From d81ee13f7c19c6c4b3f88953ccf5c71078cec7bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ferm=C3=ADn=20Gal=C3=A1n=20M=C3=A1rquez?= Date: Fri, 4 Oct 2024 19:38:55 +0200 Subject: [PATCH 1/2] Fix code scanning alert no. 1: Information exposure through an exception Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- scripts/accumulator-server.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/scripts/accumulator-server.py b/scripts/accumulator-server.py index c08b893bd0..c8b4e59afd 100755 --- a/scripts/accumulator-server.py +++ b/scripts/accumulator-server.py @@ -42,6 +42,7 @@ # * This script requires at least Flask 2.0.2, which comes with Werkzeug 2.0.2. from flask import Flask, request, Response +import logging from getopt import getopt, GetoptError from datetime import datetime from math import trunc @@ -375,7 +376,8 @@ def record_request(request): s += json.dumps(raw, indent=4, sort_keys=True) s += '\n' except ValueError as e: - s += str(e) + log_error(str(e)) # Log the error details + s += "An error occurred while processing the request." else: s += request.data.decode("utf-8") @@ -389,6 +391,13 @@ def record_request(request): print(s) +def log_error(error_message): + """ + Log the error message to a file or standard output. + + :param error_message: The error message to log + """ + logging.error(error_message) def send_continue(request): """ Inspect request header in order to look if we have to continue or not From 1b3462945367475c57915a747e9623f5bee9b63b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ferm=C3=ADn=20Gal=C3=A1n=20M=C3=A1rquez?= Date: Wed, 23 Oct 2024 14:38:50 +0200 Subject: [PATCH 2/2] Update scripts/accumulator-server.py --- scripts/accumulator-server.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/accumulator-server.py b/scripts/accumulator-server.py index c8b4e59afd..e40840ffce 100755 --- a/scripts/accumulator-server.py +++ b/scripts/accumulator-server.py @@ -398,6 +398,8 @@ def log_error(error_message): :param error_message: The error message to log """ logging.error(error_message) + + def send_continue(request): """ Inspect request header in order to look if we have to continue or not