From d4b2d6994d2635a93098c09060b31b9d78851b1d Mon Sep 17 00:00:00 2001 From: AGI-Corporation <186229839+AGI-Corporation@users.noreply.github.com> Date: Sun, 12 Apr 2026 16:25:52 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[MEDIUM]=20?= =?UTF-8?q?Fix=20information=20leakage=20in=20API=20errors?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes an issue in `agents/mistral_agent/agent.py` where unhandled exceptions would expose internal error messages (using `str(e)`) to external clients via 500 HTTP responses. Now catches exceptions, logs them internally, and returns a generic "Internal server error" to the client. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> --- .jules/sentinel.md | 5 +++++ agents/mistral_agent/agent.py | 10 +++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.jules/sentinel.md b/.jules/sentinel.md index f07ab16..049a86c 100644 --- a/.jules/sentinel.md +++ b/.jules/sentinel.md @@ -7,3 +7,8 @@ **Vulnerability:** Not a direct security vulnerability, but an environmental instability. The `requirements.txt` allowed `mistralai>=1.1.0`, which pulled in version 2.x. **Learning:** MistralAI 2.x introduces breaking changes in the client import structure (`from mistralai import Mistral` fails if not using the new client correctly or if expecting the old one). This caused the entire application (including security tests) to fail on startup. **Prevention:** Pin critical dependencies like `mistralai==1.1.0` in `requirements.txt` to ensure consistent behavior across development and CI environments, especially when using agents that rely on specific API structures. + +## 2025-04-12 - [MEDIUM] Fix information leakage in API errors +**Vulnerability:** Raw exception messages (`str(e)`) were being returned directly to the client in HTTP 500 errors in `agents/mistral_agent/agent.py`. +**Learning:** Returning unhandled exception details can leak sensitive internal state, stack traces, or configuration details to potentially malicious actors. +**Prevention:** Ensure all APIs catch general exceptions, log the raw error internally using `logging.error()`, and return a generic, sanitized HTTP 500 message like "Internal server error" to the client. diff --git a/agents/mistral_agent/agent.py b/agents/mistral_agent/agent.py index e09878d..2c10d78 100644 --- a/agents/mistral_agent/agent.py +++ b/agents/mistral_agent/agent.py @@ -8,6 +8,7 @@ """ import json +import logging import os import uuid from datetime import UTC, datetime @@ -318,7 +319,8 @@ async def gap_analysis(req: GapAnalysisRequest, db: AsyncSession = Depends(get_d "model": MISTRAL_MODEL, } except Exception as e: - raise HTTPException(status_code=500, detail=str(e)) + logging.error(f"Error in mistral agent: {e}") + raise HTTPException(status_code=500, detail="Internal server error") @router.post("/code-review", summary="DevSecOps code security analysis with Codestral") @@ -333,7 +335,8 @@ async def code_review(req: CodeReviewRequest, db: AsyncSession = Depends(get_db) ) return {"analysis": result, "model": MISTRAL_CODE_MODEL} except Exception as e: - raise HTTPException(status_code=500, detail=str(e)) + logging.error(f"Error in mistral agent: {e}") + raise HTTPException(status_code=500, detail="Internal server error") @router.post("/ask", summary="Ask a CMMC/ZT compliance question") @@ -343,4 +346,5 @@ async def ask_question(req: QuestionRequest): answer = await agent.answer_compliance_question(req.question, req.context) return {"question": req.question, "answer": answer, "model": MISTRAL_MODEL} except Exception as e: - raise HTTPException(status_code=500, detail=str(e)) + logging.error(f"Error in mistral agent: {e}") + raise HTTPException(status_code=500, detail="Internal server error")