Skip to content

fix(injection_detection): clear error when inline yara_rules miss a requested name#2147

Closed
WatchTree-19 wants to merge 1 commit into
NVIDIA-NeMo:developfrom
WatchTree-19:fix-injection-detection-missing-rule-keyerror
Closed

fix(injection_detection): clear error when inline yara_rules miss a requested name#2147
WatchTree-19 wants to merge 1 commit into
NVIDIA-NeMo:developfrom
WatchTree-19:fix-injection-detection-missing-rule-keyerror

Conversation

@WatchTree-19

Copy link
Copy Markdown

problem

_load_rules in nemoguardrails/library/injection_detection/actions.py crashes with an opaque KeyError when injection detection is configured with inline yara_rules and the injections list names a rule that isn't in those inline rules (e.g. mixing a built-in name like sqli with an inline custom rule, or a typo):

rules_source = {name: rule for name, rule in yara_rules.items() if name in rule_names}   # intersection
rules = yara.compile(sources={rule_name: rules_source[rule_name] for rule_name in rule_names})  # indexes ALL names -> KeyError

neither _validate_injection_config nor _extract_injection_config catches this (name validation is skipped when inline rules are used), so the guardrail dies with KeyError: 'sqli' instead of a clear config error.

repro

from pathlib import Path
from nemoguardrails.library.injection_detection.actions import _load_rules
_load_rules(Path("."), ("sqli", "custom_rule"),
            {"custom_rule": 'rule custom_rule { strings: $a = "foo" condition: $a }'})
# KeyError: 'sqli'

fix

validate up front and raise a clear, actionable ValueError listing the missing names (fail-closed, mirroring the ValueError the yara_path branch already raises for unknown rules), then compile directly since every name is now guaranteed present.

test

added test_inline_yara_rules_missing_injection_name_raises_value_error (mirrors test_load_inline_yara_rules). fails on develop (KeyError), passes with the fix; full test_injection_detection.py 32 pass, ruff clean.

found by reading the code. (a maintainer could alternatively hoist the check into _extract_injection_config next to the existing yara_path name validation for earlier failure - happy to move it.)

@github-actions github-actions Bot added needs: signing status: needs triage New issues that have not yet been reviewed or categorized. size: S labels Jul 8, 2026
@WatchTree-19

Copy link
Copy Markdown
Author

thanks for the review! one note on the signature check: the commit is DCO signed-off (-s) but not GPG/SSH signed - i don't currently have commit signing set up on this account. would a squash-merge work on your end (github signs the squash commit, which should satisfy the require-signed-commits check), or do you need a signed commit on the branch? happy to sort it whichever way is easiest for you.

… requested name

_load_rules built the compile sources by indexing yara_rules for every
requested name, so a name not present inline raised an opaque KeyError.
Validate up front and raise a clear ValueError (fail-closed). +test.

Signed-off-by: WatchTree-19 <119982314+WatchTree-19@users.noreply.github.com>
@WatchTree-19
WatchTree-19 force-pushed the fix-injection-detection-missing-rule-keyerror branch from b8fe2a3 to 38752a3 Compare July 13, 2026 17:48
@Pouyanpi Pouyanpi added the status: contribution workflow violation PR does not meet the required workflow in CONTRIBUTING.md. label Jul 14, 2026
@github-actions

Copy link
Copy Markdown
Contributor

@WatchTree-19, this PR is being closed because it was opened before completing the required contribution workflow. Every PR must link to a triaged issue assigned to the PR author; this PR does not link to such an issue.

The PR description must also use our current template, including the Related Issue, Verification, and AI Assistance sections. If AI tools substantially assisted with the contribution, disclose the tool and extent of assistance. The human contributor must review, verify, understand, and take responsibility for every submitted change. If no AI tools were used, select that option in the template.

Before submitting another PR:

  1. Search for an existing issue or manually open one using the appropriate issue template.
  2. Wait for a maintainer to triage the issue and assign it to you.
  3. After assignment, open a new PR from develop using the complete PR template, a Conventional Commit-style title, and the documented validation commands.

Please do not reopen this PR. You’re welcome to submit a new one after completing the workflow.

See CONTRIBUTING.md and AI_POLICY.md.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size: S status: contribution workflow violation PR does not meet the required workflow in CONTRIBUTING.md. status: needs triage New issues that have not yet been reviewed or categorized.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants