bugsnag 6.13.0 → 6.13.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2298a07774ef42fb825c7ae6aa9722c9da1234617789236a442cd0d888a4e486
-  data.tar.gz: f4882c3be40fe0e4d6582ec24e00751257ab5f5926866c0317a7d6d0ae3aa129
+  metadata.gz: 25dcf74c356f7025c163ad055ddb01ecb27b46ddf31b746f87b8753d9c1899ca
+  data.tar.gz: fab1845fb7b1165caa97a88561bdc49230603e7d8d9e218a55c0cf52af2da640
 SHA512:
-  metadata.gz: 129a9b9cf9411234935f4d49be119596e55475d31ff68e943e978f14ca95d17f2418c37fffa6190f25b03301fd408d5c0d4719c11807934982d3cd6f4d1c52ff
-  data.tar.gz: 6dae71c25d20bb071104e07608e51b33e4ab2deaaa0a7bf2bab06694f850d20823d2afde37c1edebd105b8e190b0d22baf61da8d16925b84f3fb5ec757cf6cbf
+  metadata.gz: d103cd0a9df8e2d02fd98a10f9b24ef706dc93c8266f148d480076c1ee2d2d06114de0c60983ca5c3275804271c9f664cdc64ddffdbc19fda1f787afb6d49e24
+  data.tar.gz: 6d85db5571b16d3de7c23baf7c932536c08fdd9261557bbb2f59e4436981caf02177fb5b91fb7cb4adbbc62d5c6f42f610128890f7414eda85aa1e1c21248ba2

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Changelog
 =========
 
+## 6.13.1 (11 May 2020)
+
+### Fixes
+
+* Only call custom diagnostic data methods once
+  | [#586](https://github.com/bugsnag/bugsnag-ruby/pull/586)
+  | [stoivo](https://github.com/stoivo)
+* Guard against exceptions in to_s when cleaning objects
+  | [#591](https://github.com/bugsnag/bugsnag-ruby/pull/591)
+
 ## 6.13.0 (30 Jan 2020)
 
 ### Enhancements

data/VERSION

@@ -1 +1 @@
-6.13.0
+6.13.1

data/lib/bugsnag/cleaner.rb

@@ -29,10 +29,19 @@ module Bugsnag
       when Hash
         clean_hash = {}
         obj.each do |k,v|
-          if filters_match_deeply?(k, scope)
-            clean_hash[k] = FILTERED
-          else
-            clean_hash[k] = traverse_object(v, seen, [scope, k].compact.join('.'))
+          begin
+            if filters_match_deeply?(k, scope)
+              clean_hash[k] = FILTERED
+            else
+              clean_hash[k] = traverse_object(v, seen, [scope, k].compact.join('.'))
+            end
+          # If we get an error here, we assume the key needs to be filtered
+          # to avoid leaking things we shouldn't. We also remove the key itself
+          # because it may cause issues later e.g. when being converted to JSON
+          rescue StandardError
+            clean_hash[RAISED] = FILTERED
+          rescue SystemStackError
+            clean_hash[RECURSION] = FILTERED
           end
         end
         clean_hash
@@ -43,7 +52,15 @@ module Bugsnag
       when String
         clean_string(obj)
       else
-        str = obj.to_s rescue RAISED
+        # guard against objects that raise or blow the stack when stringified
+        begin
+          str = obj.to_s
+        rescue StandardError
+          str = RAISED
+        rescue SystemStackError
+          str = RECURSION
+        end
+
         # avoid leaking potentially sensitive data from objects' #inspect output
         if str =~ /#<.*>/
           OBJECT

data/lib/bugsnag/middleware/exception_meta_data.rb

@@ -9,21 +9,27 @@ module Bugsnag::Middleware
     def call(report)
       # Apply the user's information attached to the exceptions
       report.raw_exceptions.each do |exception|
-        if exception.respond_to?(:bugsnag_user_id) && exception.bugsnag_user_id.is_a?(String)
-          report.user = {id: exception.bugsnag_user_id}
+        if exception.respond_to?(:bugsnag_user_id)
+          user_id = exception.bugsnag_user_id
+          report.user = {id: user_id} if user_id.is_a?(String)
         end
 
-        if exception.respond_to?(:bugsnag_context) && exception.bugsnag_context.is_a?(String)
-          report.context = exception.bugsnag_context
+        if exception.respond_to?(:bugsnag_context)
+          context = exception.bugsnag_context
+          report.context = context if context.is_a?(String)
         end
 
-        if exception.respond_to?(:bugsnag_grouping_hash) && exception.bugsnag_grouping_hash.is_a?(String)
-          report.grouping_hash = exception.bugsnag_grouping_hash
+        if exception.respond_to?(:bugsnag_grouping_hash)
+          group_hash = exception.bugsnag_grouping_hash
+          report.grouping_hash = group_hash if group_hash.is_a?(String)
         end
 
-        if exception.respond_to?(:bugsnag_meta_data) && exception.bugsnag_meta_data.is_a?(Hash)
-          exception.bugsnag_meta_data.each do |key, value|
-            report.add_tab key, value
+        if exception.respond_to?(:bugsnag_meta_data)
+          meta_data = exception.bugsnag_meta_data
+          if meta_data.is_a?(Hash)
+            meta_data.each do |key, value|
+              report.add_tab key, value
+            end
           end
         end
       end

data/spec/cleaner_spec.rb

@@ -6,12 +6,84 @@ describe Bugsnag::Cleaner do
   subject { described_class.new(nil) }
 
   describe "#clean_object" do
+    is_jruby = defined?(RUBY_ENGINE) && RUBY_ENGINE == 'jruby'
+
     it "cleans up recursive hashes" do
       a = {:a => {}}
       a[:a][:b] = a
       expect(subject.clean_object(a)).to eq({:a => {:b => "[RECURSION]"}})
     end
 
