Remove full CSI codes

LHolten · LHolten · commit 31166f71020f · 2026-02-25T15:07:24.000+01:00
diff --git a/tracing-subscriber/src/fmt/format/escape.rs b/tracing-subscriber/src/fmt/format/escape.rs
@@ -10,7 +10,7 @@ impl<T: fmt::Debug> fmt::Debug for Escape<T> {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         let mut escaping_writer = EscapingWriter {
             inner: f,
-            skip_control_chars: false,
+            skip_csi_codes: false,
         };
         write!(escaping_writer, "{:?}", self.0)
     }
@@ -24,7 +24,7 @@ impl<T: fmt::Debug> fmt::Debug for EscapeSkip<T> {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         let mut escaping_writer = EscapingWriter {
             inner: f,
-            skip_control_chars: true,
+            skip_csi_codes: true,
         };
         write!(escaping_writer, "{:?}", self.0)
     }
@@ -33,21 +33,32 @@ impl<T: fmt::Debug> fmt::Debug for EscapeSkip<T> {
 /// Helper struct that escapes ANSI sequences as characters are written
 struct EscapingWriter<'a, 'b> {
     inner: &'a mut fmt::Formatter<'b>,
-    skip_control_chars: bool,
+    skip_csi_codes: bool,
 }
 
 impl<'a, 'b> fmt::Write for EscapingWriter<'a, 'b> {
     fn write_str(&mut self, s: &str) -> fmt::Result {
         // Stream the string character by character, escaping all control sequences
-        for ch in s.chars() {
+        let mut chars = s.chars().peekable();
+        while let Some(ch) = chars.next() {
+            // Recognize and remove ECMA-48 CSI codes
+            // This is a best effort to clean up colour codes in the message field
+            if ch == '\x1b' && self.skip_csi_codes {
+                if chars.next_if_eq(&'[').is_some() {
+                    // Remove parameter and intermediate bytes
+                    while chars.next_if(|x| matches!(x, '\x20'..='\x3f')).is_some() {}
+                    // Remove final byte
+                    chars.next_if(|x| matches!(x, '\x40'..='\x7E'));
+                    continue;
+                }
+            }
+
             // ESC BEL BS FF DEL
             if matches!(ch, '\x1b' | '\x07' | '\x08' | '\x0c' | '\x7f'..='\u{9f}') {
-                if !self.skip_control_chars {
-                    if ch.is_ascii() {
-                        write!(self.inner, "\\x{:02x}", ch as u32)?
-                    } else {
-                        write!(self.inner, "\\u{{{:x}}}", ch as u32)?
-                    }
+                if ch.is_ascii() {
+                    write!(self.inner, "\\x{:02x}", ch as u32)?
+                } else {
+                    write!(self.inner, "\\u{{{:x}}}", ch as u32)?
                 }
             } else {
                 self.inner.write_char(ch)?;
diff --git a/tracing-subscriber/tests/ansi_escaping.rs b/tracing-subscriber/tests/ansi_escaping.rs
@@ -160,10 +160,12 @@ fn test_pretty_ansi_escaping() {
 
     tracing::subscriber::with_default(subscriber, || {
         let malicious_input = "\x1b]0;PWNED\x07\x1b[2J";
+        let colourful = "[\u{1b}[1m\u{1b}[38;5;9merror\u{1b}[0m\u{1b}[1m: Invalid JSON\u{1b}[0m]";
 
         // Pretty formatter should escape ANSI sequences
         tracing::info!("Testing: {}", malicious_input);
         tracing::info!(user_input = %malicious_input, "Field test");
+        tracing::info!("Colour test: {}", colourful);
     });
 
     let output = writer.get_output();
@@ -177,6 +179,10 @@ fn test_pretty_ansi_escaping() {
         !output.contains('\x07'),
         "Pretty output should not contain raw BEL characters"
     );
+    assert!(
+        output.contains("[error: Invalid JSON]"),
+        "ansi escape code should be removed from message entirely"
+    )
 }
 
 /// Comprehensive test for ANSI sanitization that prevents injection attacks
