From c05fd2956888909673c8c86f6ce11a1435d5b1af Mon Sep 17 00:00:00 2001
From: Alex Boten <aboten@lightstep.com>
Date: Mon, 7 Feb 2022 00:59:16 -0800
Subject: [PATCH] [receiver/collectd] Sanitize string recorded in log (#7577)

As per CWE-117 recommendations.
---
 receiver/collectdreceiver/collectd.go | 4 +++-
 receiver/collectdreceiver/go.mod      | 3 ++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/receiver/collectdreceiver/collectd.go b/receiver/collectdreceiver/collectd.go
index a1d8dc87bcfb..a3d4f11871b5 100644
--- a/receiver/collectdreceiver/collectd.go
+++ b/receiver/collectdreceiver/collectd.go
@@ -22,6 +22,8 @@ import (
 
 	metricspb "github.com/census-instrumentation/opencensus-proto/gen-go/metrics/v1"
 	"google.golang.org/protobuf/types/known/timestamppb"
+
+	"github.com/open-telemetry/opentelemetry-collector-contrib/internal/coreinternal/sanitize"
 )
 
 const (
@@ -93,7 +95,7 @@ func (r *collectDRecord) appendToMetrics(metrics []*metricspb.Metric, defaultLab
 
 			metric, err := r.newMetric(metricName, dsType, val, labels)
 			if err != nil {
-				return metrics, fmt.Errorf("error processing metric %s: %v", metricName, err)
+				return metrics, fmt.Errorf("error processing metric %s: %v", sanitize.String(metricName), err)
 			}
 			metrics = append(metrics, metric)
 
diff --git a/receiver/collectdreceiver/go.mod b/receiver/collectdreceiver/go.mod
index 8debafd16846..21f986d6adac 100644
--- a/receiver/collectdreceiver/go.mod
+++ b/receiver/collectdreceiver/go.mod
@@ -13,6 +13,8 @@ require (
 
 )
 
+require github.com/open-telemetry/opentelemetry-collector-contrib/internal/coreinternal v0.43.0
+
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
@@ -24,7 +26,6 @@ require (
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/mapstructure v1.4.3 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
-	github.com/open-telemetry/opentelemetry-collector-contrib/internal/coreinternal v0.43.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/spf13/cast v1.4.1 // indirect
 	go.opentelemetry.io/collector/model v0.44.0 // indirect