commit c6eb5c44ac817ed1704b77ab416b2df833e3daa6 Author: Arturo Filastò art@fuffa.org Date: Thu Aug 7 17:47:34 2014 +0200
Probe Report should not leak the full PATH.
This fixes: https://trac.torproject.org/projects/tor/ticket/12706 --- ooni/nettest.py | 8 ++++---- ooni/utils/__init__.py | 11 +++++++++++ 2 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/ooni/nettest.py b/ooni/nettest.py index 4cc453d..54a7d28 100644 --- a/ooni/nettest.py +++ b/ooni/nettest.py @@ -9,7 +9,7 @@ from twisted.trial.runner import filenameToModule from twisted.python import usage, reflect
from ooni.tasks import Measurement -from ooni.utils import log, checkForRoot +from ooni.utils import log, checkForRoot, sanitize_options from ooni.settings import config from ooni import geoip
@@ -219,6 +219,7 @@ class NetTestLoader(object): for input_file in self.inputFiles: input_file_hashes.append(input_file['hash'])
+ options = sanitize_options(self.options) test_details = {'start_time': time.time(), 'probe_asn': config.probe_ip.geodata['asn'], 'probe_cc': config.probe_ip.geodata['countrycode'], @@ -228,9 +229,8 @@ class NetTestLoader(object): 'test_version': self.testVersion, 'software_name': 'ooniprobe', 'software_version': software_version, - 'options': self.options, - 'input_hashes': input_file_hashes, - 'geoip_database_version': geoip.database_version() + 'options': options, + 'input_hashes': input_file_hashes } return test_details
diff --git a/ooni/utils/__init__.py b/ooni/utils/__init__.py index e879d7b..ec1b1ce 100644 --- a/ooni/utils/__init__.py +++ b/ooni/utils/__init__.py @@ -131,3 +131,14 @@ def generate_filename(testDetails, prefix=None, extension=None, filename=None):
return final_filename
+def sanitize_options(options): + """ + Strips all possible user identifying information from the ooniprobe test + options. + Currently only strips leading directories from filepaths. + """ + sanitized_options = [] + for option in options: + option = os.path.basename(option) + sanitized_options.append(option) + return sanitized_options