+    it "cleans up hashes when keys infinitely recurse in to_s" do
+      skip "JRuby doesn't allow recovery from SystemStackErrors" if is_jruby
+
+      class RecursiveHashKey
+        def to_s
+          to_s
+        end
+      end
+
+      key = RecursiveHashKey.new
+
+      a = {}
+      a[key] = 1
+
+      expect(subject.clean_object(a)).to eq({ "[RECURSION]" => "[FILTERED]" })
+    end
+
+    it "cleans up hashes when a nested key infinitely recurse in to_s" do
+      skip "JRuby doesn't allow recovery from SystemStackErrors" if is_jruby
+
+      class RecursiveHashKey
+        def to_s
+          to_s
+        end
+      end
+
+      key = RecursiveHashKey.new
+
+      a = {}
+      a[:b] = {}
+      a[:b][key] = 1
+
+      expected = { :b => { "[RECURSION]" => "[FILTERED]" } }
+
+      expect(subject.clean_object(a)).to eq(expected)
+    end
+
+    it "cleans up hashes when keys raise in to_s" do
+      class RaisingHashKey
+        def to_s
+          raise "hey!"
+        end
+      end
+
+      key = RaisingHashKey.new
+
+      a = {}
+      a[key] = 1
+
+      expect(subject.clean_object(a)).to eq({ "[RAISED]" => "[FILTERED]" })
+    end
+
+    it "cleans up hashes when nested keys raise in to_s" do
+      class RaisingHashKey
+        def to_s
+          raise "hey!"
+        end
+      end
+
+      key = RaisingHashKey.new
+
+      a = {}
+      a[:b] = {}
+      a[:b][key] = 1
+
+      expected = { :b => { "[RAISED]" => "[FILTERED]" } }
+
+      expect(subject.clean_object(a)).to eq(expected)
+    end
+
     it "cleans up recursive arrays" do
       a = []
       a << a
@@ -48,6 +120,20 @@ describe Bugsnag::Cleaner do
       expect(subject.clean_object(a)).to eq('[OBJECT]')
     end
 
+    it "cleans custom objects when they infinitely recurse" do
+      skip "JRuby doesn't allow recovery from SystemStackErrors" if is_jruby
+
+      class RecursiveObject
+        def to_s
+          to_s
+        end
+      end
+
+      object = RecursiveObject.new
+
+      expect(subject.clean_object(object)).to eq("[RECURSION]")
+    end
+
     it "cleans up binary strings properly" do
       if RUBY_VERSION > "1.9"
         obj = "Andr\xc7\xff"

data/spec/helper_spec.rb

@@ -50,6 +50,61 @@ describe Bugsnag::Helpers do
         value = Bugsnag::Helpers.trim_if_needed([1, 3, StringRaiser.new])
         expect(value[2]).to eq "[RAISED]"
       end
+
+      it "replaces hash key with '[RAISED]'" do
+        a = {}
+        a[StringRaiser.new] = 1
+
+        value = Bugsnag::Helpers.trim_if_needed(a)
+        expect(value).to eq({ "[RAISED]" => "[FILTERED]" })
+      end
+
+      it "uses a single '[RAISED]'key when multiple keys raise" do
+        a = {}
+        a[StringRaiser.new] = 1
+        a[StringRaiser.new] = 2
+
+        value = Bugsnag::Helpers.trim_if_needed(a)
+        expect(value).to eq({ "[RAISED]" => "[FILTERED]" })
+      end
+    end
+
+    context "an object will infinitely recurse if `to_s` is called" do
+      is_jruby = defined?(RUBY_ENGINE) && RUBY_ENGINE == 'jruby'
+
+      class StringRecurser
+        def to_s
+          to_s
+        end
+      end
+
+      it "uses the string '[RECURSION]' instead" do
+        skip "JRuby doesn't allow recovery from SystemStackErrors" if is_jruby
+
+        value = Bugsnag::Helpers.trim_if_needed([1, 3, StringRecurser.new])
+        expect(value[2]).to eq "[RECURSION]"
+      end
+
+      it "replaces hash key with '[RECURSION]'" do
+        skip "JRuby doesn't allow recovery from SystemStackErrors" if is_jruby
+
+        a = {}
+        a[StringRecurser.new] = 1
+
+        value = Bugsnag::Helpers.trim_if_needed(a)
+        expect(value).to eq({ "[RECURSION]" => "[FILTERED]" })
+      end
+
+      it "uses a single '[RECURSION]'key when multiple keys recurse" do
+        skip "JRuby doesn't allow recovery from SystemStackErrors" if is_jruby
+
+        a = {}
+        a[StringRecurser.new] = 1
+        a[StringRecurser.new] = 2
+
+        value = Bugsnag::Helpers.trim_if_needed(a)
+        expect(value).to eq({ "[RECURSION]" => "[FILTERED]" })
+      end
     end
 
     context "payload length is less than allowed" do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bugsnag
 version: !ruby/object:Gem::Version
-  version: 6.13.0
+  version: 6.13.1
 platform: ruby
 authors:
 - James Smith
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-01-30 00:00:00.000000000 Z
+date: 2020-05-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby
@@ -722,8 +722,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6.2
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Ruby notifier for bugsnag.com