search

forcedotcom / sfdx-scanner

MIT License
215 stars 49 forks source link

[BUG] InternalExecutionError #1562

Closed VikaYefimova closed 2 months ago

VikaYefimova commented 2 months ago

Have you tried to resolve this issue yourself first?

Yes

Bug Description

I run the command sf scanner run dfa --target ./force-app/ -c Security --format csv --outfile CodeAnalyzerDFA.csv. The next issue received

Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnexpectedException: ArrayLoadExpression{properties={FirstChild=false, BeginLine=75, DefiningType_CaseSafe=requestbriefingcontroller, LastChild=true, DefiningType=RequestBriefingController, EndLine=79, childIdx=1, BeginColumn=34}}: com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:761);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:737);com.salesforce.graph.vertex.ArrayLoadExpressionVertex.afterVisit(ArrayLoadExpressionVertex.java:58);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:536);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:523)

I tried to add / sfge-disable-stack ApexFlsViolationRule / but the issue still exist.

Output / Logs

sfge.log

Steps To Reproduce

  1. sf scanner run dfa --target ./force-app/ -c Security --format csv --outfile CodeAnalyzerDFA.csv
  2. open CodeAnalyzerDFA.csv file and check problems

Expected Behavior

Security issue exist or not, depends on scanner results

Operating System

MacOs Ventura 13.0

Salesforce CLI Version

@salesforce/cli/2.49.7 darwin-arm64 node-v18.20.4

Code Analyzer Plugin (@salesforce/sfdx-scanner) Version

@salesforce/sfdx-scanner 4.3.2 (4.3.2)

Java Version

openjdk 21.0.3 2024-04-16 LTS

Additional Context (Screenshots, Files, etc)

Source code in which issue occurs

Screenshot 2024-08-07 at 16 20 01

Workaround

No response

Urgency

Low

jag-j commented 2 months ago

We are consolidating these internal errors under a parent bug. We'll provide updates there once we prioritize and begin working on a fix. Thank you for bringing this to our attention!