can we further specify the count function #59
Labels
Discussion
General discussion threads.
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@djhaynes commented on Mon Aug 19 2013
There was a question on the oval-developer-list that asked about whether or not
the count function should evaluate to 0 when it contains components that do not
exist or should it evaluate to error. Please see the following
oval-developer-list post for more information.
http://making-security-measurable.1364806.n2.nabble.com/count-function-against-component-evaluating-to-zero-values-tp7304434p7304434.html
Having the count function evaluate to 0 in this case makes sense, however, it
conflicts with current documentation of the object_component which states:
"The referenced OVAL Object specifies a set of OVAL Items to collect. Note
that an OVAL Object might identify 0, 1, or many OVAL Items on a system. If no
items are found on the system then an error should be reported when
determining the value of an ObjectComponentType..."
Can we safely remove this documentation from the object_component? Can we
update the count function to evaluate to 0?
@djhaynes commented on Mon Aug 19 2013
We should also review the other functions to ensure that each is correctly specified regarding errors.
@chisholm commented on Wed Sep 04 2013
I wouldn't say this is a conflict, in the sense that the documented behavior of object_component and the count function contradict each other and are therefore impossible to implement. It just implies counterintuitive behavior when they're used together.
I think we need one behavior for object_component, not a conditional one that depends on whether it's used inside a count function. And it sounds like that behavior should allow for an empty sequence of values. Which means we need to ensure all containing functions and variables make sense with an empty sequence.
Secondly, the referenced thread brought up an ambiguity with the existing object_component documentation: is it an error if the referenced item field doesn't exist on all referenced items, or only if it can't exist?
We should be explicit that zero is a legal count function value. But despite the title of this tracker, it seems like the larger issues are with object_component.
@chisholm commented on Thu Sep 05 2013
If object_component can yield zero values, it implies that local_variable can have zero values (if it has one object_component with zero values). So why not also allow a local_variable with no components? And for consistency's sake, a constant_variable with no values? It is inconsistent and an ugly design to allow a variable with no values, but only in one peculiar way... so I think we should just make the decision to allow it in general. What do you think?
@solind commented on Wed Aug 31 2016
AFAIK, pretty much everyone writing content understands that object_components whose objects don't exist generate errors. So, I'll push this one out the 5.12 in case anyone wants to re-evaluate it then.
The text was updated successfully, but these errors were encountered: