From bc128407d14ef1058ff6d143a28fff938be1ea7a Mon Sep 17 00:00:00 2001 From: rajith Date: Thu, 24 Oct 2024 11:27:59 +0530 Subject: [PATCH 1/3] fix filename coverity issue --- openfl/interface/cli.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/openfl/interface/cli.py b/openfl/interface/cli.py index 9d2b1c1b8d..6b22351b97 100755 --- a/openfl/interface/cli.py +++ b/openfl/interface/cli.py @@ -4,6 +4,7 @@ """CLI module.""" import logging import os +import re import sys import time import warnings @@ -181,6 +182,9 @@ def cli(context, log_level, no_warnings): # This will be overridden later with user selected debugging level disable_warnings() log_file = os.getenv("LOG_FILE") + # Validate log_file using allow list approach + if log_file and not re.match(r'^[\w\-.]+$', log_file): + raise ValueError("Invalid log file path") setup_logging(log_level, log_file) sys.stdout.reconfigure(encoding="utf-8") From b529f8f2c8affe639a860fabe1aeae2d1f1e18a6 Mon Sep 17 00:00:00 2001 From: rajith Date: Thu, 24 Oct 2024 11:46:22 +0530 Subject: [PATCH 2/3] fix code format issue --- openfl/interface/cli.py | 2 +- openfl/utilities/optimizers/numpy/yogi_optimizer.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/openfl/interface/cli.py b/openfl/interface/cli.py index 6b22351b97..ba7b9c2133 100755 --- a/openfl/interface/cli.py +++ b/openfl/interface/cli.py @@ -183,7 +183,7 @@ def cli(context, log_level, no_warnings): disable_warnings() log_file = os.getenv("LOG_FILE") # Validate log_file using allow list approach - if log_file and not re.match(r'^[\w\-.]+$', log_file): + if log_file and not re.match(r"^[\w\-.]+$", log_file): raise ValueError("Invalid log file path") setup_logging(log_level, log_file) sys.stdout.reconfigure(encoding="utf-8") diff --git a/openfl/utilities/optimizers/numpy/yogi_optimizer.py b/openfl/utilities/optimizers/numpy/yogi_optimizer.py index 17f9fc85a2..5bce181d50 100644 --- a/openfl/utilities/optimizers/numpy/yogi_optimizer.py +++ b/openfl/utilities/optimizers/numpy/yogi_optimizer.py @@ -79,7 +79,8 @@ def _update_second_moment(self, grad_name: str, grad: np.ndarray) -> None: """ sign = np.sign(grad**2 - self.grads_second_moment[grad_name]) self.grads_second_moment[grad_name] = ( - self.beta_2 * self.grads_second_moment[grad_name] + (1.0 - self.beta_2) * sign * grad**2 + self.beta_2 * self.grads_second_moment[grad_name] + + (1.0 - self.beta_2) * sign * grad**2 ) def step(self, gradients: Dict[str, np.ndarray]) -> None: From 6c9c0029603fe2146332aea45145ba404d3c733a Mon Sep 17 00:00:00 2001 From: rajith Date: Thu, 24 Oct 2024 12:03:37 +0530 Subject: [PATCH 3/3] reverting code check format issue --- openfl/utilities/optimizers/numpy/yogi_optimizer.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/openfl/utilities/optimizers/numpy/yogi_optimizer.py b/openfl/utilities/optimizers/numpy/yogi_optimizer.py index 5bce181d50..17f9fc85a2 100644 --- a/openfl/utilities/optimizers/numpy/yogi_optimizer.py +++ b/openfl/utilities/optimizers/numpy/yogi_optimizer.py @@ -79,8 +79,7 @@ def _update_second_moment(self, grad_name: str, grad: np.ndarray) -> None: """ sign = np.sign(grad**2 - self.grads_second_moment[grad_name]) self.grads_second_moment[grad_name] = ( - self.beta_2 * self.grads_second_moment[grad_name] - + (1.0 - self.beta_2) * sign * grad**2 + self.beta_2 * self.grads_second_moment[grad_name] + (1.0 - self.beta_2) * sign * grad**2 ) def step(self, gradients: Dict[str, np.ndarray]) -> None: