Copilot commented on code in PR #4073:
URL: https://github.com/apache/logging-log4j2/pull/4073#discussion_r2983825792
##########
log4j-core-test/src/test/java/org/apache/logging/log4j/core/layout/Rfc5424LayoutTest.java:
##########
@@ -792,4 +806,53 @@ void testFQDN() throws UnknownHostException {
final Rfc5424Layout layout = Rfc5424Layout.newBuilder().build();
assertThat(layout.getLocalHostName()).isEqualTo(fqdn);
}
+
+ private static LogEvent createLogEventWithMdcParamName(final String
paramName) {
+ final MutableInstant instant = new MutableInstant();
+ instant.initFromEpochMilli(1L, 0);
+
+ final StringMap contextData = ContextDataFactory.createContextData();
+ contextData.putValue(paramName, "");
+
+ return Log4jLogEvent.newBuilder()
+ .setInstant(instant)
Review Comment:
`createLogEventWithMdcParamName` builds a `Log4jLogEvent` without setting a
`Level`. `Rfc5424Layout.toSerializable()` calls `Priority.getPriority(facility,
event.getLevel())`, which will throw a `NullPointerException` when the level is
null. Set a level (e.g., INFO) on the builder to make this test reliable.
```suggestion
.setInstant(instant)
.setLevel(Level.INFO)
```
##########
log4j-core/src/main/java/org/apache/logging/log4j/core/layout/Rfc5424Layout.java:
##########
@@ -579,14 +581,70 @@ private void appendMap(
if (prefix != null) {
sb.append(prefix);
}
- final String safeKey =
escapeNewlines(escapeSDParams(entry.getKey()), escapeNewLine);
- final String safeValue =
escapeNewlines(escapeSDParams(entry.getValue()), escapeNewLine);
+ // No need to escape new lines, since parameter names cannot
contain them.
+ final String safeKey = sanitizeParamName(entry.getKey());
+ final String safeValue =
escapeNewlines(escapeParamValue(entry.getValue()), escapeNewLine);
StringBuilders.appendKeyDqValue(sb, safeKey, safeValue);
}
}
}
- private String escapeSDParams(final String value) {
+ /**
+ * Sanitizes an RFC 5424 {@code PARAM-NAME}
+ *
+ * <p>Invalid characters are replaced with {@code '?'} and the result is
truncated to
+ * {@value #SD_PARAM_NAME_MAX_LENGTH}.</p>
+ *
+ * @param key the original parameter name
+ * @return a sanitized parameter name compliant with RFC 5424
+ */
+ private String sanitizeParamName(final String key) {
+ final int length = key.length();
+ if (length == 0) {
+ return "?";
+ }
+ if (length > SD_PARAM_NAME_MAX_LENGTH) {
+ return sanitizeParamNameSlowPath(key);
+ }
+ for (int i = 0; i < length; i++) {
+ if (!isParamNameCharacterValid(key.charAt(i))) {
+ return sanitizeParamNameSlowPath(key);
+ }
+ }
+ return key;
+ }
+
+ private String sanitizeParamNameSlowPath(final String key) {
+ final StringBuilder sb = new StringBuilder();
+ final int maxLength = Math.min(key.length(), SD_PARAM_NAME_MAX_LENGTH);
+ for (int i = 0; i < maxLength; i++) {
+ final char c = key.charAt(i);
+ sb.append(isParamNameCharacterValid(c) ? c : '?');
+ }
Review Comment:
`sanitizeParamNameSlowPath` always builds a new `StringBuilder` but doesn't
pre-size it; since the result is capped at 32 chars, initializing the builder
with `maxLength` avoids any internal resizing/copying.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
