Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature/simultaneous_queues] Improved version for scenario management #29

Merged
merged 39 commits into from
Dec 16, 2024
Merged

[Feature/simultaneous_queues] Improved version for scenario management #29

merged 39 commits into from
Dec 16, 2024

Conversation

enriquetomasmb
Copy link
Collaborator

No description provided.

FerTV and others added 30 commits November 21, 2024 19:31
@FerTV
feature: multiple queues working with different users using the defau…
8410553 
…lt scenario configuration
@FerTV
fix network prefix 192.168.1 changed to 192.168.2
e2fb2b1
@FerTV
Fix different queue for each user
7a7091e
@FerTV
feature: show scenarios in the dashboard depending on the role of the…
c7901a9 
… user
@FerTV
refactor: changed location of utils.py
278faf8
@FerTV
fix: nebula-frontend port
6108dce
@FerTV
fix: launching scenarios with same user in different frontend instance
8885d48
@FerTV
fix: launching scenarios with same user in different frontend instance
cf9166a
@FerTV
fix: stopping only instance
2a3d285
@FerTV
fix: stopping only instance
47158ba
@FerTV
fix: remove instance network
2212ae1
@FerTV
fix: killing other instance docker when starting new scenario
2316b07
@FerTV
Merge remote-tracking branch 'origin/main' into feature/simultaneous_…
e98b985 
…queues
@FerTV
Merge remote-tracking branch 'origin/main' into feature/simultaneous_…
7b123a3 
…queues
@FerTV
fix: stop bugs
d2a64e3
@FerTV
feature: display queues for each user
2db5626
@enriquetomasmb
Fix persistence on session and dbs
791a661
@FerTV
Fix persistence on session
1f81b12
@FerTV
fix: scenario database, database dashboard
ea2862a
@enriquetomasmb
Minor changes in user management
62233a7
@enriquetomasmb
Improve update docker images
a2095b7
@enriquetomasmb
remove reconnections (more debug needed)
d84e8c3
@FerTV
fix: scenario title setted to empty when theres no scenario title
cd9f978
@FerTV
fix: redirect to dashboard.py
99d2b8e
@FerTV
fix: waf containers on production mode working
6b5d818
@FerTV
fix: change user in config files automatically
f2fc1f9
@FerTV
fix: remove unnecesary variable user
528e011
@enriquetomasmb
remove unused functions
f50cc69
@FerTV
fix: blockchain network endpoint
468f769
@FerTV
fix: deploying different scenarios with process
80a5796
@enriquetomasmb enriquetomasmb requested a review from FerTV December 16, 2024 10:27
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 16, 2024
View reviewed changes
nebula/scenarios.py
scenario_commands_file = os.path.join(
nebula_config_dir, scenario_name, "current_scenario_commands.sh"
)
if os.path.exists(scenario_commands_file):

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.
This path depends on a
user-provided value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to validate the scenario_name before using it to construct file paths. We can use the os.path.normpath function to normalize the path and ensure it is contained within a safe root directory. Additionally, we can use a whitelist of allowed characters to further sanitize the scenario_name.

  1. Normalize the scenario_name using os.path.normpath.
  2. Ensure the normalized path starts with the expected base directory.
  3. Optionally, sanitize the scenario_name to allow only specific characters.
Suggested changeset 1
nebula/scenarios.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/nebula/scenarios.py b/nebula/scenarios.py
--- a/nebula/scenarios.py
+++ b/nebula/scenarios.py
@@ -397,2 +397,6 @@
             if scenario_name:
+                # Normalize and validate scenario_name
+                scenario_name = os.path.normpath(scenario_name)
+                if not scenario_name.startswith(nebula_config_dir):
+                    raise Exception("Invalid scenario name")
                 if os.environ.get("NEBULA_HOST_PLATFORM") == "windows":
EOF
@@ -397,2 +397,6 @@
if scenario_name:
# Normalize and validate scenario_name
scenario_name = os.path.normpath(scenario_name)
if not scenario_name.startswith(nebula_config_dir):
raise Exception("Invalid scenario name")
if os.environ.get("NEBULA_HOST_PLATFORM") == "windows":
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
nebula/scenarios.py
nebula_config_dir, scenario_name, "current_scenario_commands.sh"
)
if os.path.exists(scenario_commands_file):
os.remove(scenario_commands_file)

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.
This path depends on a
user-provided value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to validate the scenario_name before using it to construct file paths. We can use the os.path.normpath function to normalize the path and ensure it is contained within a safe root directory. Additionally, we can use a whitelist of allowed characters to further sanitize the scenario_name.

  1. Normalize the scenario_name using os.path.normpath.
  2. Ensure the normalized path starts with the expected base directory.
  3. Use a whitelist of allowed characters to sanitize the scenario_name.
Suggested changeset 1
nebula/scenarios.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/nebula/scenarios.py b/nebula/scenarios.py
--- a/nebula/scenarios.py
+++ b/nebula/scenarios.py
@@ -397,2 +397,6 @@
             if scenario_name:
+                # Normalize and validate scenario_name
+                scenario_name = os.path.normpath(scenario_name)
+                if not scenario_name.isalnum():
+                    raise ValueError("Invalid scenario name")
                 if os.environ.get("NEBULA_HOST_PLATFORM") == "windows":
EOF
@@ -397,2 +397,6 @@
if scenario_name:
# Normalize and validate scenario_name
scenario_name = os.path.normpath(scenario_name)
if not scenario_name.isalnum():
raise ValueError("Invalid scenario name")
if os.environ.get("NEBULA_HOST_PLATFORM") == "windows":
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@enriquetomasmb enriquetomasmb merged commit aebcbbb into main Dec 16, 2024
2 of 5 checks passed
@enriquetomasmb enriquetomasmb deleted the feature/simultaneous_queues branch January 27, 2025 17:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FerTV FerTV Awaiting requested review from FerTV

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@enriquetomasmb @FerTV