Fix inappropriate comparison on the length of a Collection #7125
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ansibullbot
added
cloud
module_utils
There was a problem hiding this comment.
Thanks for your contribution! Can you please add a changelog fragment? Thanks.
felixfontein
added
check-before-release
This comment was marked as outdated.
This comment was marked as outdated.
ansibullbot
added
merge_commit
This comment was marked as outdated.
This comment was marked as outdated.
ansibullbot
added
ci_verified
This comment was marked as outdated.
This comment was marked as outdated.
ansibullbot
added
ci_verified
openrefactorymunawar
force-pushed
the
Inappropriate_Logic-13oci_utils.py15314855678017598354.diff
branch
from
593f30d to
f43d477
Compare
ansibullbot
removed
ci_verified
…. Added changlelog fragment file.
openrefactorymunawar
force-pushed
the
Inappropriate_Logic-13oci_utils.py15314855678017598354.diff
branch
from
f43d477 to
0573bc5
Compare
ansibullbot
removed
the
needs_revision
Co-authored-by: Felix Fontein <[email protected]>
felixfontein
approved these changes
Aug 22, 2023
felixfontein
removed
the
check-before-release
Backport to stable-6: 💚 backport PR created✅ Backport PR branch: Backported as #7146 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Aug 22, 2023
* Comment: Fixed inappropriate comparison on the length of a Collection. Added changlelog fragment file. * Comment: Updated the scope of the changelog fragment based on feedback. Co-authored-by: Felix Fontein <[email protected]> --------- Co-authored-by: Felix Fontein <[email protected]> (cherry picked from commit 7721420)
Backport to stable-7: 💚 backport PR created✅ Backport PR branch: Backported as #7147 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Aug 22, 2023
* Comment: Fixed inappropriate comparison on the length of a Collection. Added changlelog fragment file. * Comment: Updated the scope of the changelog fragment based on feedback. Co-authored-by: Felix Fontein <[email protected]> --------- Co-authored-by: Felix Fontein <[email protected]> (cherry picked from commit 7721420)
|
@munahaf thanks a lot for your contribution! |
felixfontein
pushed a commit
that referenced
this pull request
Aug 23, 2023
…n the length of a Collection (#7146) Fix inappropriate comparison on the length of a Collection (#7125) * Comment: Fixed inappropriate comparison on the length of a Collection. Added changlelog fragment file. * Comment: Updated the scope of the changelog fragment based on feedback. Co-authored-by: Felix Fontein <[email protected]> --------- Co-authored-by: Felix Fontein <[email protected]> (cherry picked from commit 7721420) Co-authored-by: Munawar <[email protected]>
felixfontein
pushed a commit
that referenced
this pull request
Aug 23, 2023
…n the length of a Collection (#7147) Fix inappropriate comparison on the length of a Collection (#7125) * Comment: Fixed inappropriate comparison on the length of a Collection. Added changlelog fragment file. * Comment: Updated the scope of the changelog fragment based on feedback. Co-authored-by: Felix Fontein <[email protected]> --------- Co-authored-by: Felix Fontein <[email protected]> (cherry picked from commit 7721420) Co-authored-by: Munawar <[email protected]>
etrombly
pushed a commit
to etrombly/community.general
that referenced
this pull request
Oct 25, 2023
…ollections#7125) * Comment: Fixed inappropriate comparison on the length of a Collection. Added changlelog fragment file. * Comment: Updated the scope of the changelog fragment based on feedback. Co-authored-by: Felix Fontein <[email protected]> --------- Co-authored-by: Felix Fontein <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In file: oci_utils.py, there are several places in the code where the comparison of Collection length creates a logical short circuit. The way the Collection length is checked (e.g.,
len(t) >= 0) always returns true. I suggested that the Collection length comparison should be done without creating a logical short circuit. This should be reviewed to verify that the spirit of the original code has been kept by the change.Sponsorship and Support:
This work is done by the security researchers from OpenRefactory and is supported by the Open Source Security Foundation (OpenSSF)(https://openssf.org/): Project Alpha-Omega(https://alpha-omega.dev/). Alpha-Omega is a project partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code - and get them fixed – to improve global software supply chain security.
The bug is found by running the Intelligent Code Repair (iCR) tool by OpenRefactory and then manually triaging the results.