Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PII data can be present in exception messages that are captured #3039

Open
trask opened this issue May 19, 2021 · 6 comments
Open

PII data can be present in exception messages that are captured #3039

trask opened this issue May 19, 2021 · 6 comments

Comments

@trask
Copy link
Member

trask commented May 19, 2021

Reported via technical committee responsible disclosure inbox:

When an exception occurs performing some database interaction, such as a batch update, the OpenTelemetry
Java auto-instrumentation will appropriately sanitize the db.statement attribute, as well as any other
relevant attributes, if any. However, the auto-instrumentation will NOT sanitize any exception messages
that are provided to it, such as a java.sq.BatchUpdateException. This leaves the possibility of PII and
other potential user information being leaked in the generated span.

Is it possible to leverage the existing database sanitizers to attempt to sanitize the db exception message
prior to adding the exception message as a span attribute?
@mateuszrzeszutek mateuszrzeszutek mentioned this issue May 17, 2022
Merged
@mateuszrzeszutek mateuszrzeszutek mentioned this issue May 5, 2023
Open
@aaronjamesford
Copy link

I have ended up here after raising a similar issue RE exception messages in spans with Spring Framework. They have suggested I raise an issue with the OTel agent but I see there are already a few related issues open.

Are you happy adding an additional case to this issue or would you like me to open a new, dedicated one?

@mateuszrzeszutek
Copy link
Member

Are you happy adding an additional case to this issue or would you like me to open a new, dedicated one?

It's fine to keep it in this one, it's the same problem after all.

@trask
Copy link
Member Author

trask commented Oct 9, 2023

hi @aaronjamesford! can you share more details about the span on which this exception is captured? (in particular I'm curious if it's the top-most SERVER span, or an INTERNAL span)

also, does this exception bubble up and get logged in your application logs? or is it captured somewhere and so avoids getting logged?

@trask trask mentioned this issue Oct 10, 2023
Open
@aaronjamesford
Copy link

It is appearing in an internal span and it looks as if the span name is the controller class and method (MyController.myMethod).

Library info on the span:
Library Name: io.opentelemetry.spring-webmvc-6.0
Library Version: 1.25.0-alpha

This isn't bubbling up or showing in logs as we have a controller advice that handles this specific exception

@trask
Copy link
Member Author

trask commented Oct 17, 2023

thanks! this is really helpful.

@mateuszrzeszutek @laurit another check against controller spans 😞

@trask
Copy link
Member Author

trask commented Oct 20, 2023

@aaronjamesford if you don't need these controller spans, you can suppress them: https://opentelemetry.io/docs/instrumentation/java/automatic/agent-config/#suppressing-controller-andor-view-spans

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@trask @aaronjamesford @mateuszrzeszutek