Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIX: Updated expression to fix logical short circuit #1250

Merged
merged 1 commit into from
Oct 9, 2023
Merged

FIX: Updated expression to fix logical short circuit #1250

merged 1 commit into from
Oct 9, 2023

Conversation

fazledyn-or
Copy link
Contributor

Details

While triaging your project, our bug fixing tool generated the following messages-

In file: teltonika.py, method: parse_teltonika, a logical equality check operation was performed with the same operand on both sides. The comparison operation always returns either true or false. Such logical short circuits in code lead to unintended behavior. iCR suggested that the logical operation should be reviewed for correctness.

In file: hormann.py, method: parse_hormann, a logical equality check operation was performed with the same operand on both sides. The comparison operation always returns either true or false. Such logical short circuits in code lead to unintended behavior. iCR suggested that the logical operation should be reviewed for correctness.

Changes

Based on assumption, it looks like the comparison of packet_size should be made with respect to data_size in both of the files. Please refer to the commits for the changes made.

CLA Requirements

This section is only relevant if your project requires contributors to sign a Contributor License Agreement (CLA) for external contributions.

All contributed commits are already automatically signed off.

The meaning of a signoff depends on the project, but it typically certifies that committer has the rights to submit this work under the same license and agrees to a Developer Certificate of Origin (see https://developercertificate.org/ for more information).
- Git Commit SignOff documentation

Sponsorship and Support

This work is done by the security researchers from OpenRefactory and is supported by the Open Source Security Foundation (OpenSSF): Project Alpha-Omega. Alpha-Omega is a project partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code - and get them fixed – to improve global software supply chain security.

The bug is found by running the Intelligent Code Repair (iCR) tool by OpenRefactory and then manually triaging the results.

@Ernst79
Copy link
Collaborator

Ernst79 commented Oct 9, 2023

Thanks! Will include it in the next release.

@Ernst79 Ernst79 self-requested a review October 9, 2023 13:46
@Ernst79 Ernst79 merged commit ad2e45c into custom-components:master Oct 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ernst79 Ernst79 Ernst79 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fazledyn-or @Ernst79