Technical information leak - Print Functions
Need
Prevention of sensitive information exposure through print functions
Context
- Usage of C# 7.0 for modern language features and enhancements
- Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core
Description
Non compliant code
public class HomeController : Controller
{
public IActionResult Index()
{
try
{
// Some code here
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
return View("Error");
}
return View();
}
}
In the above code, we have a basic ASP.NET Core Controller. The Index action method contains a try-catch block. Inside the catch block, we are printing the details of the exception to the console using Console.WriteLine(ex.ToString());.
The vulnerability here is the use of the Console.WriteLine function to print the details of the exception. This is a type of technical information leak, as it could potentially expose sensitive information about the application.
In a development environment, it's common to use such print functions for debugging purposes. However, in a production environment, this can lead to serious security risks. An attacker could gain valuable insights about the internal workings of your application or even sensitive user data.
When an exception occurs, the ex.ToString() method will print the exception message, the source of the exception, the stack trace, and the entire exception hierarchy. This information can be very helpful for debugging, but it should never be exposed in a production environment.
Steps
- Remove the usage of print functions like Console.WriteLine() in production code.
- Instead of printing technical information, handle exceptions gracefully and log the necessary information.
- Use a logging framework like Serilog or NLog to log exceptions and other relevant information.
- Configure the logging framework to write logs to a secure location, such as a log file or a centralized logging system.
- Ensure that sensitive information is not logged, such as passwords, API keys, or user personal data.
- Regularly review and monitor the logs to identify and address any potential security issues.
Compliant code
using Microsoft.Extensions.Logging;
public class HomeController : Controller
{
private readonly ILogger<HomeController> _logger;
public HomeController(ILogger<HomeController> logger)
{
_logger = logger;
}
public IActionResult Index()
{
try
{
// Some code here
}
catch (Exception ex)
{
_logger.LogError(ex, "An error occurred while executing the Index action");
return View("Error");
}
return View();
}
}
The updated code now uses the ILogger interface provided by the Microsoft.Extensions.Logging namespace. This is a part of the built-in logging framework in ASP.NET Core.
In the HomeController constructor, we are injecting an ILogger HomeController instance. This instance is used to log errors in the catch block of the Index action method.
The LogError method is used to log exceptions. It takes two parameters: the exception and a custom message. The custom message can be used to provide additional context about the error.
This approach ensures that exceptions are logged properly without exposing sensitive information to the users. The logs can be configured to be stored in a secure location and can be reviewed regularly to identify and address potential security issues.
Remember to configure the logging level and the log storage location in your application's configuration (appsettings.json file or other configuration sources).
Also, be careful not to log sensitive information such as passwords, API keys, or user personal data.
This way, we are not exposing any sensitive or technical information to the users or potential attackers, and we are keeping a record of the errors that occur during the execution of our application.