Serialize vars early to avoid living references

getsentry · Aug 7, 2024 · ee83663 · ee83663
1 parent 5529c70
commit ee83663
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 5 deletions.
diff --git a/sentry_sdk/client.py b/sentry_sdk/client.py
@@ -10,7 +10,6 @@
 from sentry_sdk.utils import (
     capture_internal_exceptions,
     current_stacktrace,
-    disable_capture_event,
     format_timestamp,
     get_sdk_name,
     get_type_name,
@@ -726,9 +725,6 @@ def capture_event(
 
         :returns: An event ID. May be `None` if there is no DSN set or of if the SDK decided to discard the event for other reasons. In such situations setting `debug=True` on `init()` may help.
         """
-        if disable_capture_event.get(False):
-            return None
-
         if hint is None:
             hint = {}
         event_id = event.get("event_id")

diff --git a/sentry_sdk/scope.py b/sentry_sdk/scope.py
@@ -31,6 +31,7 @@
     capture_internal_exception,
     capture_internal_exceptions,
     ContextVar,
+    disable_capture_event,
     event_from_exception,
     exc_info_from_error,
     logger,
@@ -1130,6 +1131,9 @@ def capture_event(self, event, hint=None, scope=None, **scope_kwargs):
 
         :returns: An `event_id` if the SDK decided to send the event (see :py:meth:`sentry_sdk.client._Client.capture_event`).
         """
+        if disable_capture_event.get(False):
+            return None
+
         scope = self._merge_scopes(scope, scope_kwargs)
 
         event_id = self.get_client().capture_event(event=event, hint=hint, scope=scope)
@@ -1157,6 +1161,9 @@ def capture_message(self, message, level=None, scope=None, **scope_kwargs):
 
         :returns: An `event_id` if the SDK decided to send the event (see :py:meth:`sentry_sdk.client._Client.capture_event`).
         """
+        if disable_capture_event.get(False):
+            return None
+
         if level is None:
             level = "info"
 
@@ -1182,6 +1189,9 @@ def capture_exception(self, error=None, scope=None, **scope_kwargs):
 
         :returns: An `event_id` if the SDK decided to send the event (see :py:meth:`sentry_sdk.client._Client.capture_event`).
         """
+        if disable_capture_event.get(False):
+            return None
+
         if error is not None:
             exc_info = exc_info_from_error(error)
         else:

diff --git a/sentry_sdk/utils.py b/sentry_sdk/utils.py
@@ -616,7 +616,9 @@ def serialize_frame(
         )
 
     if include_local_variables:
-        rv["vars"] = frame.f_locals.copy()
+        from sentry_sdk.serializer import serialize
+
+        rv["vars"] = serialize(frame.f_locals)
 
     return rv
 

diff --git a/tests/test_scrubber.py b/tests/test_scrubber.py
@@ -187,3 +187,20 @@ def test_recursive_event_scrubber(sentry_init, capture_events):
 
     (event,) = events
     assert event["extra"]["deep"]["deeper"][0]["deepest"]["password"] == "'[Filtered]'"
+
+
+def test_recursive_scrubber_does_not_override_original(sentry_init, capture_events):
+    sentry_init(event_scrubber=EventScrubber(recursive=True))
+    events = capture_events()
+
+    data = {"csrf": "secret"}
+    try:
+        raise RuntimeError("An error")
+    except Exception:
+        capture_exception()
+
+    (event,) = events
+    frames = event["exception"]["values"][0]["stacktrace"]["frames"]
+    (frame,) = frames
+    assert data["csrf"] == "secret"
+    assert frame["vars"]["data"]["csrf"] == "[Filtered]"