The application crashes when scanning a file #4453
Labels
bug
Something isn't working
Comments
|
Sounds like a bug in the java parser. I'm not completely surprised; we could really use some help making better test cases for java because it feels like there's a lot of behaviours we haven't captured very well yet. Did you want to submit your fix as a pull request so it could be integrated? |
|
@uh3tay The Java parser is very simple and assumes that the pom file is valid. Can you provide the pom file which results in the crash? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
cvebintool.zip
Description
Hello!
When scanning the application, the analysis will reach the file "rootpom.xml" and causes the <<AttributeError" to fail:' NoneType ' object has no attribute 'text'>>. The application started with the line "cve-bin-tool ./my-app-path |to err.log". Attachments: "error" - output to the console, rootpom.xml - file causing the crash, java.py - my temporary solution(lines 84-95). To understand what's going on, I modified the java.py , for output of filename and types root.find (schema + "artifactId") AND root.find(schema + "version").
To reproduce
Steps to reproduce the behaviour:
0. Activate VENV: oldscool-cvebintool/bin/activate
Expected behaviour:
Actual behaviour:
Version/platform info
Version of CVE-bin-tool: 3.3
Installed from pypi.
Operating system: Ubuntu 24.04.1 (Linux 6.8.0-44-generic #44-Ubuntu SMP PREEMPT_DYNAMIC)
Python version: python 3.12.3
Running in any particular CI environment we should know about? run into VENV
The text was updated successfully, but these errors were encountered: