From b8d36e356b4798636feddf4ad320e7a4a74ea367 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Wed, 1 Apr 2026 12:47:45 +0000
Subject: [PATCH] fix(security): sanitize api error responses

Co-authored-by: daggerstuff <261005129+daggerstuff@users.noreply.github.com>
---
 .Jules/sentinel.md             | 1 +
 api/pixel_inference_service.py | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/.Jules/sentinel.md b/.Jules/sentinel.md
index 0f720988..85105413 100644
--- a/.Jules/sentinel.md
+++ b/.Jules/sentinel.md
@@ -1,2 +1,3 @@
 ## 2026-03-27 - Prevent SQL Error Leakage | Vulnerability: Information Exposure through Error Messages | Learning: Database error traces bubbling up to users can leak schema and path information. | Prevention: Catch database exceptions and return generic error messages (e.g. 500 Internal Server Error) to the client while logging the detailed exception server-side.
 ## 2026-03-29 - Server-Side Logging of Database Errors | Vulnerability: Insufficient Logging and Monitoring | Learning: Swallowing database errors without logging them hides potential malicious activity like SQL injection attempts. | Prevention: Always log database exception details using `logger.error` on the backend before returning a sanitized generic error to the client.
+## 2026-03-31 - Mask API Exception Details | Vulnerability: Information Exposure through Exceptions | Learning: Passing raw exception objects (`str(e)`) directly to FastAPI `HTTPException` detail fields leaks internal stack traces and error states to end-users. | Prevention: Always log exception objects server-side using `logger.error()` and raise HTTPExceptions with generic error details like 'Internal server error', removing the `from e` exception chaining clause.
diff --git a/api/pixel_inference_service.py b/api/pixel_inference_service.py
index 0ae7008e..45444863 100644
--- a/api/pixel_inference_service.py
+++ b/api/pixel_inference_service.py
@@ -406,7 +406,7 @@ async def infer(request: PixelInferenceRequest, background_tasks: BackgroundTask
         return await inference_engine.generate_response(request)
     except Exception as e:
         logger.error(f"Inference error: {e}")
-        raise HTTPException(status_code=500, detail=str(e)) from e
+        raise HTTPException(status_code=500, detail="Internal server error")
 
 
 @app.post("/batch-infer")
@@ -422,7 +422,7 @@ async def batch_infer(requests: list[PixelInferenceRequest]):
             responses.append(response)
         except Exception as e:
             logger.error(f"Batch inference error: {e}")
-            responses.append({"error": str(e)})
+            responses.append({"error": "Internal server error"})
 
     return {"results": responses}
 
@@ -437,7 +437,7 @@ async def reload_model():
         raise HTTPException(status_code=500, detail="Failed to reload model")
     except Exception as e:
         logger.error(f"Reload error: {e}")
-        raise HTTPException(status_code=500, detail=str(e)) from e
+        raise HTTPException(status_code=500, detail="Internal server error")
 
 
 if __name__ == "__main__":