logsan

package
v1.100.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2026 License: Apache-2.0 Imports: 1 Imported by: 0

Documentation

Overview

Package logsan provides a single, shared log-sanitization helper used across the platform to neutralize log-injection (CWE-117) vectors in user-derived string values before they are passed to a logger.

The production logger is a slog JSON handler, which already escapes control characters, so log injection is not exploitable in the default configuration. This helper is defense-in-depth: it keeps the code correct if the handler is ever switched to a text handler, or if logs are line-split before parsing, and it resolves the static-analysis findings (CodeQL go/log-injection, gosec G706) legitimately rather than by suppression. Consolidating the previously duplicated per-package sanitizers here ensures a single behavior that cannot drift.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SanitizeForLog

func SanitizeForLog(s string) string

SanitizeForLog strips ASCII control characters (including CR, LF, tab, and DEL) from s so a hostile or malformed value cannot forge log lines or inject terminal control sequences. Non-control runes, including all printable multibyte Unicode, are preserved unchanged.

The CR/LF/tab removal is done first via a strings.Replacer built from literal "\n"/"\r" arguments. That explicit newline-replacement form is what the CodeQL go/log-injection query recognizes as a sanitizer barrier (a strings.Map with a rune predicate is not recognized), so routing every value through it resolves the findings legitimately. The subsequent strings.Map pass strips any remaining control characters (NUL, ESC, DEL, ...) for defense in depth.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL