From 27b37ea8380627cb5c6e0f3bcbe1b03892e5e54a Mon Sep 17 00:00:00 2001 From: sophia Date: Tue, 18 Aug 2020 11:38:04 -0500 Subject: [PATCH] Scrub credentials as whole words, don't capture matching substrings --- lib/vagrant/util/credential_scrubber.rb | 2 +- test/unit/vagrant/util/credential_scrubber_test.rb | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/lib/vagrant/util/credential_scrubber.rb b/lib/vagrant/util/credential_scrubber.rb index 6acb3f37a..8446b975d 100644 --- a/lib/vagrant/util/credential_scrubber.rb +++ b/lib/vagrant/util/credential_scrubber.rb @@ -32,7 +32,7 @@ module Vagrant def self.desensitize(string) string = string.to_s.dup sensitive_strings.each do |remove| - string.gsub!(remove, REPLACEMENT_TEXT) + string.gsub!(/(\W|^)#{remove}(\W|$)/, " #{REPLACEMENT_TEXT} ") end string end diff --git a/test/unit/vagrant/util/credential_scrubber_test.rb b/test/unit/vagrant/util/credential_scrubber_test.rb index e206fd763..1bbcefbe9 100644 --- a/test/unit/vagrant/util/credential_scrubber_test.rb +++ b/test/unit/vagrant/util/credential_scrubber_test.rb @@ -94,5 +94,18 @@ describe Vagrant::Util::CredentialScrubber do end end end + + context "with sensitive words that are part of non-sensitive words" do + let(:to_scrub){ ["a"] } + + it "should not remove parts of words" do + result = subject.desensitize(string) + to_scrub.each do |registered_value| + expect(result).not_to match(/(\W|^)#{registered_value}(\W|$)/) + end + expect(result).to include("my-birthday") + expect(result).to include("my-cats-birthday") + end + end end end