Actually this goes far beyond COULD_NOT_SAVE_FILE, e.g. intelligent_write_error. And special considerations must be made (e.g. warn_exit needs the full path so it can log it to the server / PHP error logs. But that means it will also show the full path in the error on the UI.)

This is supposed to be handled by the _sanitise_error_msg function.

Ah, thank you. That makes things a lot easier.

Bug also exists in v11

Automated response: Not all error messages are being sanitised by _sanitise_error_msg

The COULD_NOT_SAVE_FILE string (and other things) use the full file path of the file that could not be saved. This is a security problem because full paths could be exposed to regular members in attached messages.

I am not 100% certain this patch will fix all cases, but it does move the _sanitise_error_msg function to global3 (from failure) to help better ensure its availability. And I added its missing use in attach_message.

**The patch below is only for v11**

A hotfix (a TAR of files to upload) has been uploaded to this issue. Only apply this hotfix if you absolutely need it and cannot wait until the next release of the software (releases are more reliable and strictly tested). As of the software version 11, the recommended way to apply a hotfix is by following the same steps as an upgrade (https://baseurl/upgrader.php, use the hotfix on step 5). The upgrader will automatically skip files belonging to addons you do not have installed or that are newer on disk than in the hotfix. Otherwise, you can manually extract and replace these files (do not replace if your on-disk file is newer than the one in the hotfix). Always take backups of your site or at least files you are replacing before applying a hotfix. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/).

Patrick, this can be marked done?

I think so. I'm not 100% sure I caught all the cases that needed it but I haven't found any more since the hotfix.