search

tuhh-softsec / code2DFD

Tool for the automatic extraction of dataflow diagrams from source code of microservices
Other
3 stars 4 forks source link

`External_component` type duplicated in JSON string #8

Open bakhtos opened 2 hours ago

bakhtos commented 2 hours ago

When testing out the current version of the package with the default config file (i.e. analyzing apssouza22/java-microservice), I noticed that logstash external entity has its type duplicated in json_architecture output, but not the github-repository component:

 "external_components": [
        {
            "name": "github-repository",
            "type": "external_component",
            "stereotype_instances": [
                "github_repository",
                "entrypoint"
            ],
            "tagged_values": [
                [
                    "URL",
                    "https://github.com/apssouza22/java-microservice"
                ]
            ]
        },
        {
            "name": "logstash",
            "type": "external_componentexternal_component",
            "stereotype_instances": [
                "logging_server",
                "exitpoint"
            ],
            "tagged_values": [
                [
                    "Logging Server",
                    "Logstash"
                ],
                [
                    "Port",
                    5044
                ]
            ]
        }
    ]

In the Logstash detector itself, the type string is clearly assigned and not concatenated, so I am not sure where the bug is. https://github.com/tuhh-softsec/code2DFD/blob/52c30e35cef78e3675213c3c11e405d3545a8f71/technology_specific_extractors/logstash/log_entry.py#L74

bakhtos commented 1 hour ago

This is not a big issue since all the external components are given in the external_components dict, so checking a type of specific component is not necessary when parsing this JSON file, but still, there is a bug hidden somewhere.