Bug #92099
closed
IpAnonymizationTask Bug
0%
Description
In the IpAnonymizationTask (sys_log) it's possible to set the mask level, but the mask level is not respected in the $queryBuilder statement starting on line 103 (typo3_src\typo3\sysext\scheduler\Classes\Task\IpAnonymizationTask.php).
It produces the following SQL query:
SELECT * FROM `sys_log` WHERE (`tstamp` < 1589263965) AND (`IP` <> "") AND (`IP` IS NOT NULL) AND (`IP` NOT LIKE "%.0.0") AND (`IP` LIKE "%::") ORDER BY uid ASC LIMIT 50
So it assumes that the configured mask level is always 2
$queryBuilder->expr()->notLike(
$configuration['ipField'],
$queryBuilder->createNamedParameter('%.0.0', \PDO::PARAM_STR)
),
With this statement already level 1 masked records are returned (e.g. 164.27.221.0), which have to be masked again and again.
So the right expression would be
$queryBuilder->expr()->notLike(
$configuration['ipField'],
$queryBuilder->createNamedParameter('%.0', \PDO::PARAM_STR)
),
Possible solution:
$maskLevelLikeExpr = '%.0.0';
if ($this->mask === 1) {
$maskLevelLikeExpr = '%.0';
}
// ...
$queryBuilder->expr()->notLike(
$configuration['ipField'],
$queryBuilder->createNamedParameter($maskLevelLikeExpr, \PDO::PARAM_STR)
),
Maybe the expression for ipv6 addresses has to be changed too.
Kind regards, Wolfgang
Updated by Riccardo De Contardi over 3 years ago
- Is duplicate of Bug #92098: IpAnonymizationTask Bug added
Updated by Riccardo De Contardi over 3 years ago
- Status changed from New to Closed
I think that this issue has been created accidentally, as it is identical to #92098 by the same author, therefore I close it as a duplicate.
If you think that this is the wrong decision please reopen it or ping me.