We have observed that as part of sending an antivirus alert email, if an exception is thrown by the geolocation library (as part of getting the geo info of the ip address that uploaded the bad file), that this is propogated up and shown to students and is not very helpful.

E.g. uploading a bad file, a student received the error "Exception - The address x.x.x.x is not in the database."

This error originates from here: https://github.com/moodle/moodle/blob/7d7a871eddf81cdc1e6f5ea9dda67cf9058dd032/lib/maxmind/GeoIp2/Database/Reader.php#L246

In my opinion, internal errors from sending the antivirus alert email should not be shown to users, the users should instead see the expected error saying the file was blocked from uploading because it failed the antivirus check.

To recreate this:

• Be able to trigger the antivirus by uploading a file
  • Easy way to do this is with https://github.com/catalyst/moodle-antivirus_encrypted and then uploading one of the encrypted files in the plugins /tests/fixtures
• Trigger an ip address lookup fail.
  • This is quite difficult to recreate naturally, Since you must obtain the geolocation file separately from MaxMind as well as be on an ip that is not in the database.
  • Instead its easier just to simulate this by throwing an exception inside of iplookup_find_location
    • To do this, add add "throw new coding_exception('test')" https://github.com/moodle/moodle/blob/7d7a871eddf81cdc1e6f5ea9dda67cf9058dd032/iplookup/lib.php#L36
• Upload a bad file, and see that the coding exception output was shown, even if debugging is off and the user is a student (not an admin)

I've attached a screenshot of recreating this on the latest version of Moodle using the above method.