What happened:
Unable to send report from CLI to Manager API.
What you expected to happen:
Data being properly sent to Manager.
Command used:
horusec start -s="LOW, MEDIUM" -a TOKEN -u="http://localhost:8000"
Error in console:
ERRO[0162] [HORUSEC] something went wrong while sending analysis to horusec -> {"code":500,"status":"Internal Server Error","content":"{ERROR_HTTP} something went wrong, sorry for the inconvenience"}
How to reproduce it (as minimally and precisely as possible):
It seems that some special character have not been escaped before storing in DB (details column). See logs below.
Anything else we need to know?:
Web application has been installed using docker-compose.
What happened: Unable to send report from CLI to Manager API.
What you expected to happen: Data being properly sent to Manager.
Command used:
horusec start -s="LOW, MEDIUM" -a TOKEN -u="http://localhost:8000"
Error in console:
ERRO[0162] [HORUSEC] something went wrong while sending analysis to horusec -> {"code":500,"status":"Internal Server Error","content":"{ERROR_HTTP} something went wrong, sorry for the inconvenience"}
How to reproduce it (as minimally and precisely as possible): It seems that some special character have not been escaped before storing in DB (details column). See logs below.
Anything else we need to know?: Web application has been installed using docker-compose.
Environment:
Horusec version (use
horusec version
): v2.8.0Operating System: MacOS Sonoma 14.0 Docker Desktop 4.7.1 Engine 20.10.14 Compose 1.29.2
Logs horuszup/horusec-api:v2.18.0:
time="2023-10-20T16:43:43Z" level=info msg="service running on 8000 http port"
time="2023-10-20T16:47:09Z" level=info msg="Current Horusec-CLI version is: v2.8.0"
time="2023-10-20T16:47:09Z" level=error msg="{INTERNAL_SERVER_ERROR} ->" error="ERROR: invalid byte sequence for encoding \"UTF8\": 0x00 (SQLSTATE 22021)"
2023/10/20 16:47:09 /home/runner/go/pkg/mod/github.com/!zup!i!t/horusec-devkit@v1.0.21/pkg/services/database/database.go:139 ERROR: invalid byte sequence for encoding "UTF8": 0x00 (SQLSTATE 22021)
[0.959ms] [rows:0] INSERT INTO "vulnerabilities" ("vulnerability_id","line","column","confidence","file","code","details","security_tool","language","severity","type","commit_author","commit_email","commit_hash","commit_message","commit_date","vuln_hash") VALUES ('fa18ca1e-dd9a-4e8f-8e7f-f59aa1028ca6','429739','3033','MEDIUM','build/libs/thread-analytics-0.0.1-SNAPSHOT.jar','TwitterAutoConfiguration$TwitterConfigurerAdapter.classPKY|cJ�� ��l���_','(1/1) * Possible vulnerability detected: Twitter Client ID...