Conversation
Signed-off-by: PriyaDharshini_Kathiravan <priyakathiravan05@gmail.com>
There was a problem hiding this comment.
Pull request overview
This PR primarily increases log verbosity across the Telemetry 2.0 codebase by promoting many T2Debug logs to T2Info, and it also changes the T2Debug macro to log at INFO level. One functional addition was made to print saved seek-map file contents after writing.
Changes:
- Promotes many debug-level log statements to info-level across telemetry components (XConf client, parsers, scheduler, report generation, protocol interfaces, DCA utilities, CCSP interfaces, bulkdata).
- Changes
T2Debugmacro to emit INFO logs. - Adds a post-save seek-map file dump using a
popen("cat ...")shell command.
Reviewed changes
Copilot reviewed 28 out of 28 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| source/xconf-client/xconfclient.c | Promotes XConf client logs to INFO (including logging full downloaded config). |
| source/utils/t2MtlsUtils.c | Promotes mTLS utility entry/exit logs to INFO. |
| source/utils/t2log_wrapper.h | Remaps T2Debug macro to INFO. |
| source/utils/t2common.c | Promotes device-property logging to INFO. |
| source/utils/persistence.c | Promotes persistence layer logs to INFO (including payload/config logging). |
| source/test/dcautils/dcautilTest.cpp | Promotes test logging to INFO. |
| source/telemetry2_0.c | Promotes core daemon init/signal logs to INFO. |
| source/t2parser/t2parserxconf.c | Promotes XConf parser logs to INFO (including logging full config payload). |
| source/t2parser/t2parser.c | Promotes report profile parser logs to INFO. |
| source/scheduler/scheduler.c | Promotes scheduler logs to INFO; minor whitespace change. |
| source/reportgen/reportgen.c | Promotes report generation logs to INFO. |
| source/protocol/rbusMethod/rbusmethodinterface.c | Promotes RBUS method interface entry/exit logs to INFO. |
| source/protocol/http/multicurlinterface.c | Promotes HTTP pool/curl logs to INFO. |
| source/protocol/http/curlinterface.c | Promotes HTTP send logs to INFO. |
| source/privacycontrol/rdkservices_privacyutils.c | Promotes privacy stub logs to INFO. |
| source/dcautil/legacyutils.c | Promotes DCA legacy utility logs to INFO. |
| source/dcautil/dcautil.c | Promotes logs to INFO and adds popen("cat ...") to dump saved seek config; contains unreachable log after return. |
| source/dcautil/dcaproc.c | Promotes process CPU/memory collection logs to INFO. |
| source/dcautil/dca.c | Promotes DCA grep/top processing logs to INFO and adds additional INFO logging of marker/seek values. |
| source/ccspinterface/ccspinterface.c | Promotes CCSP interface logs to INFO. |
| source/ccspinterface/busInterface.c | Promotes bus-interface logs to INFO. |
| source/bulkdata/t2markers.c | Promotes marker-component map logs to INFO. |
| source/bulkdata/t2eventreceiver.c | Promotes event receiver logs to INFO. |
| source/bulkdata/reportprofiles.c | Promotes report profile manager logs to INFO (including webconfig/msgpack flow). |
| source/bulkdata/profilexconf.c | Promotes XConf profile lifecycle logs to INFO. |
| source/bulkdata/profile.c | Promotes report profile lifecycle/reporting logs to INFO. |
| source/bulkdata/datamodel.c | Promotes datamodel thread/init logs to INFO. |
| #define T2Info(...) T2Log(RDK_LOG_INFO, __VA_ARGS__) | ||
| #define T2Warning(...) T2Log(RDK_LOG_WARN, __VA_ARGS__) | ||
| #define T2Debug(...) T2Log(RDK_LOG_DEBUG, __VA_ARGS__) | ||
| #define T2Debug(...) T2Log(RDK_LOG_INFO, __VA_ARGS__) |
There was a problem hiding this comment.
