search

forcedotcom / sfdx-scanner

MIT License
217 stars 49 forks source link

InternalExecutionError Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. #1386

Closed Kaushal1829 closed 5 months ago

Kaushal1829 commented 8 months ago

CodeAnalyzerDFA-Feb15a.csv

I have been facing this issue did not get any resolution please help someone:

Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnexpectedException: ArrayLoadExpression{properties={FirstChild=true, BeginLine=704, DefiningType_CaseSafe=visualizationscontroller, LastChild=true, DefiningType=VisualizationsController, EndLine=704, childIdx=0, BeginColumn=55}}: com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:761);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:737);com.salesforce.graph.vertex.ArrayLoadExpressionVertex.afterVisit(ArrayLoadExpressionVertex.java:58);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:536);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:523)

For reference, I am sharing one class and method where I am facing an internal execution error :

Facing the issue on below methods:

Especially can check in this method, private Date getStartDate() mentioned in error line 704 can see the below query

else if(String.valueOf(objectId.getSObjectType()) == LEADVAR){ returnStartDate = ((DateTime) [SELECT MIN(Response_Completed_Datec) FROM Survey_Response__c WHERE Lead_Idc = :objectId and Survey_Id__c = :surveyId][0].get('expr0')).date();

setAverageCountVisible getStartMonth getStartDay getStartYear validateFilter identifyAvailableTrends getSurveyConfig applyFilters getColorSet prepareChartsJSON getTimeTrendOptions QuarterData getSurveyList

public void applyFilters(){ if(this.validateFilter()){ //Validate input parameters before proceeding if(surveyId.equalsIgnoreCase(SURVEY_NONE)){ hasError = true; ApexPages.addMessage(new ApexPages.Message(ApexPages.Severity.INFO,Label.No +SPACE_STRING+ Label.data_available)); } else { //Set Response SOQL start and end filters sd = DateTime.newInstanceGMT(selectedStartDate, Time.newInstance(0,0,0,0)).addSeconds(-timeOffset/1000); ed = DateTime.newInstanceGMT(selectedEndDate.addDays(1), Time.newInstance(0,0,0,0)).addSeconds(-timeOffset/1000); numberOfResponses = 0; try{ survey = Selectors.getKMSurveyDetailsById(new Set{surveyId}, String.valueOf(objectId.getSObjectType()).toLowerCase()).get(surveyId);

                //Initialize KeyMetric model map to deafult values
                this.initializeKMModelMap();

                //Chart Calculations
                gaugeAndNoneTrendCalculations();
                timeTrendCalculations();

                //Call methods that forms chart's Data
                this.prepareChartsJSON();

                this.keyMetricModelList = getKeyMeticModelList();
                setAverageCountVisible();
            }
            catch(CustomException.FLSException ex){
                ApexPages.addMessage(new ApexPages.Message(ApexPages.Severity.FATAL,Label.FLS_CRUD_Error_Message));
                hasError = true;
            }
        }
    }
}
        for(Integer km : filteredKMModels){
            final KeyMetricModel keyMetricModelObj = keyMetricModelMap.get(km);
            String xValue = 'Q#QUARTER#-#YEAR#'
                .replace('#QUARTER#', String.valueOf(row.get(LABEL_QUARTER)))
                .replace('#YEAR#', String.valueOf(row.get(LABEL_YEAR)));
            String fieldLabel = AGGREGATE_TO_LABEL.get(AGG_AVG) + km;
            keyMetricModelObj.timeTrendMap.put(xValue, (Decimal) row.get(fieldLabel));
            keyMetricModelObj.timeTrendColorMap.put(xValue, getColorSet(km, (Decimal) row.get(fieldLabel)));
        }
    }
}

public void prepareChartsJSON()
{
    chartsMap = new Map<Integer, ChartModel>();
    try {

        //Check NoData And OutOfRange scenarios
        for (Integer i = 0; i < keyMetricModelMap.values().size(); i++) {
            KeyMetricModel kmModel = keyMetricModelMap.values()[i];

            this.setNoDataAndOutOfRange(kmModel.KeyMetricType);

            if(!kmModel.hasError && kmModel.order != NULL){
                chartsMap.put(kmModel.KeyMetricType, getChartModel(kmModel.KeyMetricType, kmModel.chartType));
            }
        }
        chartsJSON = JSON.serialize(chartsMap);
    }
    catch(Exception e){
        throw e;

public void QuarterData(){ Set filteredKMModels = filterKMModels(CHART_TYPE_BAR);

    //return if no valid charts found.
    if(filteredKMModels.isEmpty())
        return;

    //Getting Filtered Fields to Query
    Set<String> fieldsToQuery = getFieldsToQuery(filteredKMModels, new Set<String>{AGG_AVG, AGG_COUNT});

    //Query generation
    String query = populateQuery(QUERY_BAR_QUARTERLY, fieldsToQuery);

    //Generating structure for valid charts to store data
    Date tempDate = selectedStartDate.toStartOfMonth();
    while (selectedEndDate >= tempDate) {
        for(Integer km : filteredKMModels){
            final KeyMetricModel keyMetricModelObj = keyMetricModelMap.get(km);
            String xValue = 'Q#QUARTER#-#YEAR#'
                .replace('#QUARTER#', String.valueOf(MONTH_TO_QUARTER.get(tempDate.month())))
                .replace('#YEAR#', String.valueOf(tempDate.year()));
            keyMetricModelObj.timeTrendMap.put(xValue, null);
            keyMetricModelObj.timeTrendColorMap.put(xValue, '#ffffff');
        }
        tempDate = tempDate.addMonths(3);
    }

    //Fill Data
    this.numberOfResponses = 0;
    for(AggregateResult row : Database.query(query)){
        this.numberOfResponses += integer.valueOf(row.get(LABEL_COUNT_NAME));
        for(Integer km : filteredKMModels){
            final KeyMetricModel keyMetricModelObj = keyMetricModelMap.get(km);
            String xValue = 'Q#QUARTER#-#YEAR#'
                .replace('#QUARTER#', String.valueOf(row.get(LABEL_QUARTER)))
                .replace('#YEAR#', String.valueOf(row.get(LABEL_YEAR)));
            String fieldLabel = AGGREGATE_TO_LABEL.get(AGG_AVG) + km;
            keyMetricModelObj.timeTrendMap.put(xValue, (Decimal) row.get(fieldLabel));
            keyMetricModelObj.timeTrendColorMap.put(xValue, getColorSet(km, (Decimal) row.get(fieldLabel)));
        }
    }
}

private Date getStartDate() { Date returnStartDate = fetchStartDate(); if(returnStartDate == NULL_DATE) { try{ if(!SURVEY_NONE.equalsIgnoreCase(surveyId)){ if(String.valueOf(objectId.getSObjectType()) == ACCOUNTVAR){ returnStartDate = ((DateTime) [SELECT MIN(Response_Completed_Datec) FROM Survey_Responsec WHERE Accountc = :objectId and Survey_Idc = :surveyId][0].get('expr0')).date(); } else if(String.valueOf(objectId.getSObjectType()) == CONTACTVAR){ returnStartDate = ((DateTime) [SELECT MIN(Response_Completed_Datec) FROM Survey_Response__c WHERE Contact_Idc = :objectId and Survey_Idc = :surveyId][0].get('expr0')).date(); } else if(String.valueOf(objectId.getSObjectType()) == LEADVAR){ returnStartDate = ((DateTime) [SELECT MIN(Response_Completed_Datec) FROM Survey_Responsec WHERE Lead_Id__c = :objectId and Survey_Idc = :surveyId][0].get('expr0')).date(); } } } catch(NullPointerException ex){ //this exceptions occurs if no response is present for that survey //handled in ui - survey with no responses are not visible in picklist } } returnStartDate = returnStartDate == NULL_DATE ? Date.newInstance(2015,1,1) : returnStartDate; return returnStartDate;

}

Steps To Reproduce: I ran the following scanner: sf scanner run dfa --format=csv --outfile=CodeAnalyzerDFA-Feb15a.csv --target="./" --projectdir="./" --category="Security"

Desktop: Provide these details:

Operating System: Windows11 Code Analyzer version: v3.20.0 Salesforce CLI version: @salesforce/cli/2.30.8 win32-x64 node-v20.11.1 Additional Context:

Workaround: Tried to run the dfA scanner commend and got the issue like Unexpected exception only did not find the exact solution i have methods and class where got the issue. After running the code analyzer getting issues in 3 and 4 classes internal execution error
Urgency: High

johnbelosf commented 8 months ago

hi @Kaushal1829 - thanks for this. You need to use the "Report a Bug with scanner run dfa" to report issues related with Graph Engine. Can you please update this accordingly? Thank you.

Kaushal1829 commented 8 months ago

@johnbelosf I use the same "Report a Bug with scanner run dfa" to report issue related with Graph Engine

johnbelosf commented 8 months ago

@Kaushal1829 you need to follow the troubleshooting steps and then use the template provided

Kaushal1829 commented 8 months ago

@johnbelosf I have updated the scenario and troubleshooting steps did I miss something please let me know ill update

git2gus[bot] commented 8 months ago

Error while creating work item!

git2gus[bot] commented 8 months ago

Error while creating work item!

git2gus[bot] commented 8 months ago

This issue has been linked to a new work item: W-15246399

stephen-carter-at-sf commented 5 months ago

Marking this as a duplicate of https://github.com/forcedotcom/sfdx-scanner/issues/1497