search

presidentbeef / brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications
https://brakemanscanner.org/
Other
7.01k stars 734 forks source link

Did an update recently getting Sexp error #545

Closed chrisnicola closed 10 years ago

chrisnicola commented 10 years ago 
[Notice] Detected Rails 3 application
Loading scanner...
[Notice] Using Ruby 2.1.2. Please make sure this matches the one used to run your Rails application.
Processing application in /Users/chrisnicola/src/wealthbar
Processing configuration...
[Notice] Escaping HTML by default
Processing gems...
Processing initializers...
Processing libs...
Processing routes...
[Notice] Error while processing routes - assuming all public controller methods are actions.
Processing templates...
Processing data flow in templates...
Processing models...
Processing controllers...
Processing data flow in controllers...
Indexing call sites...
/Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/sexp_processor-4.4.4/lib/sexp_processor.rb:226:in `block in process': Result must be a Sexp, was NilClass:nil (SexpTypeError)
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/sexp_processor-4.4.4/lib/sexp_processor.rb:340:in `in_context'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/sexp_processor-4.4.4/lib/sexp_processor.rb:194:in `process'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/processors/lib/find_all_calls.rb:20:in `process_source'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:146:in `block in index_call_sites'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:76:in `block (4 levels) in each_method'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:71:in `each'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:71:in `block (3 levels) in each_method'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:70:in `each'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:70:in `block (2 levels) in each_method'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:69:in `each'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:69:in `block in each_method'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:68:in `each'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:68:in `each_method'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/tracker.rb:145:in `index_call_sites'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/scanner.rb:380:in `index_call_sites'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman/scanner.rb:78:in `process'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman.rb:255:in `scan'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/lib/brakeman.rb:55:in `run'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/brakeman-1.5.3/bin/brakeman:50:in `<top (required)>'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/bin/brakeman:23:in `load'
        from /Users/chrisnicola/.rbenv/versions/2.1.2/bin/brakeman:23:in `<main>'
presidentbeef commented 10 years ago

Hi Chris,

Sorry for the trouble. You appear to be running an ancient version of Brakeman (1.5.3 from April 2012) when the latest is 2.6.2. Try updating Brakeman and see if that helps.

chrisnicola commented 10 years ago

Thanks, sorry about that I should have seen that. I had two versions installed and that was breaking things for some reason. I'll fix that. I'm getting a new problem though. Brakeman brings in Haml as a dependency (so does dawn) and even though I have require: false in my Gemfile it is loading Haml with rails and that is throwing an error when I upgrade to Sass 3.3. I've posted the full details to SO I'd appreciate any help if you have any suggestions.

https://stackoverflow.com/questions/25584658/resolving-a-gemfile-dependency-conflict-with-cli-only-gem

chrisnicola commented 10 years ago

I'm so sorry, it was still me loading the old version. I added ~> 2.0 to my Gemfile and I'm all good now.

presidentbeef commented 10 years ago

No worries, glad you figured it out.