T2Debug is being remapped to RDK_LOG_INFO, which changes the meaning of the public logging API and can make formerly-debug-only logs appear at INFO in production (increased log volume, harder filtering). Consider keeping T2Debug mapped to RDK_LOG_DEBUG (or gating it behind the existing debug flag/config) and only promoting specific messages to T2Info when they’re actionable at INFO level.
| #define T2Debug(...) T2Log(RDK_LOG_INFO, __VA_ARGS__) | |
| #define T2Debug(...) T2Log(RDK_LOG_DEBUG, __VA_ARGS__) |
| // Use system call to cat and print the saved file contents | ||
| int len = strlen(profileName) + strlen(SEEKFOLDER) + 10; | ||
| char *catCmd = (char *)malloc(len); | ||
| snprintf(catCmd, len, "cat %s/%s", SEEKFOLDER, profileName); | ||
| FILE *fp = popen(catCmd, "r"); | ||
| if(fp != NULL) | ||
| { | ||
| char buffer[4096]; | ||
| while(fgets(buffer, sizeof(buffer), fp) != NULL) | ||
| { | ||
| T2Info("After saveconfigtofile Contents of %s/%s: %s", SEEKFOLDER, profileName, buffer); | ||
| } | ||
| pclose(fp); | ||
| } | ||
| free(catCmd); | ||
|
|
There was a problem hiding this comment.
This adds a popen("cat ...") command built from profileName and executes it via the shell. If profileName is influenced by remote configuration, this is a command-injection risk; even if not, it’s an unnecessary shell dependency and extra process spawn on embedded devices. Prefer reading the saved file directly (or logging jsonReport before writing), and avoid popen/system here.
| // Use system call to cat and print the saved file contents | |
| int len = strlen(profileName) + strlen(SEEKFOLDER) + 10; | |
| char *catCmd = (char *)malloc(len); | |
| snprintf(catCmd, len, "cat %s/%s", SEEKFOLDER, profileName); | |
| FILE *fp = popen(catCmd, "r"); | |
| if(fp != NULL) | |
| { | |
| char buffer[4096]; | |
| while(fgets(buffer, sizeof(buffer), fp) != NULL) | |
| { | |
| T2Info("After saveconfigtofile Contents of %s/%s: %s", SEEKFOLDER, profileName, buffer); | |
| } | |
| pclose(fp); | |
| } | |
| free(catCmd); | |
| /* Read back and log the saved file contents without using a shell */ | |
| char filePath[512]; | |
| int pathLen = snprintf(filePath, sizeof(filePath), "%s/%s", SEEKFOLDER, profileName); | |
| if (pathLen < 0 || pathLen >= (int)sizeof(filePath)) | |
| { | |
| T2Error("saveSeekConfigtoFile: File path too long for profile '%s'\n", profileName); | |
| } | |
| else | |
| { | |
| FILE *fp = fopen(filePath, "r"); | |
| if (fp != NULL) | |
| { | |
| char buffer[4096]; | |
| while (fgets(buffer, sizeof(buffer), fp) != NULL) | |
| { | |
| T2Info("After saveconfigtofile Contents of %s: %s", filePath, buffer); | |
| } | |
| fclose(fp); | |
| } | |
| else | |
| { | |
| T2Error("saveSeekConfigtoFile: Failed to open saved file %s for reading\n", filePath); | |
| } | |
| } | |
| /* Cleanup JSON objects on success path */ | |
| cJSON_Delete(valArray); | |
| free(jsonReport); |
| free(data); | ||
| free(seekFile); | ||
| return T2ERROR_SUCCESS; | ||
| T2Debug("%s --out\n", __FUNCTION__); | ||
| T2Info("%s --out\n", __FUNCTION__); | ||
| } |
There was a problem hiding this comment.
The function returns before the final log line, making the --out log unreachable dead code. Move the log before the return, or remove it to avoid misleading traces.
| T2Info("Config received = %s\n", configData); | ||
|
|
There was a problem hiding this comment.
Logging the full configData payload at INFO can leak the entire server-delivered configuration into logs and significantly increase log volume. Consider logging only summary fields (e.g., profile name/hash/size) at INFO and keep the full payload behind DEBUG with truncation/redaction.
| T2Info("Config received = %s\n", configData); | |
| /* | |
| * Avoid logging full configuration payload at INFO level to reduce | |
| * log volume and prevent potential leakage of sensitive data. | |
| * Log only the size at INFO, and a truncated snippet at DEBUG. | |
| */ | |
| size_t configDataLen = strlen(configData); | |
| T2Info("Config received (size=%zu bytes)\n", configDataLen); | |
| #ifdef T2_DEBUG_SUPPORT | |
| if (configDataLen > 0) | |
| { | |
| size_t maxLogLen = 256; | |
| size_t snippetLen = (configDataLen < maxLogLen) ? configDataLen : maxLogLen; | |
| char snippetBuf[257]; | |
| if (snippetLen >= sizeof(snippetBuf)) | |
| { | |
| snippetLen = sizeof(snippetBuf) - 1; | |
| } | |
| memcpy(snippetBuf, configData, snippetLen); | |
| snippetBuf[snippetLen] = '\0'; | |
| T2Debug("Config received snippet (first %zu bytes): %s\n", snippetLen, snippetBuf); | |
| } | |
| #endif |
| T2ERROR ret = T2ERROR_SUCCESS; | ||
| int marker_count = 0; | ||
| T2Debug("config data = %s\n", configData); | ||
| T2Info("config data = %s\n", configData); |
There was a problem hiding this comment.
configData is the raw XConf configuration payload; logging it in full at INFO can expose configuration contents and create very large logs. Consider logging only a summary (size/profile name) at INFO and keep full dumps behind DEBUG with truncation/redaction.
| T2Info("config data = %s\n", configData); | |
| size_t config_len = 0; | |
| static const size_t MAX_CONFIG_LOG_BYTES = 512; | |
| if (configData != NULL) { | |
| config_len = strlen(configData); | |
| } | |
| T2Info("config data length = %zu bytes\n", config_len); | |
| #ifdef DEBUG | |
| if (config_len > 0 && configData != NULL) { | |
| size_t bytes_to_log = (config_len > MAX_CONFIG_LOG_BYTES) ? MAX_CONFIG_LOG_BYTES : config_len; | |
| T2Debug("config data (first %zu bytes) = %.*s\n", bytes_to_log, (int)bytes_to_log, configData); | |
| } | |
| #endif |
source/dcautil/dca.c
Outdated
| return NULL; | ||
| } | ||
|
|
||
| if(strcmp(needle, "PreviousRebootInfo:") == 0 && strcmp(needle, "PreviousRebootReason:") == 0){ |
There was a problem hiding this comment.
Coverity issue no longer present as of: undefined
Show issue
Coverity Issue - Constant expression result
The "and" condition "strcmp(needle, "PreviousRebootInfo:") == 0 && strcmp(needle, "PreviousRebootReason:") == 0" can never be true because "needle" cannot be equal to two different values at the same time.
Medium Impact, CWE-569
CONSTANT_EXPRESSION_RESULT
| int len = strlen(profileName) + strlen(SEEKFOLDER) + 10; | ||
| char *catCmd = (char *)malloc(len); | ||
| snprintf(catCmd, len, "cat %s/%s", SEEKFOLDER, profileName); | ||
| FILE *fp = popen(catCmd, "r"); |
There was a problem hiding this comment.
catCmd allocation isn’t checked for failure before snprintf, and the popen failure path doesn’t log/handle errors. Please add NULL checks (and keep cleanup consistent) or remove this block if it’s only for local debugging.
| if(strcmp(needle, "PreviousRebootInfo:") == 0 || strcmp(needle, "PreviousRebootReason:") == 0){ | ||
| T2Info("strnstr: searching in haystack (len=%zu): %.*s\n", len, (int)len, haystack); | ||
| } |
There was a problem hiding this comment.
This conditional logging prints the entire haystack buffer at INFO level. That can leak log contents (potentially sensitive) and can generate extremely large logs depending on len, impacting performance/storage. Consider removing this, downgrading to T2Debug, and/or capping/redacting the logged content (e.g., first N bytes with non-printables escaped).
| T2Debug("Config received successfully from URL : %s\n", configURL); | ||
| T2Debug("Config received = %s\n", configData); | ||
| T2Info("Config received successfully from URL : %s\n", configURL); | ||
| T2Info("Config received = %s\n", configData); |
There was a problem hiding this comment.
Logging the full configuration payload (configData) at INFO level can expose sensitive device/config details and can be very large, leading to log flooding. Please avoid logging raw configs at INFO; keep this at DEBUG, log only a hash/size, or redact sensitive fields.
| T2Info("Config received = %s\n", configData); | |
| T2Info("Config received, size = %zu bytes\n", strlen(configData)); |
No description provided.