From 54b465f06c6648142e587f472a2d55f539b33ef6 Mon Sep 17 00:00:00 2001 From: seonghobae <8172694+seonghobae@users.noreply.github.com> Date: Mon, 29 Jun 2026 05:13:14 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[MEDIUM]=20?= =?UTF-8?q?Fix=20=EC=A0=95=EB=B3=B4=20=EC=9C=A0=EC=B6=9C=20=EC=B7=A8?= =?UTF-8?q?=EC=95=BD=EC=A0=90=20(Information=20Leakage=20in=20Exceptions)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 파이썬 서비스의 예외 처리(Exception handling) 부분에서 내부 파일 경로 등의 민감한 정보가 사용자에게 반환될 수 있는 잠재적인 정보 유출 취약점을 수정했습니다. 예외 발생 시 에러의 내용을 그대로 노출하지 않고, 사용자 친화적이면서 안전한 일반적인 안내 메시지로 응답하도록 하였습니다. - `services/analysis-engine/src/bandscope_analysis/api.py`: 843번째 줄 예외 처리 메시지 수정 - `services/analysis-engine/src/bandscope_analysis/cli.py`: 49~50번째 줄 예외 처리 메시지 수정 --- .Jules/sentinel.md | 4 ++++ .../src/bandscope_analysis/api.py | 4 ++-- .../src/bandscope_analysis/cli.py | 8 ++++++-- services/analysis-engine/tests/test_api.py | 16 ++++++++++------ 4 files changed, 22 insertions(+), 10 deletions(-) create mode 100644 .Jules/sentinel.md diff --git a/.Jules/sentinel.md b/.Jules/sentinel.md new file mode 100644 index 00000000..da3742a6 --- /dev/null +++ b/.Jules/sentinel.md @@ -0,0 +1,4 @@ +## 2024-03-24 - [Information Leakage in Python Exception Handling] +**Vulnerability:** Raw exception strings containing internal file paths and system details were being serialized into JSON responses (e.g., `f"Failed to read job file: {e}"`). +**Learning:** Catch-all exception blocks (like `except Exception as e:`) can inadvertently expose sensitive system state to end users if the string representation of the exception is returned directly. +**Prevention:** Replace raw exception interpolations with generic, safe error messages intended for external consumption, logging the full stack trace internally if needed. diff --git a/services/analysis-engine/src/bandscope_analysis/api.py b/services/analysis-engine/src/bandscope_analysis/api.py index a193bce2..9e99521a 100644 --- a/services/analysis-engine/src/bandscope_analysis/api.py +++ b/services/analysis-engine/src/bandscope_analysis/api.py @@ -840,8 +840,8 @@ def _stem_separation_worker( result_queue.put(("value_error", str(error))) except RuntimeError as error: result_queue.put(("runtime_error", str(error))) - except Exception as error: - result_queue.put(("runtime_error", str(error))) + except Exception: + result_queue.put(("runtime_error", "An unexpected error occurred during stem separation.")) def _multiprocessing_context() -> mp.context.BaseContext: diff --git a/services/analysis-engine/src/bandscope_analysis/cli.py b/services/analysis-engine/src/bandscope_analysis/cli.py index c73f311d..390fe78f 100644 --- a/services/analysis-engine/src/bandscope_analysis/cli.py +++ b/services/analysis-engine/src/bandscope_analysis/cli.py @@ -46,8 +46,12 @@ def main() -> int: try: with open(input_data, "r", encoding="utf-8") as f: input_data = f.read() - except Exception as e: - json.dump(failed_cli_response(f"Failed to read job file: {e}"), sys.stdout) + except Exception: + msg = ( + "Failed to read job file. " + "Please ensure the file path is correct and accessible." + ) + json.dump(failed_cli_response(msg), sys.stdout) return 1 if not input_data: diff --git a/services/analysis-engine/tests/test_api.py b/services/analysis-engine/tests/test_api.py index ea55cba2..bfd6de56 100644 --- a/services/analysis-engine/tests/test_api.py +++ b/services/analysis-engine/tests/test_api.py @@ -848,18 +848,22 @@ def put(self, item: tuple[str, object]) -> None: self.items.append(item) cases = [ - (FileNotFoundError("missing"), "file_not_found"), - (ValueError("bad media"), "value_error"), - (RuntimeError("oom"), "runtime_error"), - (Exception("unexpected"), "runtime_error"), + (FileNotFoundError("missing"), "file_not_found", "missing"), + (ValueError("bad media"), "value_error", "bad media"), + (RuntimeError("oom"), "runtime_error", "oom"), + ( + Exception("unexpected"), + "runtime_error", + "An unexpected error occurred during stem separation.", + ), ] - for error, expected_kind in cases: + for error, expected_kind, expected_msg in cases: fake_queue = FakeQueue() with patch("bandscope_analysis.api.AudioStemSeparator") as separator_class: separator_class.return_value.separate.side_effect = error _stem_separation_worker("/tmp/audio.wav", fake_queue) - assert fake_queue.items == [(expected_kind, str(error))] + assert fake_queue.items == [(expected_kind, expected_msg)] fake_queue = FakeQueue() with patch("bandscope_analysis.api.AudioStemSeparator") as separator_class: