Bug description
Solar appScreener has an option to export SARIF report, we tried to import it, but getting this stacktrace.
Steps to reproduce
Steps to reproduce the behavior:
Upload SARIF from Solar appScreener
Expected behavior
Importing works.
Deployment method(select with an X)
[ ] Docker Compose
[x] Kubernetes
[ ] GoDojo
Environment information
Operating System: official Docker based on Debian
DefectDojo version (see footer) or commit message: v. 2.23.1
Logs
ERROR [dojo.api_v2.exception_handler:32] cannot access local variable 'description' where it is not associated with a value
Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/rest_framework/views.py", line 506, in dispatch
response = handler(request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/rest_framework/mixins.py", line 19, in create
self.perform_create(serializer)
File "/app/dojo/api_v2/views.py", line 2302, in perform_create
serializer.save(push_to_jira=push_to_jira)
File "/app/dojo/api_v2/serializers.py", line 1674, in save
test, finding_count, closed_finding_count, test_import = importer.import_scan(scan, scan_type, engagement, lead, environment,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/app/dojo/importers/importer/importer.py", line 260, in import_scan
tests = parser.get_tests(scan_type, scan)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/app/dojo/tools/sarif/parser.py", line 47, in get_tests
test.findings = self.__get_items_from_run(run)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/app/dojo/tools/sarif/parser.py", line 59, in __get_items_from_run
item = get_item(result, rules, artifacts, run_date)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/app/dojo/tools/sarif/parser.py", line 333, in get_item
description=get_description(result, rule),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/app/dojo/tools/sarif/parser.py", line 239, in get_description
description += get_codeFlowsDescription(result['codeFlows'])
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/app/dojo/tools/sarif/parser.py", line 214, in get_codeFlowsDescription
return description
^^^^^^^^^^^
Bug description Solar appScreener has an option to export SARIF report, we tried to import it, but getting this stacktrace.
Steps to reproduce Steps to reproduce the behavior:
Expected behavior Importing works.
Deployment method (select with an
X
)Environment information
Logs
Probable problem: