Skip to content

Commit ea83218

Browse files
valentijnscholtenvalentijnscholten
authored
Fix Finding_Group name truncated to 255 chars to prevent DataError (#14376)
Finding_Group.name is varchar(255), but auto-group names built from long component names, file paths, or titles could exceed that limit, causing a DataError on import. Truncate the name in get_or_create to stay within the database column length. Fixes #14367
1 parent 4332b0b commit ea83218

1 file changed

Lines changed: 5 additions & 5 deletions

File tree

dojo/finding/helper.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -214,14 +214,14 @@ def create_finding_group(finds, finding_group_name):
214214
finding_group.creator = get_current_user()
215215

216216
if finding_group_name:
217-
finding_group.name = finding_group_name
217+
finding_group.name = finding_group_name[:255]
218218
elif finding_group.components:
219-
finding_group.name = finding_group.components
219+
finding_group.name = finding_group.components[:255]
220220
try:
221221
finding_group.save()
222222
except IntegrityError as ie:
223223
if "already exists" in str(ie):
224-
finding_group.name = finding_group_name + finding_group_name_dummy
224+
finding_group.name = finding_group_name[:255 - len(finding_group_name_dummy)] + finding_group_name_dummy
225225
finding_group.save()
226226
else:
227227
raise
@@ -362,7 +362,7 @@ def add_findings_to_auto_group(name, findings, group_by, *, create_finding_group
362362

363363
if create_finding_groups_for_all_findings or len(findings) > 1:
364364
# Only create a finding group if we have more than one finding for a given finding group, unless configured otherwise
365-
finding_group, created = Finding_Group.objects.get_or_create(test=test, creator=creator, name=name)
365+
finding_group, created = Finding_Group.objects.get_or_create(test=test, creator=creator, name=name[:255])
366366
if created:
367367
logger.debug("Created Finding Group %d:%s for test %d:%s", finding_group.id, finding_group, test.id, test)
368368
# See if we have old findings in the same test that were created without a finding group
@@ -388,7 +388,7 @@ def add_findings_to_auto_group(name, findings, group_by, *, create_finding_group
388388
for f in old_findings:
389389
f_group_name = get_group_by_group_name(f, group_by)
390390
if f_group_name == name and f not in findings:
391-
finding_group, created = Finding_Group.objects.get_or_create(test=test, creator=creator, name=name)
391+
finding_group, created = Finding_Group.objects.get_or_create(test=test, creator=creator, name=name[:255])
392392
finding_group.findings.add(f)
393393
if created:
394394
finding_group.findings.add(*findings)

0 commit comments

Comments
 (0)