You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When listing all services in a project, the resulting response contains all services, with all service users, with all credentials.
In certain situations, that response can find its way into an error that is returned, and propagated up the callstack until it is handled, most typically be being logged.
This can lead to credentials being logged in places they shouldn't be.
One possible situation where this might happen:
When the client has received a response from the API and tries to read the buffer, io.ReadAll may return an error in some situations. This could presumably be things like read timeout, connection reset or other forms of I/O errors.
In this case, the client returns an error where the message is whatever has been read from the buffer so far, which could be anything.
When listing all services in a project, the resulting response contains all services, with all service users, with all credentials.
In certain situations, that response can find its way into an error that is returned, and propagated up the callstack until it is handled, most typically be being logged.
This can lead to credentials being logged in places they shouldn't be.
One possible situation where this might happen:
When the client has received a response from the API and tries to read the buffer,
io.ReadAllmay return an error in some situations. This could presumably be things like read timeout, connection reset or other forms of I/O errors.In this case, the client returns an error where the message is whatever has been read from the buffer so far, which could be anything.
aiven-go-client/client.go
Line 371 in 99411b8
The text was updated successfully, but these errors were encountered: