diff --git a/deployment/Dockerfile.application b/deployment/Dockerfile.application index 57415ac9..223d529f 100644 --- a/deployment/Dockerfile.application +++ b/deployment/Dockerfile.application @@ -4,8 +4,9 @@ WORKDIR /usr/src/app RUN apk update && \ apk upgrade && \ - apk --no-cache add geos geos-dev git graphviz-dev lapack libmagic libstdc++ && \ - apk --no-cache add --virtual .builddeps g++ gcc gfortran lapack-dev musl-dev py3-pybind11-dev re2 re2-dev + apk add --repository=https://dl-cdn.alpinelinux.org/alpine/v3.20/main --repository=https://dl-cdn.alpinelinux.org/alpine/v3.20/community \ + g++~=13.2 gcc~=13.2 gfortran~=13.2 libgcc~=13.2 libstdc++~=13.2 && \ + apk --no-cache add geos geos-dev git graphviz-dev lapack lapack-dev libmagic musl-dev py3-pybind11-dev re2 re2-dev COPY . . diff --git a/otm/otm/entity/component.py b/otm/otm/entity/component.py index 9a6c4d5c..7fef30ef 100644 --- a/otm/otm/entity/component.py +++ b/otm/otm/entity/component.py @@ -3,6 +3,11 @@ from otm.otm.entity.parent_type import ParentType from otm.otm.entity.representation import RepresentationElement from otm.otm.entity.threat import ThreatInstance +from sl_util.sl_util.str_utils import truncate + + +MAX_NAME_SIZE = 255 +MAX_TAG_SIZE = 255 class Component: @@ -19,6 +24,22 @@ def __init__(self, component_id, name, component_type=None, parent=None, parent_ self.threats: [ThreatInstance] = threats or [] self.representations: List[RepresentationElement] = representations + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = truncate(value, MAX_NAME_SIZE) + + @property + def tags (self): + return self._tags + + @tags.setter + def tags(self, value): + self._tags = [tag for tag in value if tag and len(tag) <= MAX_TAG_SIZE] if value else None + def add_threat(self, threat: ThreatInstance): self.threats.append(threat) diff --git a/otm/otm/entity/dataflow.py b/otm/otm/entity/dataflow.py index 9c65ae79..94260956 100644 --- a/otm/otm/entity/dataflow.py +++ b/otm/otm/entity/dataflow.py @@ -1,3 +1,10 @@ +from sl_util.sl_util.str_utils import truncate + + +MAX_NAME_SIZE = 255 +MAX_TAG_SIZE = 255 + + class Dataflow: def __init__(self, dataflow_id, name, source_node, destination_node, bidirectional: bool = None, source=None, attributes=None, tags=None): @@ -10,6 +17,22 @@ def __init__(self, dataflow_id, name, source_node, destination_node, bidirection self.attributes = attributes self.tags = tags + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = truncate(value, MAX_NAME_SIZE) + + @property + def tags (self): + return self._tags + + @tags.setter + def tags(self, value): + self._tags = [tag for tag in value if tag and len(tag) <= MAX_TAG_SIZE] if value else None + def json(self): json = { "id": self.id, diff --git a/otm/otm/entity/trustzone.py b/otm/otm/entity/trustzone.py index f997dcb5..8d56ad73 100644 --- a/otm/otm/entity/trustzone.py +++ b/otm/otm/entity/trustzone.py @@ -1,4 +1,8 @@ from otm.otm.entity.parent_type import ParentType +from sl_util.sl_util.str_utils import truncate + + +MAX_NAME_SIZE = 255 class Trustzone: @@ -14,6 +18,14 @@ def __init__(self, trustzone_id, name, parent=None, parent_type: ParentType = No self.trustrating = trustrating self.representations = representations + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = truncate(value, MAX_NAME_SIZE) + def __eq__(self, other): return type(other) == Trustzone and self.id == other.id diff --git a/sl_util/sl_util/str_utils.py b/sl_util/sl_util/str_utils.py index e379a433..0d4cc284 100644 --- a/sl_util/sl_util/str_utils.py +++ b/sl_util/sl_util/str_utils.py @@ -21,3 +21,6 @@ def to_number(input, default_value: int = 0) -> int: return w2n.word_to_num(input) except ValueError: return default_value + +def truncate(s: str, max_length: int) -> str: + return s[:max_length] if s else s \ No newline at end of file diff --git a/slp_drawio/tests/unit/load/test_diagram_dataflow_loader.py b/slp_drawio/tests/unit/load/test_diagram_dataflow_loader.py index bbfae0f9..d592515b 100644 --- a/slp_drawio/tests/unit/load/test_diagram_dataflow_loader.py +++ b/slp_drawio/tests/unit/load/test_diagram_dataflow_loader.py @@ -32,7 +32,7 @@ def test_load(self, get_dataflow_tags_wrapper): assert diagram_dataflows[1].otm.name == 'pt2kyrPXSm7H56EBWWGj-8-dataflow' assert diagram_dataflows[1].otm.source_node == 'pt2kyrPXSm7H56EBWWGj-7' assert diagram_dataflows[1].otm.destination_node == 'pt2kyrPXSm7H56EBWWGj-7' - assert len(diagram_dataflows[1].otm.tags) == 0 + assert not diagram_dataflows[1].otm.tags # AND the method get_dataflow_tags has been called once for each dataflow assert get_dataflow_tags_wrapper.call_count == len(diagram_dataflows) diff --git a/slp_tfplan/tests/unit/map/test_tfplan_mapper.py b/slp_tfplan/tests/unit/map/test_tfplan_mapper.py index db6bfaaf..1fa69a51 100644 --- a/slp_tfplan/tests/unit/map/test_tfplan_mapper.py +++ b/slp_tfplan/tests/unit/map/test_tfplan_mapper.py @@ -111,8 +111,8 @@ def test_mapping_by_type(self): @mark.parametrize('regex,resource_type', [ param(r'^aws_\w*$','aws_vpc', id='aws_vpc'), - param(r'^a+$','a'*256, id='long_string'), - param(r'^(a+)+$','a'*256, id='redos_attack'), + param(r'^a+$','a'*255, id='long_string'), + param(r'^(a+)+$','a'*255, id='redos_attack'), ]) def test_mapping_by_regex(self,regex,resource_type:str): # GIVEN a resource of some TF type