Clear password from command line #11624

07ba7ffe · Alexey Milovidov · 561d4b5b · 07ba7ffe · 07ba7ffe · 07ba7ffe
5 changed file
--- a/programs/benchmark/Benchmark.cpp
+++ b/programs/benchmark/Benchmark.cpp
@@ -18,6 +18,7 @@
 #include <Common/ConcurrentBoundedQueue.h>
 #include <Common/Exception.h>
 #include <Common/randomSeed.h>
+#include <Common/clearPasswordFromCommandLine.h>
 #include <Core/Types.h>
 #include <IO/ReadBufferFromFileDescriptor.h>
 #include <IO/WriteBufferFromFileDescriptor.h>
@@ -539,7 +540,7 @@ int mainEntryClickHouseBenchmark(int argc, char ** argv)
            ("password",      value<std::string>()->default_value(""),          "")
            ("database",      value<std::string>()->default_value("default"),   "")
            ("stacktrace",                                                      "print stack traces of exceptions")
-            ("confidence",    value<size_t>()->default_value(5),                "set the level of confidence for T-test [0=80%, 1=90%, 2=95%, 3=98%, 4=99%, 5=99.5%(default)")
+            ("confidence",    value<size_t>()->default_value(5), "set the level of confidence for T-test [0=80%, 1=90%, 2=95%, 3=98%, 4=99%, 5=99.5%(default)")
            ("query_id",      value<std::string>()->default_value(""),         "")
        ;

@@ -550,6 +551,8 @@ int mainEntryClickHouseBenchmark(int argc, char ** argv)
        boost::program_options::store(boost::program_options::parse_command_line(argc, argv, desc), options);
        boost::program_options::notify(options);

+        clearPasswordFromCommandLine(argc, argv);
+
        if (options.count("help"))
        {
            std::cout << "Usage: " << argv[0] << " [options] < queries.txt\n";

--- a/programs/client/Client.cpp
+++ b/programs/client/Client.cpp
@@ -38,6 +38,7 @@
 #include <Common/Throttler.h>
 #include <Common/StringUtils/StringUtils.h>
 #include <Common/typeid_cast.h>
+#include <Common/clearPasswordFromCommandLine.h>
 #include <Common/Config/ConfigProcessor.h>
 #include <Core/Types.h>
 #include <Core/QueryProcessingStage.h>
@@ -2006,6 +2007,7 @@ public:

        argsToConfig(common_arguments, config(), 100);

+        clearPasswordFromCommandLine(argc, argv);
    }
 };


--- a/src/Common/clearPasswordFromCommandLine.cpp
+++ b/src/Common/clearPasswordFromCommandLine.cpp
+#include <string.h>
+#include "clearPasswordFromCommandLine.h"
+
+void clearPasswordFromCommandLine(int argc, char ** argv)
+{
+    for (int arg = 1; arg < argc; ++arg)
+    {
+        if (arg + 1 < argc && 0 == strcmp(argv[arg], "--password"))
+        {
+            ++arg;
+            memset(argv[arg], 0, strlen(argv[arg]));
+        }
+        else if (0 == strncmp(argv[arg], "--password=", strlen("--password=")))
+        {
+            memset(argv[arg] + strlen("--password="), 0, strlen(argv[arg]) - strlen("--password="));
+        }
+    }
+}
--- a/src/Common/clearPasswordFromCommandLine.h
+++ b/src/Common/clearPasswordFromCommandLine.h
+#pragma once
+
+/** If there are --password=... or --password ... arguments in command line, replace their values with zero bytes.
+  * This is needed to prevent password exposure in 'ps' and similar tools.
+  */
+void clearPasswordFromCommandLine(int argc, char ** argv);
--- a/src/Common/ya.make
+++ b/src/Common/ya.make
@@ -30,6 +30,7 @@ SRCS(
    Config/configReadClient.cpp
    Config/ConfigReloader.cpp
    createHardLink.cpp
+    clearPasswordFromCommandLine.cpp
    CurrentMetrics.cpp
    CurrentThread.cpp
    DNSResolver.cpp