From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <e@80x24.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN:  
X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from localhost (dcvr.yhbt.net [127.0.0.1])
	by dcvr.yhbt.net (Postfix) with ESMTP id E80691F461;
	Tue, 25 Jun 2019 06:37:05 +0000 (UTC)
Date: Tue, 25 Jun 2019 06:37:05 +0000
From: Eric Wong <e@80x24.org>
To: Ali Alnubani <alialnu@mellanox.com>
Cc: meta@public-inbox.org
Subject: [PATCH] searchview: avoid displaying full paths on errors
Message-ID: <20190625063705.tugph4uyh3vetlkj@dcvr>
References: <20190611193815.c4uovtlp574bid6x@dcvr>
 <AM4PR0501MB2161859AE4E8D78E74CB2585D7EC0@AM4PR0501MB2161.eurprd05.prod.outlook.com>
 <20190612171828.b6xvwol57hw3e4ri@dcvr>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20190612171828.b6xvwol57hw3e4ri@dcvr>
List-Id: <meta.public-inbox.org>

Displaying full path names of installed modules could expose
unnecessary information about user home directory names or other
potentially sensitive information.  However, displaying a module
name could still be useful for diagnosing problems, so map full
paths to the relevant part of the path name which is relevant to
the package name.

Reported-by: Ali Alnubani <alialnu@mellanox.com>
  https://public-inbox.org/meta/20190611193815.c4uovtlp574bid6x@dcvr/
---
 lib/PublicInbox/SearchView.pm | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/lib/PublicInbox/SearchView.pm b/lib/PublicInbox/SearchView.pm
index 6f07279b..a8b66dda 100644
--- a/lib/PublicInbox/SearchView.pm
+++ b/lib/PublicInbox/SearchView.pm
@@ -15,6 +15,7 @@ use PublicInbox::MIME;
 require PublicInbox::Git;
 require PublicInbox::SearchThread;
 our $LIM = 200;
+my %rmap_inc;
 
 sub noop {}
 
@@ -138,10 +139,27 @@ sub mset_summary {
 	*noop;
 }
 
+# shorten "/full/path/to/Foo/Bar.pm" to "Foo/Bar.pm" so error
+# messages don't reveal FS layout info in case people use non-standard
+# installation paths
+sub path2inc ($) {
+	my $full = $_[0];
+	if (my $short = $rmap_inc{$full}) {
+		return $short;
+	} elsif (!scalar(keys %rmap_inc) && -e $full) {
+		%rmap_inc = map {; "$INC{$_}" => $_ } keys %INC;
+		# fall back to basename as last resort
+		$rmap_inc{$full} // (split('/', $full))[-1];
+	} else {
+		$full;
+	}
+}
+
 sub err_txt {
 	my ($ctx, $err) = @_;
 	my $u = $ctx->{-inbox}->base_url($ctx->{env}) . '_/text/help/';
 	$err =~ s/^\s*Exception:\s*//; # bad word to show users :P
+	$err =~ s!(\S+)!path2inc($1)!sge;
 	$err = ascii_html($err);
 	"\nBad query: <b>$err</b>\n" .
 		qq{See <a\nhref="$u">$u</a> for help on using search};
-- 
EW