From b23c5d9fe5ae9d9a9fa270e3c029d51c7e5d72ff Mon Sep 17 00:00:00 2001 From: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com> Date: Tue, 10 May 2022 00:32:20 +0530 Subject: [PATCH 1/2] fix: ngclient: temp_file could be undefined #1999 Fixes ngclient: temp_file could be undefined #1999 Signed-off-by: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com> --- tuf/ngclient/updater.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tuf/ngclient/updater.py b/tuf/ngclient/updater.py index 238fe303..8a4e77ce 100644 --- a/tuf/ngclient/updater.py +++ b/tuf/ngclient/updater.py @@ -37,7 +37,7 @@ import os import shutil import tempfile -from typing import Optional, Set +from typing import Any, Optional, Set from urllib import parse from tuf.api import exceptions @@ -275,6 +275,7 @@ def _load_local_metadata(self, rolename: str) -> bytes: def _persist_metadata(self, rolename: str, data: bytes) -> None: """Write metadata to disk atomically to avoid data loss.""" + temp_file: Optional[tempfile._TemporaryFileWrapper[Any]] = None try: # encode the rolename to avoid issues with e.g. path separators encoded_name = parse.quote(rolename, "") @@ -287,7 +288,7 @@ def _persist_metadata(self, rolename: str, data: bytes) -> None: except OSError as e: # remove tempfile if we managed to create one, # then let the exception happen - if temp_file: + if temp_file is not None: try: os.remove(temp_file.name) except FileNotFoundError: From ac7ecfb8d5385dc9ef0c21239d81b6cf8e1b8a1c Mon Sep 17 00:00:00 2001 From: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com> Date: Wed, 11 May 2022 01:11:09 +0530 Subject: [PATCH 2/2] fix: Uninitialized local #1999 Annotating local temp_file_name variable is simple than to annotate temp_file. Fixes #1999 Signed-off-by: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com> --- tuf/ngclient/updater.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tuf/ngclient/updater.py b/tuf/ngclient/updater.py index 8a4e77ce..af9f1a46 100644 --- a/tuf/ngclient/updater.py +++ b/tuf/ngclient/updater.py @@ -37,7 +37,7 @@ import os import shutil import tempfile -from typing import Any, Optional, Set +from typing import Optional, Set from urllib import parse from tuf.api import exceptions @@ -275,7 +275,7 @@ def _load_local_metadata(self, rolename: str) -> bytes: def _persist_metadata(self, rolename: str, data: bytes) -> None: """Write metadata to disk atomically to avoid data loss.""" - temp_file: Optional[tempfile._TemporaryFileWrapper[Any]] = None + temp_file_name: Optional[str] = None try: # encode the rolename to avoid issues with e.g. path separators encoded_name = parse.quote(rolename, "") @@ -283,14 +283,15 @@ def _persist_metadata(self, rolename: str, data: bytes) -> None: with tempfile.NamedTemporaryFile( dir=self._dir, delete=False ) as temp_file: + temp_file_name = temp_file.name temp_file.write(data) os.replace(temp_file.name, filename) except OSError as e: # remove tempfile if we managed to create one, # then let the exception happen - if temp_file is not None: + if temp_file_name is not None: try: - os.remove(temp_file.name) + os.remove(temp_file_name) except FileNotFoundError: pass raise e