Fix code scanning alert - Clear-text logging of sensitive information

IBM / spectrum-protect-sppmon

Monitoring and long-term reporting for IBM Spectrum Protect Plus. Provides a data bridge from SPP to InfluxDB and provides visualization dashboards via Grafana.

Apache License 2.0

13 stars 8 forks source link

Fix code scanning alert - Clear-text logging of sensitive information #91

Closed NielsKorschinsky closed 2 years ago

NielsKorschinsky commented 2 years ago

Tracking issue for:

[x] https://github.com/IBM/spectrum-protect-sppmon/security/code-scanning/3
[x] https://github.com/IBM/spectrum-protect-sppmon/security/code-scanning/2

NielsKorschinsky commented 2 years ago

I've received these reports on the security page, but any execution of CodeQL will show that everything is fine -> I cannot validate that the error is fixed, until it is pushed onto the master branch. I've pushed a fix to the development branch which changes the faulty if-clause to prevent any leakage.