#OBS-I335: dataset update fix #276

JeraldJF · 2024-11-13T05:53:49Z

No description provided.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

-        const removeConfigs = _.map(_.filter(newConfigs, {action: "remove"}), "value.field_key")
-        const addConfigs = _.map(_.filter(newConfigs, {action: "upsert"}), "value")
+    if (newConfigs) {
+        const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.field_key")


To fix the problem, we need to ensure that the newConfigs object is a valid array and has a reasonable length before using it in the loop. We can achieve this by adding a check to confirm that newConfigs is an array and limiting its length to a safe maximum value.

First, we will check if newConfigs is an array using Array.isArray.

Then, we will limit the length of newConfigs to a maximum value (e.g., 1000) to prevent potential DoS attacks.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

-        const addConfigs = _.map(_.filter(newConfigs, {action: "upsert"}), "value")
+    if (newConfigs) {
+        const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.field_key")
+        const addConfigs = _.map(_.filter(newConfigs, { action: "upsert" }), "value")


To fix the problem, we need to ensure that newConfigs is an array before using its .length property in the loop. This can be done by adding a check to confirm that newConfigs is an instance of Array. If it is not, we can either initialize it as an empty array or handle the error appropriately.

Steps to fix:

Add a check to ensure newConfigs is an array before using it in the loop.

If newConfigs is not an array, initialize it as an empty array or handle the error.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

-        const removeConfigs = _.map(_.filter(newConfig.denorm_fields, {action: "remove"}), "value.denorm_out_field")
-        const addConfigs = _.map(_.filter(newConfig.denorm_fields, {action: "upsert"}), "value")
+    if (newConfig) {
+        const removeConfigs = _.map(_.filter(newConfig.denorm_fields, { action: "remove" }), "value.denorm_out_field")


To fix the problem, we need to ensure that newConfig.denorm_fields is an array and limit its length to a reasonable number before iterating over it. This can be done by adding a validation check before the loop.

Check if newConfig.denorm_fields is an array.

Limit the length of newConfig.denorm_fields to a reasonable maximum value (e.g., 1000) to prevent potential DoS attacks.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

-        const addConfigs = _.map(_.filter(newConfig.denorm_fields, {action: "upsert"}), "value")
+    if (newConfig) {
+        const removeConfigs = _.map(_.filter(newConfig.denorm_fields, { action: "remove" }), "value.denorm_out_field")
+        const addConfigs = _.map(_.filter(newConfig.denorm_fields, { action: "upsert" }), "value")


To fix the problem, we need to ensure that newConfig.denorm_fields is a valid array before using its length property in the loop. This can be done by adding a check to confirm that newConfig.denorm_fields is an array and has a reasonable length. If it is not, we should handle the error appropriately.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

@@ -178,8 +190,8 @@

 const mergeConnectorsConfig = (currConfigs: any, newConfigs: any) => {

-    const removeConfigs = _.map(_.filter(newConfigs, {action: "remove"}), "value.connector_id")
-    const addConfigs = _.map(_.filter(newConfigs, {action: "upsert"}), "value")
+    const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.connector_id")


To fix the problem, we need to ensure that newConfigs is an array before using its .length property in the loop. This can be done by adding a check to confirm that newConfigs is an instance of an array. If it is not, we should handle the error appropriately, possibly by returning an empty array or an error response.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

-    const removeConfigs = _.map(_.filter(newConfigs, {action: "remove"}), "value.connector_id")
-    const addConfigs = _.map(_.filter(newConfigs, {action: "upsert"}), "value")
+    const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.connector_id")
+    const addConfigs = _.map(_.filter(newConfigs, { action: "upsert" }), "value")


To fix the problem, we need to ensure that newConfigs is an array before using its .length property in a loop. This can be done by adding a check to confirm that newConfigs is an instance of Array. If it is not, we should handle the error appropriately, such as returning an empty array or throwing an error.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

    )
 }

 const mergeTags = (currentTags: any, newConfigs: any) => {

-    const tagsToRemove = _.map(_.filter(newConfigs, {action: "remove"}), "value")
-    const tagsToAdd = _.map(_.filter(newConfigs, {action: "upsert"}), "value")
+    const tagsToRemove = _.map(_.filter(newConfigs, { action: "remove" }), "value")


To fix the problem, we need to ensure that newConfigs is an array before using its .length property in a loop. This can be done by adding a check to verify that newConfigs is an instance of Array. If it is not, we should handle the error appropriately, such as returning an empty array or throwing an error.

api-service/src/controllers/DatasetUpdate/DatasetUpdate.ts

-    const tagsToRemove = _.map(_.filter(newConfigs, {action: "remove"}), "value")
-    const tagsToAdd = _.map(_.filter(newConfigs, {action: "upsert"}), "value")
+    const tagsToRemove = _.map(_.filter(newConfigs, { action: "remove" }), "value")
+    const tagsToAdd = _.map(_.filter(newConfigs, { action: "upsert" }), "value")


To fix the problem, we need to ensure that newConfigs is an array before using its .length property in a loop. This can be done by adding a check to verify that newConfigs is an instance of an array. If it is not, we should handle the error appropriately, such as returning an empty array or throwing an error.

