Comment 11 for bug 2037872

Hi Chris,

thank you for the review and the detailed comment.

The sos cleaner regex for IP address is , looking at https://github.com/sosreport/sos/blob/main/sos/cleaner/parsers/ip_parser.py#L15C1-L22C6 ,

class SoSIPParser(SoSCleanerParser):
    """Handles parsing for IP addresses"""

    name = 'IP Parser'
    regex_patterns = [
        # IPv4 with or without CIDR
        r'((?<!(-|\.|\d))([0-9]{1,3}\.){3}([0-9]){1,3}(\/([0-9]{1,2}))?)'
    ]

Changing the regex search in the sosreport cleaner module to search ip addresses by extracting the numerical parts and checking those with dashes instead of dots may require a discussion upstream, simply because the argument could be made why stop just at dashes, and why not underscores, for eg, or any other way the numerical parts may be leaked.

Given the urgency of this SRU (a wifi SSID password is being leaked in cleartext), I feel its better to push this SRU to updates, and we will fix the autopkgtest in the next sos release to only check for actual IP address as a full string. That would be 4.6.2 (https://warthogs.atlassian.net/browse/SET-181). I can open a bug on ubuntu sosreport for that in LP if that sounds OK.

The alternative approach is to badtest this version and I could then open an upstream issue and start a discussion upstream about the regex used to detect IP addresses, and check if upstream would accept changing the regex, in which case we leave our autopkgtest as it is. That would also work (option 1).

Regards,
Nikhil.