Giters

go-telegram-bot-api / telegram-bot-api

Golang bindings for the Telegram Bot API

Home Page:https://go-telegram-bot-api.dev

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

This can cause the bot's token to be compromised

pillarion opened this issue · comments

commented

Description

// GetUpdatesChan starts and returns a channel for getting updates.
func (bot *BotAPI) GetUpdatesChan(config UpdateConfig) UpdatesChannel
...
updates, err := bot.GetUpdates(config)
			if err != nil {
				log.Println(err)
				log.Println("Failed to get updates, retrying in 3 seconds...")
				time.Sleep(time.Second * 3)

				continue
			}
...

The line log.Println(err) puts the bot's token into the log. This can cause the token to be compromised.

Example log:

2023/01/26 17:15:22 Post "https://api.telegram.org/bot<full_bot_token>/getUpdates": read tcp <ip>:<port>-><ip>:<port>: read: connection reset by peer
2023/01/26 17:15:22 Failed to get updates, retrying in 3 seconds...

Affected Modules, Packages, Versions and Symbols

Module: github.com/example/module
github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1
commented

how to fix error "read: connection reset by peer"? @pillarion