From 83805c66e509b39b5d17d1a8d5033d9593711e84 Mon Sep 17 00:00:00 2001
From: girlbossceo <june@girlboss.ceo>
Date: Sun, 30 Jul 2023 17:30:16 +0000
Subject: [PATCH] sanitise potentially sensitive errors

prevents errors like DB or I/O errors from leaking filesystem paths

Co-authored-by: infamous <ehuff007@gmail.com>
Signed-off-by: girlbossceo <june@girlboss.ceo>
---
 src/api/server_server.rs |  2 +-
 src/utils/error.rs       | 22 ++++++++++++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/src/api/server_server.rs b/src/api/server_server.rs
index ca5b69d0..6d2da07f 100644
--- a/src/api/server_server.rs
+++ b/src/api/server_server.rs
@@ -927,7 +927,7 @@ pub async fn send_transaction_message_route(
     Ok(send_transaction_message::v1::Response {
         pdus: resolved_map
             .into_iter()
-            .map(|(e, r)| (e, r.map_err(|e| e.to_string())))
+            .map(|(e, r)| (e, r.map_err(|e| e.sanitized_error())))
             .collect(),
     })
 }
diff --git a/src/utils/error.rs b/src/utils/error.rs
index 4f044ca2..7fafea17 100644
--- a/src/utils/error.rs
+++ b/src/utils/error.rs
@@ -138,6 +138,28 @@ impl Error {
             status_code,
         }))
     }
+
+    /// Sanitizes public-facing errors that can leak sensitive information.
+    pub fn sanitized_error(&self) -> String {
+        let db_error = String::from("Database or I/O error occurred.");
+
+        match self {
+            #[cfg(feature = "sled")]
+            Self::SledError { .. } => db_error,
+            #[cfg(feature = "sqlite")]
+            Self::SqliteError { .. } => db_error,
+            #[cfg(feature = "persy")]
+            Self::PersyError { .. } => db_error,
+            #[cfg(feature = "heed")]
+            Self::HeedError => db_error,
+            #[cfg(feature = "rocksdb")]
+            Self::RocksDbError { .. } => db_error,
+            Self::IoError { .. } => db_error,
+            Self::BadConfig { .. } => db_error,
+            Self::BadDatabase { .. } => db_error,
+            _ => self.to_string(),
+        }
+    }
 }
 
 #[cfg(feature = "persy")]