Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[4.8.0] SarifBugReporter causes IndexOutOfBoundsException #2632

Closed
ben-manes opened this issue Oct 15, 2023 · 1 comment · Fixed by #2649
Closed

[4.8.0] SarifBugReporter causes IndexOutOfBoundsException #2632

ben-manes opened this issue Oct 15, 2023 · 1 comment · Fixed by #2649
Assignees
@gtoison

Comments

@ben-manes
Copy link 

> Task :jcache:spotbugsMain
java.lang.IndexOutOfBoundsException: Index 1 out of bounds for length 1
        at java.base/jdk.internal.util.Preconditions.outOfBounds(Preconditions.java:64)
        at java.base/jdk.internal.util.Preconditions.outOfBoundsCheckIndex(Preconditions.java:70)
        at java.base/jdk.internal.util.Preconditions.checkIndex(Preconditions.java:248)
        at java.base/java.util.Objects.checkIndex(Objects.java:372)
        at java.base/java.util.ArrayList.get(ArrayList.java:459)
        at edu.umd.cs.findbugs.sarif.Placeholder.toArgument(Placeholder.java:31)
        at edu.umd.cs.findbugs.sarif.BugCollectionAnalyser.lambda$processResult$6(BugCollectionAnalyser.java:123)
        at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
        at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655)
        at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
        at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
        at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
        at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
        at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
        at edu.umd.cs.findbugs.sarif.BugCollectionAnalyser.processResult(BugCollectionAnalyser.java:124)
        at edu.umd.cs.findbugs.sarif.BugCollectionAnalyser.lambda$new$1(BugCollectionAnalyser.java:52)
        at java.base/java.lang.Iterable.forEach(Iterable.java:75)
        at edu.umd.cs.findbugs.sarif.BugCollectionAnalyser.<init>(BugCollectionAnalyser.java:46)
        at edu.umd.cs.findbugs.sarif.SarifBugReporter.processRuns(SarifBugReporter.java:54)
        at edu.umd.cs.findbugs.sarif.SarifBugReporter.finish(SarifBugReporter.java:41)
        at edu.umd.cs.findbugs.BugReportDispatcher.lambda$forEach$13(BugReportDispatcher.java:124)
        at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
        at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655)
        at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
        at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
        at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
        at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
        at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
        at edu.umd.cs.findbugs.BugReportDispatcher.forEach(BugReportDispatcher.java:129)
        at edu.umd.cs.findbugs.BugReportDispatcher.finish(BugReportDispatcher.java:43)
        at edu.umd.cs.findbugs.DelegatingBugReporter.finish(DelegatingBugReporter.java:89)
        at edu.umd.cs.findbugs.DelegatingBugReporter.finish(DelegatingBugReporter.java:89)
        at edu.umd.cs.findbugs.DelegatingBugReporter.finish(DelegatingBugReporter.java:89)
        at edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1165)
        at edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:309)
        at edu.umd.cs.findbugs.FindBugs.runMain(FindBugs.java:395)
        at edu.umd.cs.findbugs.FindBugs2.main(FindBugs2.java:1231)
@vladimirfx
Copy link

The report formed as malformed JSON:

{"version":"2.1.0","$schema":"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json","runs":[{

@gtoison gtoison self-assigned this Oct 17, 2023
gtoison added a commit to gtoison/spotbugs that referenced this issue Oct 17, 2023
@gtoison
test: case reproducing issue spotbugs#2632
c8bd40b 
When the bug description has a placeholder for a non-existent annotation
the sarif placeholder class causes a IndexOutOfBoundsException
@gtoison gtoison mentioned this issue Oct 17, 2023
Merged
hazendaz added a commit that referenced this issue Oct 17, 2023
@gtoison @hazendaz
Fix for IndexOutOfBoundsException in sarif placeholder (#2649)
bb2d705 
* test: case reproducing issue #2632

When the bug description has a placeholder for a non-existent annotation
the sarif placeholder class causes a IndexOutOfBoundsException

* apply spotless

* fix: handle the case for a non-existent annotation

edu.umd.cs.findbugs.FindBugsMessageFormat#format handles the case when
the bug description contains a place holder but the corresponding
annotation does not exist. Let the sarif placeholder handle this the
same way

* Updated the changelog

---------

Co-authored-by: Jeremy Landis <jeremylandis@hotmail.com>
@gtoison gtoison mentioned this issue Oct 24, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gtoison gtoison

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix for IndexOutOfBoundsException in sarif placeholder gtoison/spotbugs
3 participants
@ben-manes @vladimirfx @gtoison