From 02b1bdb4b7538e3d57cfb49bd18ed5ccf5709f6f Mon Sep 17 00:00:00 2001 From: seonghobae <8172694+seonghobae@users.noreply.github.com> Date: Sun, 5 Jul 2026 04:00:55 +0000 Subject: [PATCH 1/4] Fix information disclosure in try blocks In R, `try()` defaults to `silent = FALSE`. We added `silent = TRUE` to the `try()` block in `R/llcont.R` to prevent underlying error details from printing directly to standard error, thus stopping the leakage of internal states. --- .jules/sentinel.md | 4 ++++ R/llcont.R | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 .jules/sentinel.md diff --git a/.jules/sentinel.md b/.jules/sentinel.md new file mode 100644 index 0000000..ae5d03c --- /dev/null +++ b/.jules/sentinel.md @@ -0,0 +1,4 @@ +## 2024-05-24 - Default try() behavior causes information disclosure +**Vulnerability:** Information Disclosure +**Learning:** R's `try()` function defaults to `silent = FALSE`. When mathematical operations like `dmvnorm` fail (e.g., due to non-positive definite matrices), the detailed error messages and internal state information are printed directly to standard error, potentially leaking sensitive system information to users. +**Prevention:** Always use `try(..., silent = TRUE)` when wrapping functions that can throw exceptions, or use `tryCatch()` to explicitly handle errors without exposing internal state. diff --git a/R/llcont.R b/R/llcont.R index 5896c33..f84dd1a 100644 --- a/R/llcont.R +++ b/R/llcont.R @@ -468,7 +468,8 @@ llcont.lavaan <- function(x, ...){ if(length(x.idx) == 1){ tmpll.x <- dnorm(X[,x.dat.idx], Mu.X, sqrt(Sigma.X), log=TRUE) } else { - tmpll.x <- try(dmvnorm(X[,x.dat.idx], Mu.X, Sigma.X, log=TRUE)) + # Prevent potential error details (e.g. non-positive definite matrix) from leaking to output + tmpll.x <- try(dmvnorm(X[,x.dat.idx], Mu.X, Sigma.X, log=TRUE), silent = TRUE) } if(inherits(tmpll.x, "try-error")) tmpll.x <- NA tmpll[case.idx] <- tmpll[case.idx] - tmpll.x From 90a092275c8e2821a9573114015d60512baf337e Mon Sep 17 00:00:00 2001 From: seonghobae <8172694+seonghobae@users.noreply.github.com> Date: Sun, 5 Jul 2026 04:18:43 +0000 Subject: [PATCH 2/4] Fix information disclosure in try blocks In R, `try()` defaults to `silent = FALSE`. We added `silent = TRUE` to the `try()` block in `R/llcont.R` to prevent underlying error details from printing directly to standard error, thus stopping the leakage of internal states. From 124228db10fe3ef6e7d12ea1565d96d2d731b404 Mon Sep 17 00:00:00 2001 From: seonghobae <8172694+seonghobae@users.noreply.github.com> Date: Sun, 5 Jul 2026 04:36:11 +0000 Subject: [PATCH 3/4] Fix information disclosure in try blocks In R, `try()` defaults to `silent = FALSE`. We added `silent = TRUE` to the `try()` block in `R/llcont.R` to prevent underlying error details from printing directly to standard error, thus stopping the leakage of internal states. From f5c9e3222dba595916f72c0ea8217ade1d03e8f6 Mon Sep 17 00:00:00 2001 From: seonghobae <8172694+seonghobae@users.noreply.github.com> Date: Sun, 5 Jul 2026 04:53:39 +0000 Subject: [PATCH 4/4] Fix information disclosure in try blocks In R, `try()` defaults to `silent = FALSE`. We added `silent = TRUE` to the `try()` block in `R/llcont.R` to prevent underlying error details from printing directly to standard error, thus stopping the leakage of internal states.