/DEPS.bzl index ddb322c68332..deadf0007cb9 100644 --- a/DEPS.bzl +++ b/DEPS.bzl @@ -4351,10 +4351,10 @@ def go_deps(): name = "com_github_jackc_pgconn", build_file_proto_mode = "disable_global", importpath = "github.com/jackc/pgconn", - sha256 = "e85fe75c44045c1c2f1e27846739d873c673cfe210623165d9831bb42c6d19bc", - strip_prefix = "github.com/jackc/pgconn@v1.12.1-0.20220426135424-84e8238fa074", + sha256 = "48d34064a1facff7766713d9224502e7376a5d90c1506f99a37c57bfceaf9636", + strip_prefix = "github.com/jackc/pgconn@v1.12.1", urls = [ - "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgconn/com_github_jackc_pgconn-v1.12.1-0.20220426135424-84e8238fa074.zip", + "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgconn/com_github_jackc_pgconn-v1.12.1.zip", ], ) go_repository( @@ -9095,10 +9095,10 @@ def go_deps(): name = "org_golang_x_crypto", build_file_proto_mode = "disable_global", importpath = "golang.org/x/crypto", - sha256 = "6904630b4bc6f767bc024b544c405239a773a4e6f839286009eb0474addd1b28", - strip_prefix = "golang.org/x/crypto@v0.0.0-20220427172511-eb4f295cb31f", + sha256 = "81dbe3648b3bb1f191ac7584626106bf0a8ceccd62e1cd33dbb0e4bd266d1340", + strip_prefix = "golang.org/x/crypto@v0.0.0-20220518034528-6f7dac969898", urls = [ - "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/crypto/org_golang_x_crypto-v0.0.0-20220427172511-eb4f295cb31f.zip", + "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/crypto/org_golang_x_crypto-v0.0.0-20220518034528-6f7dac969898.zip", ], ) go_repository( diff --git a/build/bazelutil/distdir_files.bzl b/build/bazelutil/distdir_files.bzl index 8dc50bd90840..48c945d3cf0d 100644 --- a/build/bazelutil/distdir_files.bzl +++ b/build/bazelutil/distdir_files.bzl @@ -474,7 +474,7 @@ DISTDIR_FILES = { "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/j-keck/arping/com_github_j_keck_arping-v0.0.0-20160618110441-2cf9dc699c56.zip": "6001c94a8c4eed55718f627346cb685cce67369ca5c29ae059f58f7abd8bd8a7", "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/chunkreader/com_github_jackc_chunkreader-v1.0.0.zip": "e204c917e2652ffe047f5c8b031192757321f568654e3df8408bf04178df1408", "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/chunkreader/v2/com_github_jackc_chunkreader_v2-v2.0.1.zip": "6e3f4b7d9647f31061f6446ae10de71fc1407e64f84cd0949afac0cd231e8dd2", - "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgconn/com_github_jackc_pgconn-v1.12.1-0.20220426135424-84e8238fa074.zip": "e85fe75c44045c1c2f1e27846739d873c673cfe210623165d9831bb42c6d19bc", + "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgconn/com_github_jackc_pgconn-v1.12.1.zip": "48d34064a1facff7766713d9224502e7376a5d90c1506f99a37c57bfceaf9636", "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgio/com_github_jackc_pgio-v1.0.0.zip": "1a83c03d53f6a40339364cafcbbabb44238203c79ca0c9b98bf582d0df0e0468", "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgmock/com_github_jackc_pgmock-v0.0.0-20210724152146-4ad1a8207f65.zip": "0fffd0a7a67dbdfafa04297e51028c6d2d08cd6691f3b6d78d7ae6502d3d4cf2", "https://storage.googleapis.com/cockroach-godeps/gomod/github.com/jackc/pgpassfile/com_github_jackc_pgpassfile-v1.0.0.zip": "1cc79fb0b80f54b568afd3f4648dd1c349f746ad7c379df8d7f9e0eb1cac938b", @@ -845,7 +845,7 @@ DISTDIR_FILES = { "https://storage.googleapis.com/cockroach-godeps/gomod/go.uber.org/zap/org_uber_go_zap-v1.19.0.zip": "6437824258873fed421b7975b8e4cafd1be80cdc15e553beaa887b499dd01420", "https://storage.googleapis.com/cockroach-godeps/gomod/goji.io/io_goji-v2.0.2+incompatible.zip": "1ea69b28e356cb91381ce2339004fcf144ad1b268c9e3497c9ef304751ae0bb3", "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/arch/org_golang_x_arch-v0.0.0-20180920145803-b19384d3c130.zip": "9f67b677a3fefc503111d9aa7df8bacd2677411b0fcb982eb1654aa6d14cc3f8", - "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/crypto/org_golang_x_crypto-v0.0.0-20220427172511-eb4f295cb31f.zip": "6904630b4bc6f767bc024b544c405239a773a4e6f839286009eb0474addd1b28", + "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/crypto/org_golang_x_crypto-v0.0.0-20220518034528-6f7dac969898.zip": "81dbe3648b3bb1f191ac7584626106bf0a8ceccd62e1cd33dbb0e4bd266d1340", "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/exp/org_golang_x_exp-v0.0.0-20220104160115-025e73f80486.zip": "50e096afbb8e0f073519dd05f6573aefe410a829c87a7c1b64efb8c4a3948c50", "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/image/org_golang_x_image-v0.0.0-20190802002840-cff245a6509b.zip": "4a44b498934a95e8f84e8374530de0cab38d81fcd558898d4880c3c5ce1efe47", "https://storage.googleapis.com/cockroach-godeps/gomod/golang.org/x/lint/org_golang_x_lint-v0.0.0-20210508222113-6edffad5e616.zip": "0a4a5ebd2b1d79e7f480cbf5a54b45a257ae1ec9d11f01688efc5c35268d4603", diff --git a/go.mod b/go.mod index 4a18cd6dc432..52bebd1ad077 100644 --- a/go.mod +++ b/go.mod @@ -90,7 +90,7 @@ require ( github.com/goware/modvendor v0.5.0 github.com/grpc-ecosystem/grpc-gateway v1.16.0 github.com/irfansharif/recorder v0.0.0-20211218081646-a21b46510fd6 - github.com/jackc/pgconn v1.12.1-0.20220426135424-84e8238fa074 + github.com/jackc/pgconn v1.12.1 github.com/jackc/pgproto3/v2 v2.3.0 github.com/jackc/pgtype v1.11.0 github.com/jackc/pgx/v4 v4.16.0 @@ -152,7 +152,7 @@ require ( go.opentelemetry.io/otel/exporters/zipkin v1.0.0-RC3 go.opentelemetry.io/otel/sdk v1.0.0-RC3 go.opentelemetry.io/otel/trace v1.0.0-RC3 - golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f + golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898 golang.org/x/exp v0.0.0-20220104160115-025e73f80486 golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 golang.org/x/net v0.0.0-20220421235706-1d1ef9303861 diff --git a/go.sum b/go.sum index 7fdf03c60f06..2f2f3592b8a9 100644 --- a/go.sum +++ b/go.sum @@ -1294,8 +1294,8 @@ github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfG github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY= github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= github.com/jackc/pgconn v1.12.0/go.mod h1:ZkhRC59Llhrq3oSfrikvwQ5NaxYExr6twkdkMLaKono= -github.com/jackc/pgconn v1.12.1-0.20220426135424-84e8238fa074 h1:tdA/5SW0z5IpDP3r/0AlDggT+JD2K0yvMRE8FHSjMmE= -github.com/jackc/pgconn v1.12.1-0.20220426135424-84e8238fa074/go.mod h1:ZkhRC59Llhrq3oSfrikvwQ5NaxYExr6twkdkMLaKono= +github.com/jackc/pgconn v1.12.1 h1:rsDFzIpRk7xT4B8FufgpCCeyjdNpKyghZeSefViE5W8= +github.com/jackc/pgconn v1.12.1/go.mod h1:ZkhRC59Llhrq3oSfrikvwQ5NaxYExr6twkdkMLaKono= github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE= github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE= @@ -2314,8 +2314,8 @@ golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f h1:OeJjE6G4dgCY4PIXvIRQbE8+RX+uXZyGhUy/ksMGJoc= -golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898 h1:SLP7Q4Di66FONjDJbCYrCRrh97focO6sLogHO7/g8F0= +golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= diff --git a/vendor b/vendor index c404bd45895f..5b5c6ccc1868 160000 --- a/vendor +++ b/vendor @@ -1 +1 @@ -Subproject commit c404bd45895f1a010fb547a4f6c833d392fc4062 +Subproject commit 5b5c6ccc1868bbb016ce2043e3e93700da886698