Prevent access to missing metadata fields

sechkova · sechkova · commit cd60e8100a31 · 2021-05-13T12:48:18.000+03:00
Delegations are optional. Add checks to avoid accessing
'Delegations' object's members if its value is None.

Signed-off-by: Teodora Sechkova &lt;tsechkova@vmware.com&gt;
diff --git a/tuf/client_rework/metadata_wrapper.py b/tuf/client_rework/metadata_wrapper.py
@@ -158,20 +158,26 @@ def keys(self, role):
         TODO
         """
         keys = []
-        for delegation in self._meta.signed.delegations.roles:
-            if delegation.name == role:
-                for keyid in delegation.keyids:
-                    key_metadata = self._meta.signed.delegations.keys[keyid]
-                    key, dummy = format_metadata_to_key(key_metadata.to_dict())
-                    keys.append(key)
-            return keys
+        if self._meta.signed.delegations is not None:
+            for delegation in self._meta.signed.delegations.roles:
+                if delegation.name == role:
+                    for keyid in delegation.keyids:
+                        key_metadata = self._meta.signed.delegations.keys[keyid]
+                        key, dummy = format_metadata_to_key(
+                            key_metadata.to_dict()
+                        )
+                        keys.append(key)
+                return keys
+
+        return keys
 
     def threshold(self, role):
         """
         TODO
         """
-        for delegation in self._meta.signed.delegations.roles:
-            if delegation.name == role:
-                return delegation.threshold
+        if self._meta.signed.delegations is not None:
+            for delegation in self._meta.signed.delegations.roles:
+                if delegation.name == role:
+                    return delegation.threshold
 
         return None
diff --git a/tuf/client_rework/updater_rework.py b/tuf/client_rework/updater_rework.py
@@ -557,8 +557,9 @@ def _preorder_depth_first_walk(self, target_filepath) -> Dict:
 
             # And also decrement number of visited roles.
             number_of_delegations -= 1
-            delegations = role_metadata.delegations
-            child_roles = delegations.roles
+            child_roles = []
+            if role_metadata.delegations is not None:
+                child_roles = role_metadata.delegations.roles
 
             if target is None:
 
