fixed Password Exposure in IPMI Tool Command Execution

chenyoulong20g@ict.ac.cn · chenyoulong20g@ict.ac.cn · commit 8dde0b177067 · 2025-11-08T16:03:33.000+08:00
diff --git a/utils/src/main/java/org/apache/cloudstack/utils/process/ProcessRunner.java b/utils/src/main/java/org/apache/cloudstack/utils/process/ProcessRunner.java
@@ -67,11 +67,13 @@ String removeCommandSensitiveInfoForLogging(String command) {
     public ProcessRunner(ExecutorService executor) {
         this.executor = executor;
         commandLogReplacements.add(new Ternary<>("ipmitool", "-P\\s+\\S+", "-P *****"));
+        commandLogReplacements.add(new Ternary<>("ipmitool", "(?i)(password)(\\s+)\\S+(\\s+)\\S+", "$1****$2****"));
     }
 
     /**
      * Executes a process with provided list of commands with a max default timeout
      * of 5 minutes
+     *
      * @param commands list of string commands
      * @return returns process result
      */
@@ -80,10 +82,12 @@ public ProcessResult executeCommands(final List<String> commands) {
     }
 
     /**
-     * Executes a process with provided list of commands with a given timeout that is less
+     * Executes a process with provided list of commands with a given timeout that
+     * is less
      * than or equal to DEFAULT_MAX_TIMEOUT
+     *
      * @param commands list of string commands
-     * @param timeOut timeout duration
+     * @param timeOut  timeout duration
      * @return returns process result
      */
     public ProcessResult executeCommands(final List<String> commands, final Duration timeOut) {
@@ -109,14 +113,16 @@ public Integer call() throws Exception {
                 }
             });
             try {
-                logger.debug("Waiting for a response from command [{}]. Defined timeout: [{}].", commandLog, timeOut.getStandardSeconds());
+                logger.debug("Waiting for a response from command [{}]. Defined timeout: [{}].", commandLog,
+                        timeOut.getStandardSeconds());
                 retVal = processFuture.get(timeOut.getStandardSeconds(), TimeUnit.SECONDS);
             } catch (ExecutionException e) {
-                logger.warn("Failed to complete the requested command [{}] due to execution error.", commands, e);
+                logger.warn("Failed to complete the requested command [{}] due to execution error.", commandLog, e);
                 retVal = -2;
                 stdError = e.getMessage();
             } catch (TimeoutException e) {
-                logger.warn("Failed to complete the requested command [{}] within timeout. Defined timeout: [{}].", commandLog, timeOut.getStandardSeconds(), e);
+                logger.warn("Failed to complete the requested command [{}] within timeout. Defined timeout: [{}].",
+                        commandLog, timeOut.getStandardSeconds(), e);
                 retVal = -1;
                 stdError = "Operation timed out, aborted.";
             } finally {
diff --git a/utils/src/test/java/org/apache/cloudstack/utils/process/ProcessRunnerTest.java b/utils/src/test/java/org/apache/cloudstack/utils/process/ProcessRunnerTest.java
@@ -60,4 +60,16 @@ public void testRemoveCommandSensitiveInfoForLoggingIpmi() {
         Assert.assertTrue(log.contains(password));
         Assert.assertEquals(1, countSubstringOccurrences(log, password));
     }
+
+    @Test
+    public void testRemoveCommandSensitiveInfoForLoggingIpmiPasswordCommand() {
+        String userId = "3";
+        String newPassword = "Sup3rSecr3t!";
+        String command = String.format("/usr/bin/ipmitool user set password %s %s", userId, newPassword);
+        String log = processRunner.removeCommandSensitiveInfoForLogging(command);
+
+        Assert.assertFalse(log.contains(userId));
+        Assert.assertFalse(log.contains(newPassword));
+        Assert.assertTrue(log.contains("password **** ****"));
+    }
 }