…service into hudi-spec-fix

#OBS-I335: dataset update fix

9ce2373

github-advanced-security bot found potential problems Nov 13, 2024

View reviewed changes

JeraldJF and others added 4 commits November 13, 2024 11:33

#OBS-I335: loop bound issue fix

a3c3459

#OBS-I335: dataset updated as per feedbacks

939893d

#OBS-I334 - Fix the schema update functionality

c01be2a

Merge branch 'hudi-spec-fix' of github.com:Sanketika-Obsrv/obsrv-api-…

6d1cb44

…service into hudi-spec-fix

SanthoshVasabhaktula approved these changes Nov 13, 2024

View reviewed changes

SanthoshVasabhaktula merged commit 25ec1f0 into main Nov 13, 2024
1 of 3 checks passed

SanthoshVasabhaktula deleted the hudi-spec-fix branch November 13, 2024 09:26

@@ -157,5 +157,7 @@
                 let updatedConfigs = currentConfigs;
-                if (newConfigs && newConfigs.length) {
-                    const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.field_key")
-                    const addConfigs = _.map(_.filter(newConfigs, { action: "upsert" }), "value")
+                if (Array.isArray(newConfigs) && newConfigs.length > 0) {
+                    const maxLength = 1000;
+                    const validNewConfigs = newConfigs.slice(0, maxLength);
+                    const removeConfigs = _.map(_.filter(validNewConfigs, { action: "remove" }), "value.field_key")
+                    const addConfigs = _.map(_.filter(validNewConfigs, { action: "upsert" }), "value")

@@ -157,3 +157,3 @@
                 let updatedConfigs = currentConfigs;
-                if (newConfigs && newConfigs.length) {
+                if (Array.isArray(newConfigs) && newConfigs.length) {
                     const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.field_key")

@@ -178,5 +178,6 @@
                 let updatedConfigs = currentConfig.denorm_fields;
-                if (_.get(newConfig, "denorm_fields")) {
-                    const removeConfigs = _.map(_.filter(newConfig.denorm_fields, { action: "remove" }), "value.denorm_out_field")
-                    const addConfigs = _.map(_.filter(newConfig.denorm_fields, { action: "upsert" }), "value")
+                const denormFields = _.get(newConfig, "denorm_fields");
+                if (Array.isArray(denormFields) && denormFields.length <= 1000) {
+                    const removeConfigs = _.map(_.filter(denormFields, { action: "remove" }), "value.denorm_out_field")
+                    const addConfigs = _.map(_.filter(denormFields, { action: "upsert" }), "value")

@@ -178,3 +178,3 @@
                 let updatedConfigs = currentConfig.denorm_fields;
-                if (_.get(newConfig, "denorm_fields")) {
+                if (_.get(newConfig, "denorm_fields") && Array.isArray(newConfig.denorm_fields) && newConfig.denorm_fields.length < 1000) { // Validate newConfig.denorm_fields
                     const removeConfigs = _.map(_.filter(newConfig.denorm_fields, { action: "remove" }), "value.denorm_out_field")

@@ -200,2 +200,6 @@
+                if (!Array.isArray(newConfigs)) {
+                    throw new Error("Invalid input: newConfigs should be an array");
+                }
                 const removeConfigs = _.map(_.filter(newConfigs, { action: "remove" }), "value.connector_id")

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

#OBS-I335: dataset update fix #276

#OBS-I335: dataset update fix #276

JeraldJF commented Nov 13, 2024

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

@@ -222,2 +222,6 @@
+                if (!(newConfigs instanceof Array)) {
+                    throw new Error("Invalid input: newConfigs must be an array");
+                }
                 const tagsToRemove = _.map(_.filter(newConfigs, { action: "remove" }), "value")

#OBS-I335: dataset update fix #276

#OBS-I335: dataset update fix #276

Conversation

JeraldJF commented Nov 13, 2024