You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is possible to add an option to hide the command information in case of errors thrown?
In the execute method, right now if there is an error, due to the way node child_process.exec works, the library returns the full command plus whatever was in stdout/stderr. This can be a security risk as the full command would contain the password as well.
execute(cmd, cmdArgs, workingDir) {
const fullCmd = wrap(util.format("%s %s", cmd, cmdArgs));
const command = [
"smbclient",
this.getSmbClientArgs(fullCmd).join(" "),
].join(" ");
const options = {
cwd: workingDir || "",
};
return new Promise((resolve, reject) => {
exec(command, options, function (err, stdout, stderr) {
const allOutput = stdout + stderr;
if (err) {
err.message += allOutput;
return reject(err); // Has information about the full command
}
return resolve(allOutput);
});
});
}
I'll be happy to contribute a pull request to add maskCmd as an additional option and if it is set to true, only return the stdout/stderr output instead of the whole command.
Let me know, thanks!
The text was updated successfully, but these errors were encountered:
Hi,
It is possible to add an option to hide the command information in case of errors thrown?
In the execute method, right now if there is an error, due to the way node
child_process.execworks, the library returns the full command plus whatever was in stdout/stderr. This can be a security risk as the full command would contain the password as well.I'll be happy to contribute a pull request to add
maskCmdas an additional option and if it is set to true, only return the stdout/stderr output instead of the whole command.Let me know, thanks!
The text was updated successfully, but these errors were encountered: