From 5219965105f759a7b7256fd563fc222b3b93fbf2 Mon Sep 17 00:00:00 2001
From: Alex Vanin <alexey@nspcc.ru>
Date: Wed, 27 Jul 2022 18:02:52 +0300
Subject: [PATCH] [#498] Remove log string sanitizer

`zap` lib does all the job anyway.
Suppress CWE-117 from CodeQL.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
---
 api/handler/util.go           | 9 ++++-----
 api/layer/multipart_upload.go | 3 +--
 internal/misc/sanitizer.go    | 9 ---------
 3 files changed, 5 insertions(+), 16 deletions(-)
 delete mode 100644 internal/misc/sanitizer.go

diff --git a/api/handler/util.go b/api/handler/util.go
index 04f9d571..6d069dd6 100644
--- a/api/handler/util.go
+++ b/api/handler/util.go
@@ -10,16 +10,15 @@ import (
 	"github.com/nspcc-dev/neofs-s3-gw/api/data"
 	"github.com/nspcc-dev/neofs-s3-gw/api/errors"
 	"github.com/nspcc-dev/neofs-s3-gw/api/layer"
-	"github.com/nspcc-dev/neofs-s3-gw/internal/misc"
 	"github.com/nspcc-dev/neofs-sdk-go/session"
 	"go.uber.org/zap"
 )
 
 func (h *handler) logAndSendError(w http.ResponseWriter, logText string, reqInfo *api.ReqInfo, err error, additional ...zap.Field) {
-	fields := []zap.Field{zap.String("request_id", misc.SanitizeString(reqInfo.RequestID)),
-		zap.String("method", misc.SanitizeString(reqInfo.API)),
-		zap.String("bucket_name", misc.SanitizeString(reqInfo.BucketName)),
-		zap.String("object_name", misc.SanitizeString(reqInfo.ObjectName)),
+	fields := []zap.Field{zap.String("request_id", reqInfo.RequestID),
+		zap.String("method", reqInfo.API),
+		zap.String("bucket_name", reqInfo.BucketName),
+		zap.String("object_name", reqInfo.ObjectName),
 		zap.Error(err)}
 	fields = append(fields, additional...)
 
diff --git a/api/layer/multipart_upload.go b/api/layer/multipart_upload.go
index ddc42c7d..8a1c9c9e 100644
--- a/api/layer/multipart_upload.go
+++ b/api/layer/multipart_upload.go
@@ -13,7 +13,6 @@ import (
 
 	"github.com/nspcc-dev/neofs-s3-gw/api/data"
 	"github.com/nspcc-dev/neofs-s3-gw/api/errors"
-	"github.com/nspcc-dev/neofs-s3-gw/internal/misc"
 	oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
 	"github.com/nspcc-dev/neofs-sdk-go/user"
 	"go.uber.org/zap"
@@ -391,7 +390,7 @@ func (n *layer) CompleteMultipartUpload(ctx context.Context, p *CompleteMultipar
 	})
 	if err != nil {
 		n.log.Error("could not put a completed object (multipart upload)",
-			zap.String("uploadID", misc.SanitizeString(p.Info.UploadID)),
+			zap.String("uploadID", p.Info.UploadID),
 			zap.String("uploadKey", p.Info.Key),
 			zap.Error(err))
 
diff --git a/internal/misc/sanitizer.go b/internal/misc/sanitizer.go
deleted file mode 100644
index ea2e7f56..00000000
--- a/internal/misc/sanitizer.go
+++ /dev/null
@@ -1,9 +0,0 @@
-package misc
-
-import "strings"
-
-// SanitizeString sanitizes string before using it in logs. Required
-// for data from the user input: request body, headers, etc.
-func SanitizeString(s string) string {
-	return strings.Replace(s, "\n", "", -1)
-}