From a29ae7b87c9335774a838caa8fab093f8876e462 Mon Sep 17 00:00:00 2001 From: noopur Date: Tue, 12 Nov 2024 07:54:11 +0000 Subject: [PATCH 1/4] Set FQDN as env variable for pytest coverage Signed-off-by: noopur --- .github/workflows/ubuntu.yml | 3 +++ .github/workflows/windows.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml index 3f26c797fc..d0d8db72c2 100644 --- a/.github/workflows/ubuntu.yml +++ b/.github/workflows/ubuntu.yml @@ -26,6 +26,9 @@ jobs: pytest-coverage: # from pytest_coverage.yml needs: lint runs-on: ubuntu-latest + env: + # A workaround for long FQDN names provided by GitHub actions. + FQDN: "localhost" steps: - uses: actions/checkout@v3 - name: Set up Python 3.8 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index f7d9ca30b9..d15cc60dba 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -10,6 +10,9 @@ permissions: jobs: pytest-coverage: # from pytest_coverage.yml runs-on: windows-latest + env: + # A workaround for long FQDN names provided by GitHub actions. + FQDN: "localhost" steps: - uses: actions/checkout@v3 - name: Set up Python 3.8 From 978eb6ebb0e09bcd2954581f00cb3cbb13971139 Mon Sep 17 00:00:00 2001 From: noopur Date: Tue, 12 Nov 2024 08:00:15 +0000 Subject: [PATCH 2/4] Moving env variable outside Signed-off-by: noopur --- .github/workflows/ubuntu.yml | 7 ++++--- .github/workflows/windows.yml | 7 ++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml index d0d8db72c2..bead9ebbdc 100644 --- a/.github/workflows/ubuntu.yml +++ b/.github/workflows/ubuntu.yml @@ -7,6 +7,10 @@ on: permissions: contents: read +env: + # A workaround for long FQDN names provided by GitHub actions. + FQDN: "localhost" + jobs: lint: # from lint.yml runs-on: ubuntu-latest @@ -26,9 +30,6 @@ jobs: pytest-coverage: # from pytest_coverage.yml needs: lint runs-on: ubuntu-latest - env: - # A workaround for long FQDN names provided by GitHub actions. - FQDN: "localhost" steps: - uses: actions/checkout@v3 - name: Set up Python 3.8 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index d15cc60dba..a9aac81654 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -7,12 +7,13 @@ on: permissions: contents: read +env: + # A workaround for long FQDN names provided by GitHub actions. + FQDN: "localhost" + jobs: pytest-coverage: # from pytest_coverage.yml runs-on: windows-latest - env: - # A workaround for long FQDN names provided by GitHub actions. - FQDN: "localhost" steps: - uses: actions/checkout@v3 - name: Set up Python 3.8 From 21614ed2c031c98371ec224ad113d5d3810c1a4b Mon Sep 17 00:00:00 2001 From: rajith Date: Tue, 12 Nov 2024 13:58:23 +0530 Subject: [PATCH 3/4] fix path manipulation coverity issue --- openfl/interface/cli.py | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/openfl/interface/cli.py b/openfl/interface/cli.py index ff26eddc57..9bed2d6c91 100755 --- a/openfl/interface/cli.py +++ b/openfl/interface/cli.py @@ -4,7 +4,7 @@ """CLI module.""" import logging import os -import re +import pathlib import sys import time import warnings @@ -181,21 +181,7 @@ def cli(context, log_level, no_warnings): # Setup logging immediately to suppress unnecessary warnings on import # This will be overridden later with user selected debugging level disable_warnings() - log_file = os.getenv("LOG_FILE") - # Validate log_file with tighter restrictions - if log_file: - log_file = os.path.normpath(log_file) - if ( - not re.match(r"^logs/[\w\-.]+$", log_file) - or ".." in log_file - or log_file.startswith("/") - ): - raise ValueError("Invalid log file path") - # Ensure the log file is in the 'logs' directory - allowed_directory = Path("logs").resolve() - full_path = (allowed_directory / log_file).resolve() - if not str(full_path).startswith(str(allowed_directory)): - raise ValueError("Log file path is not allowed") + log_file = pathlib.Path(os.getenv("LOG_FILE")).expanduser().resolve() setup_logging(log_level, log_file) sys.stdout.reconfigure(encoding="utf-8") From 38527116969c31712580cc1ce26d4fe0c292e1d2 Mon Sep 17 00:00:00 2001 From: rajith Date: Tue, 12 Nov 2024 14:05:54 +0530 Subject: [PATCH 4/4] handle log_file not set --- openfl/interface/cli.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/openfl/interface/cli.py b/openfl/interface/cli.py index 9bed2d6c91..9937ddea01 100755 --- a/openfl/interface/cli.py +++ b/openfl/interface/cli.py @@ -181,7 +181,12 @@ def cli(context, log_level, no_warnings): # Setup logging immediately to suppress unnecessary warnings on import # This will be overridden later with user selected debugging level disable_warnings() - log_file = pathlib.Path(os.getenv("LOG_FILE")).expanduser().resolve() + log_file = os.getenv("LOG_FILE") + if log_file is None: + raise ValueError("LOG_FILE environment variable is not set") + + # Normalize the path + log_file = pathlib.Path(log_file).expanduser().resolve() setup_logging(log_level, log_file) sys.stdout.reconfigure(encoding="utf-8")