KeyError: 'port'

[qlkwej]

When I install fb-sapp from Pypi and analyze the output it returns the following error.

sapp -v "DEBUG" --tool=mariana-trench analyze .
/usr/local/lib/python3.9/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship Run.issue_instances to refer to viewonly relationship IssueInstance.run should include sync_backref=False set on the Run.issue_instances relationship.  (this warning may be suppressed after 10 occurrences)
  util.warn_limited(
/usr/local/lib/python3.9/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship IssueInstance.run to refer to viewonly relationship Run.issue_instances should include sync_backref=False set on the IssueInstance.run relationship.  (this warning may be suppressed after 10 occurrences)
  util.warn_limited(
2022-08-23 11:00:16,264 [DEBUG] Context: Context(database=<sapp.db.DB object at 0x1121fa1c0>, parser_class=<class 'sapp.pipeline.mariana_trench_parser_v2.Parser'>, repository='/Volumes/Samsung_T5/2. Lab Project/SAST-Mobile/Android-InsecureBankv2', ipython_extensions=[], tool='mariana-trench')
2022-08-23 11:00:16,269 [INFO] Parsing analysis output...
Traceback (most recent call last):
  File "/usr/local/bin/sapp", line 8, in <module>
    sys.exit(cli())
  File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/local/lib/python3.9/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/usr/local/lib/python3.9/site-packages/click/decorators.py", line 84, in new_func
    return ctx.invoke(f, obj, *args, **kwargs)
  File "/usr/local/lib/python3.9/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/usr/local/lib/python3.9/site-packages/sapp/cli_lib.py", line 206, in analyze
    pipeline.run(analysis_output, summary_blob)
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/__init__.py", line 365, in run
    next_input, summary = step.run(next_input, summary)
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 235, in run
    self.analysis_output_to_dict_entries(
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 187, in analysis_output_to_dict_entries
    for typ, key, e in self._analysis_output_to_parsed_tuples(inputfile):
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 136, in _analysis_output_to_parsed_tuples
    for e in entries:
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser_v2.py", line 468, in parse
    yield from self.parse_handle(handle)
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser_v2.py", line 482, in parse_handle
    for precondition in self._parse_preconditions(model):
  File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser_v2.py", line 764, in _parse_condition
    port=Port.from_json(leaf_model["port"], leaf_kind),
KeyError: 'port'

The temporary solution is to use the previous version pip install fb-sapp==0.5.2

Instead of using the latest version pip install fb-sapp==0.5.3 released on Aug 19, 2022

[abishekvashok]

What version of MT are you using @qlkwej ?

[qlkwej]

Should be the latest one mariana-trench 1.0.2 @abishekvashok Another workaround I do is to provide a dummy sapp.db before the analysis.

And it's a bit weird, though sometimes it works, and sometimes it doesn't.

Use case 1:

• When I execute MT, and after that, analyze the output using sapp immediately (using bash), on the first try it will crash.
• But it works when I manually do it one by one (type in terminal).

Use case 2:

• When I execute MT, and after that, analyze the output using sapp immediately (using bash), on the first try it will crash.
• Wait a couple of minutes, and re-run the script. It works.

Use case 3:

• When I execute MT, and after that, analyze the output using sapp immediately (using bash), on the first try it will crash.
• After the crash, it creates a dummy sapp.db. So I used it before the sapp analysis. And now it works without crashing.

Feel free to close the issue if you can't reproduce the issue. Thanks!

[0xedward]

Hey @qlkwej!

Should be the latest one mariana-trench 1.0.2

That's strange since my earlier guess at what may be happening is the json output from MT you are using for sapp analyze was created using a older version of MT, since we recently updated the MT output parser in sapp, which removed support for reading older versions of outputs from MT (see e484f216f7d95f8e33e1d1fa3586a18fa53552e3). As far as I'm aware, that should be only functional change from fb-sapp 0.5.2 to 0.5.3 related to the port key in MT's output

But the issue you are describing seems to only happen when sapp analyze is called the first time

cc @yuhshin-oss who likely has the most context on this

[dianavintila]

Hi! This is a problem that I had also when I tried to use Mariana Trench with version fb_sapp-0.5.4.dist-info. The solution was to downgrade sapp: pip uninstall fb-sapp pip install -Iv fb-sapp==0.5.2

[a-huk]

Still the same issue, if I try the fix suggested by @dianavintila, I get : ImportError: cannot import name 'GraphQLResolveInfo' from 'graphql' (/home/hukad/.venvs/mariana-trench/lib/python3.8/site-packages/graphql/__init__.py)