search

vaadin / appsec-kit

Other
1 stars 0 forks source link

NPE when running appsec-kit in Vaadin 8.21.0 project #93

Closed TatuLund closed 11 months ago

TatuLund commented 1 year ago 
SEVERE: 
java.lang.NullPointerException: Cannot invoke "java.util.List.stream()" because the return value of "com.vaadin.appsec.backend.model.osv.response.OpenSourceVulnerability.getSeverity()" is null
    at com.vaadin.appsec.backend.AppSecDTOProvider.findScoreIfHigher(AppSecDTOProvider.java:159)
    at com.vaadin.appsec.backend.AppSecDTOProvider.updateVulnerabilityStatistics(AppSecDTOProvider.java:133)
    at com.vaadin.appsec.backend.AppSecDTOProvider.lambda$getDependencies$0(AppSecDTOProvider.java:58)
    at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
    at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1625)
    at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509)
    at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499)
    at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:921)
    at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
    at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:682)
    at com.vaadin.appsec.backend.AppSecDTOProvider.getDependencies(AppSecDTOProvider.java:61)
    at com.vaadin.appsec.backend.AppSecDTOProvider.getVulnerabilities(AppSecDTOProvider.java:65)
    at com.vaadin.appsec.backend.AppSecService.getVulnerabilities(AppSecService.java:245)
    at com.vaadin.appsec.v8.ui.content.VulnerabilitiesTab.refresh(VulnerabilitiesTab.java:154)
    at com.vaadin.appsec.v8.ui.content.MainView.lambda$buildLayout$ba8aefab$1(MainView.java:81)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    at com.vaadin.event.ListenerMethod.receiveEvent(ListenerMethod.java:699)
    at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:392)
    at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:356)
    at com.vaadin.server.AbstractClientConnector.fireEvent(AbstractClientConnector.java:1185)
    at com.vaadin.ui.TabSheet.fireSelectedTabChange(TabSheet.java:912)
    at com.vaadin.ui.TabSheet.addTab(TabSheet.java:387)
    at com.vaadin.ui.TabSheet.addTab(TabSheet.java:342)
    at com.vaadin.ui.TabSheet.addTab(TabSheet.java:318)
    at com.vaadin.appsec.v8.ui.content.MainView.buildLayout(MainView.java:88)
    at com.vaadin.appsec.v8.ui.content.MainView.<init>(MainView.java:49)
    at com.vaadin.appsec.v8.ui.AppSecUI.buildLayout(AppSecUI.java:35)
    at com.vaadin.appsec.v8.ui.AppSecUI.init(AppSecUI.java:44)
    at com.vaadin.ui.UI.doInit(UI.java:792)
    at com.vaadin.server.communication.UIInitHandler.getBrowserDetailsUI(UIInitHandler.java:228)
    at com.vaadin.server.communication.UIInitHandler.synchronizedHandleRequest(UIInitHandler.java:86)
    at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:33)
    at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1658)
    at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:457)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
    at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:760)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617)
    at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:226)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604)
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:590)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1607)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485)
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1577)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
    at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:221)
    at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
    at org.eclipse.jetty.server.Server.handle(Server.java:500)
    at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383)
    at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547)
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375)
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
    at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129)
    at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938)
    at java.base/java.lang.Thread.run(Thread.java:833)
tamasmak commented 1 year ago

This is the same issue as reported in #79. The fix is already there in #80 and will be included in the next release.

heruan commented 11 months ago

Fixed in #80