Carlo Marcelo Arenas Belón <carenas@xxxxxxxxx> writes:
> +static char *redact_credential(const struct strbuf *line)
> +{
> + struct strbuf redacted_line = STRBUF_INIT;
> + char *at = strchr(line->buf, '@');
> + char *colon;
> + int redacted = 0;
> +
> + if (at) {
> + strbuf_addf(&redacted_line, "%.*s",
> + (int)(at - line->buf), line->buf);
> + colon = strrchr(redacted_line.buf, ':');
Just showing my ignorance, but ...
- Is the above strrchr() that forbids a colon in the password
intended, or should it be strchr() that only forbids a colon in
the username instead?
- Would it hurt to redact both username and password as sensitive?
If not, it would certainly make it simpler to unconditionally:
int i;
for (i = 0; i < redacted_line.len; i++) {
if (redacted_line.buf[i] != ':')
redacted_line.buf[i] = 'x';
}
