You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
From 23.2 release SSC will be supporting java 17.
We tried latest sarif plugin on latest SSC running on java 17.
When user is trying to upload *.sarif file, it is staying in "Processing" state for one hour(after one hour upload will be failed) and in plugin-framework.log there is a exception:
2023-08-02T10:31:38,733 | WARN | pool-13-thread-2 | InOnlyTask | 27 - com.fortify.plugin.camel - 23.2.0.0 | Message handling failed
java.lang.NoClassDefFoundError: Could not initialize class com.fortify.ssc.parser.sarif.domain.Artifact
at com.fortify.ssc.parser.sarif.domain.RunData.<init>(RunData.java:71) ~[?:?]
at com.fortify.ssc.parser.sarif.domain.RunData.parseRunData(RunData.java:87) ~[?:?]
at com.fortify.ssc.parser.sarif.parser.VulnerabilitiesParser.parseRun(VulnerabilitiesParser.java:88) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parse(AbstractStreamingJsonParser.java:178) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parseChildren(AbstractStreamingJsonParser.java:243) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parseArrayEntries(AbstractStreamingJsonParser.java:230) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parseObjectOrArrayChildren(AbstractStreamingJsonParser.java:207) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.lambda$addParentHandler$2(AbstractStreamingJsonParser.java:127) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parse(AbstractStreamingJsonParser.java:178) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parseChildren(AbstractStreamingJsonParser.java:243) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parseObjectProperties(AbstractStreamingJsonParser.java:219) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parseObjectOrArrayChildren(AbstractStreamingJsonParser.java:205) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.lambda$addParentHandler$2(AbstractStreamingJsonParser.java:127) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parse(AbstractStreamingJsonParser.java:178) ~[?:?]
at com.fortify.util.json.AbstractStreamingJsonParser.parse(AbstractStreamingJsonParser.java:156) ~[?:?]
at com.fortify.util.ssc.parser.json.AbstractScanDataStreamingJsonParser.parse(AbstractScanDataStreamingJsonParser.java:64) ~[?:?]
at com.fortify.util.ssc.parser.json.AbstractScanDataStreamingJsonParser.parse(AbstractScanDataStreamingJsonParser.java:52) ~[?:?]
at com.fortify.ssc.parser.sarif.parser.VulnerabilitiesParser.parse(VulnerabilitiesParser.java:67) ~[?:?]
at com.fortify.ssc.parser.sarif.SARIFParserPlugin.parseVulnerabilities(SARIFParserPlugin.java:51) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:568) ~[?:?]
at com.fortify.plugin.runtime.helpers.BundleUtils$PluginInvocationHandler.invoke(BundleUtils.java:200) ~[?:?]
at jdk.proxy13.$Proxy346.parseVulnerabilities(Unknown Source) ~[?:?]
at com.fortify.plugin.runtime.scanparser.internal.ScanParserServiceImpl.parseVulnerabilities(ScanParserServiceImpl.java:39) ~[?:?]
at com.fortify.plugin.camel.scanparser.internal.ScanParserMessageHandler.handleInRequest(ScanParserMessageHandler.java:96) ~[?:?]
at com.fortify.plugin.camel.scanparser.internal.ScanParserMessageHandler.handleInRequest(ScanParserMessageHandler.java:40) ~[?:?]
at com.fortify.plugin.camel.helpers.ExchangeProcessorRequest.handle(ExchangeProcessorRequest.java:38) ~[com.fortify.plugin.camel-23.2.0.0.jar:?]
at com.fortify.plugin.camel.helpers.InOnlyTask.run(InOnlyTask.java:35) [com.fortify.plugin.camel-23.2.0.0.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) [?:?]
at java.lang.Thread.run(Thread.java:833) [?:?]
Caused by: java.lang.ExceptionInInitializerError: Exception java.lang.reflect.InaccessibleObjectException: Unable to make field private volatile boolean java.security.PermissionCollection.readOnly accessible: module java.base does not "opens java.security" to unnamed module @6034146 [in thread "pool-13-thread-1"]
at java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:354) ~[?:?]
at java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297) ~[?:?]
at java.lang.reflect.Field.checkCanSetAccessible(Field.java:178) ~[?:?]
at java.lang.reflect.Field.setAccessible(Field.java:172) ~[?:?]
at org.mapdb.elsa.ElsaSerializerPojo$FieldInfo.<init>(ElsaSerializerPojo.java:247) ~[?:?]
at org.mapdb.elsa.ElsaSerializerPojo.makeClassInfo(ElsaSerializerPojo.java:297) ~[?:?]
at org.mapdb.elsa.ElsaClassInfoResolver$ArrayBased.<init>(ElsaClassInfoResolver.java:31) ~[?:?]
at org.mapdb.elsa.ElsaMaker.make(ElsaMaker.java:56) ~[?:?]
at com.fortify.util.mapdb.CustomSerializerElsa.<init>(CustomSerializerElsa.java:62) ~[?:?]
at com.fortify.ssc.parser.sarif.domain.Artifact.<clinit>(Artifact.java:37) ~[?:?]
... 33 more
The text was updated successfully, but these errors were encountered:
From 23.2 release SSC will be supporting java 17.
We tried latest sarif plugin on latest SSC running on java 17.
When user is trying to upload *.sarif file, it is staying in "Processing" state for one hour(after one hour upload will be failed) and in plugin-framework.log there is a exception:
The text was updated successfully, but these errors were encountered: