mal-toolbox 0.3.0__tar.gz → 0.3.2__tar.gz

{mal_toolbox-0.3.0/mal_toolbox.egg-info → mal_toolbox-0.3.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.3.0
+Version: 0.3.2
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
 License: Apache Software License

{mal_toolbox-0.3.0 → mal_toolbox-0.3.2/mal_toolbox.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.3.0
+Version: 0.3.2
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
 License: Apache Software License

{mal_toolbox-0.3.0 → mal_toolbox-0.3.2}/maltoolbox/__init__.py

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v0.3.0
+# MAL Toolbox v0.3.2
 # Copyright 2024, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 
 __title__ = "maltoolbox"
-__version__ = "0.3.0"
+__version__ = "0.3.2"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",

{mal_toolbox-0.3.0 → mal_toolbox-0.3.2}/maltoolbox/attackgraph/analyzers/apriori.py

@@ -178,11 +178,19 @@ def prune_unviable_and_unnecessary_nodes(graph: AttackGraph) -> None:
     graph       - the attack graph for which we wish to remove the
                   the nodes which are not viable or necessary.
     """
-    logger.debug('Prune unviable and unnecessary nodes from the attack graph.')
+    logger.debug(
+        'Prune unviable and unnecessary nodes from the attack graph.')
+
+    nodes_to_remove = set()
     for node in graph.nodes.values():
-        if (node.type == 'or' or node.type == 'and') and \
+        if node.type in ('or', 'and') and \
             (not node.is_viable or not node.is_necessary):
-            graph.remove_node(node)
+            nodes_to_remove.add(node)
+
+    # Do the removal separatly so we don't remove
+    # nodes from a set we are looping over
+    for node in nodes_to_remove:
+        graph.remove_node(node)
 
 
 def propagate_viability_from_unviable_node(

{mal_toolbox-0.3.0 → mal_toolbox-0.3.2}/maltoolbox/attackgraph/attackgraph.py

@@ -808,11 +808,16 @@ class AttackGraph():
         """
         if logger.isEnabledFor(logging.DEBUG):
             # Avoid running json.dumps when not in debug
-            logger.debug('Remove attacker "%s" with id:%d.',
-                attacker.name,
-                attacker.id)
-        for node in attacker.reached_attack_steps:
+            logger.debug(
+                'Remove attacker "%s" with id:%d.',
+                attacker.name, attacker.id
+            )
+
+        # Copy set - we can not remove elements from a set we are looping over
+        nodes_to_uncompromise = set(attacker.reached_attack_steps)
+        for node in nodes_to_uncompromise:
             attacker.undo_compromise(node)
+
         if not isinstance(attacker.id, int):
-            raise ValueError(f'Invalid attacker id.')
+            raise ValueError(f'Invalid attacker id: {attacker.id}')
         del self.attackers[attacker.id]

{mal_toolbox-0.3.0 → mal_toolbox-0.3.2}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "mal-toolbox"
-version = "0.3.0"
+version = "0.3.2"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },