Golang is an efficient, concise, and safe programming language, but it also has its own shortcomings, that is, it is easy to expose system paths when handling errors. This article describes this problem and provides a solution.
1. Problem background
Golang’s error handling mechanism is very developer-friendly. In a function, if you need to return an error, you can directly return a variable of type error. For example:
func Divide(a, b int) (float64, error) {
if b == 0 {
return 0, fmt.Errorf("cannot divide by zero")
}
return float64(a) / float64(b), nil
}When using this function, you only need to determine whether the error variable is nil to determine whether an error occurs. For example:
result, err := Divide(10, 2)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(result)This error handling method is very concise, efficient, and easily accepted by everyone. However, the error stack information contains path information, which means that when a program error occurs, the attacker can obtain sensitive information such as the system path from the error information to conduct more precise attacks.
2. Problem Analysis
Let’s take a look at the above example. When executing Divide(10, 0), the error message is as follows:
cannot divide by zero
main.Divide
/Users/xxx/Documents/go/src/error.go:3
main.main
/Users/xxx/Documents/go/src/main.go:10
runtime.main
/usr/local/go/src/runtime/proc.go:204
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1371As you can see, we can not only see the error message and the file and line number where the error function is located, but also the specific implementation code of the error function. This kind of misinformation disclosure is too detailed and greatly increases the attacker's probability of success.
3. Solution
Now that the problem has been discovered, we need to find a solution. Next are two possible solutions:
In Golang, we can customize error types. The definition is very simple, you only need to implement the Error() method of the error interface. For example:
type MyError struct {
Reason string
}
func (m MyError) Error() string {
return m.Reason
}
func Divide(a, b int) (float64, error) {
if b == 0 {
return 0, MyError{Reason: "cannot divide by zero"}
}
return float64(a) / float64(b), nil
}In this way, when a program error occurs, the error stack information no longer contains sensitive information such as paths, but only our customized error information. For example:
cannot divide by zero
In addition to custom error types, we can also use existing third-party libraries to solve this problem. Commonly used libraries include logrus, zerolog, etc., which can encrypt and process error information, and can effectively prevent the exposure of sensitive information such as system paths.
Taking logrus as an example, we only need to pass in the error type variable as a parameter when using logrus to record logs. For example:
import (
log "github.com/sirupsen/logrus"
)
func Divide(a, b int) (float64, error) {
if b == 0 {
return 0, fmt.Errorf("cannot divide by zero")
}
return float64(a) / float64(b), nil
}
func main() {
result, err := Divide(10, 0)
if err != nil {
log.WithError(err).Error("divide error")
return
}
log.Info(result)
}In this way, when a program error occurs, only error information will be received in the log, and no sensitive information such as paths will be exposed.
4. Summary
This article introduces the security issues of Golang’s error handling mechanism and provides two solutions. Customizing error types is a common solution, and using third-party libraries can solve problems more conveniently and efficiently. Golang developers must pay attention to whether sensitive information may be exposed in error messages and take corresponding preventive measures. Only in this way can our programs be made more secure and reliable.
The above is the detailed content of golang error exposure path. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
