- Revenera Community
- :
- Code Insight
- :
- Code Insight Forum
- :
- Scan fail since last electronic update
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Scan fail since last electronic update
We use Flexnet Codeinsight 2018 R4 since te last update the scans Fail due to missing CVE id's.
When pushing scanns from jenkins with the pipeline-plugin the scan fails with exception:
15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2017-14062 java.lang.Exception: No CVE for id CVE-2017-14062 at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420) at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237) at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125) at com.flexnet.codeaware.lucene.T2.run(T2.java:68) at java.lang.Thread.run(Thread.java:745) 15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2013-3249 java.lang.Exception: No CVE for id CVE-2013-3249 at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420) at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237) at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125) at com.flexnet.codeaware.lucene.T2.run(T2.java:68) at java.lang.Thread.run(Thread.java:745) 15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2017-7320 java.lang.Exception: No CVE for id CVE-2017-7320 at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420) at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237) at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125) at com.flexnet.codeaware.lucene.T2.run(T2.java:68) at java.lang.Thread.run(Thread.java:745) 15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2017-7322 java.lang.Exception: No CVE for id CVE-2017-7322 at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420) at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237) at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125) at com.flexnet.codeaware.lucene.T2.run(T2.java:68) at java.lang.Thread.run(Thread.java:745) 15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2012-4024
and so on... unti at the end it has following exception:
15:46:08 INFO c.f.c.c.l.RangeCpeStreamer Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption java.lang.Exception: Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.indexLine(SearchCVEComponent.java:189) at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.access$100(SearchCVEComponent.java:46) at com.flexnet.codeaware.cve.lucene.SearchCVEComponent$T1.run(SearchCVEComponent.java:345) at java.lang.Thread.run(Thread.java:745) 15:46:08 INFO c.f.c.c.l.RangeCpeStreamer Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political java.lang.Exception: Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.indexLine(SearchCVEComponent.java:189) at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.access$100(SearchCVEComponent.java:46) at com.flexnet.codeaware.cve.lucene.SearchCVEComponent$T1.run(SearchCVEComponent.java:345) at java.lang.Thread.run(Thread.java:745) Failed to complete scan. java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.flexnet.codeinsight.plugins.agent.ScanExecutor.scanCodebase(ScanExecutor.java:171) at com.flexnet.codeinsight.plugins.codeinsight_plugin.DistributedPipelineExecutor.call(DistributedPipelineExecutor.java:73) at com.flexnet.codeinsight.plugins.codeinsight_plugin.DistributedPipelineExecutor.call(DistributedPipelineExecutor.java:21) at hudson.remoting.LocalChannel.call(LocalChannel.java:45) at com.flexnet.codeinsight.plugins.codeinsight_plugin.CodeinsightPluginStep$CodeinsightPluginStepExecution.run(CodeinsightPluginStep.java:231) at com.flexnet.codeinsight.plugins.codeinsight_plugin.CodeinsightPluginStep$CodeinsightPluginStepExecution.run(CodeinsightPluginStep.java:149) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47) at hudson.security.ACL.impersonate(ACL.java:290) at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.NullPointerException at java.util.Hashtable.put(Hashtable.java:459) at com.flexnet.codeaware.cve.CVEIndexer2.build(CVEIndexer2.java:249) at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.appendCVEsIfFound(SearchCVEAnalyzer.java:265) at com.flexnet.codeaware.AnalysisDriver.analyze(AnalysisDriver.java:198) at com.flexnet.codeaware.AnalysisDriver.analyze(AnalysisDriver.java:148) at com.flexnet.codeaware.embedded.EmbeddedScanner.scan(EmbeddedScanner.java:64) ... 18 more Scan results : FAILURE
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hello @adbuch
I am from FNCI engineering. Sorry about your scan failure.
We are reviewing your issue and would revert back to you at the earliest (with in a day).
Regards
-Nitin Agrawal
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
The issue is due to new NVD feed which came around 17th/18th of october.
2018 R4 plugin scans are failing due to this.
We recommend to migrate to latest build 2019 R3 and corresponding latest plugins (Flexnet Codeinsight 2019 R1 Plugins).
In this build we have a workable solution to go ahead.
Plugin scans would work fine in the latest release.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
I'm seeing the same issue with "FlexNet Code Insight 2019 R3 (Build 93)"
Log files can be found under "Case# 01938593"
Thanks,
2019-10-29 17:48:00 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.RangeCpeStreamer - No CVE for id CVE-2010-1449
java.lang.Exception: No CVE for id CVE-2010-1449
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.getFields(SearchCVEAnalyzer.java:345)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.indexFile(SearchCVEAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:748)
2019-10-29 17:48:00 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.RangeCpeStreamer - No CVE for id CVE-2009-4134
java.lang.Exception: No CVE for id CVE-2009-4134
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.getFields(SearchCVEAnalyzer.java:345)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.indexFile(SearchCVEAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:748)
2019-10-29 17:48:00 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.RangeCpeStreamer - No CVE for id CVE-2010-5278
java.lang.Exception: No CVE for id CVE-2010-5278
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.getFields(SearchCVEAnalyzer.java:345)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.indexFile(SearchCVEAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:748)
2019-10-29 17:48:00 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.SearchCVEVendor - Created index /opt/palamida/CodeInsight/config/.codeaware/cves/vendor_index, 21302 files indexed, 0 not indexed, 0 files had exceptions, 4 threads
2019-10-29 17:48:01 [Thread-75] WARN c.f.c.cve.lucene.SearchCVEComponent - Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political
2019-10-29 17:48:01 [Thread-77] WARN c.f.c.cve.lucene.SearchCVEComponent - Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption
2019-10-29 17:48:01 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.SearchCVEComponent - Created index /opt/palamida/CodeInsight/config/.codeaware/cves/component_index, 65513 files indexed, 2 not indexed, 2 files had exceptions, 8 threads
2019-10-29 17:48:01 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.RangeCpeStreamer - Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political
java.lang.Exception: Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.indexLine(SearchCVEComponent.java:189)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.access$100(SearchCVEComponent.java:46)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent$T1.run(SearchCVEComponent.java:345)
at java.lang.Thread.run(Thread.java:748)
2019-10-29 17:48:01 [http-nio-8888-exec-8] INFO c.f.c.cve.lucene.RangeCpeStreamer - Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption
java.lang.Exception: Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.indexLine(SearchCVEComponent.java:189)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.access$100(SearchCVEComponent.java:46)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent$T1.run(SearchCVEComponent.java:345)
at java.lang.Thread.run(Thread.java:748)
2019-10-29 17:48:01 [http-nio-8888-exec-8] ERROR c.f.codeaware.spring.AnalysisService - Error creating CVE indexes:
java.lang.NullPointerException: null
at java.util.Hashtable.put(Hashtable.java:460)
at com.flexnet.codeaware.cve.CVEIndexer2.build(CVEIndexer2.java:266)
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.createCVEIndexes(SearchCVEAnalyzer.java:100)
at com.flexnet.codeaware.AnalysisDriver.createCVEIndexes(AnalysisDriver.java:113)
at com.flexnet.codeaware.spring.AnalysisService.createCVEIndexes(AnalysisService.java:281)
at com.flexnet.codeaware.spring.AnalysisController.createCVEIndexes(AnalysisController.java:280)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:849)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:760)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:103)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130)
at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:660)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
2019-10-29 17:48:01 [http-nio-8888-exec-8] ERROR c.f.c.spring.AnalysisController - Failed indexing CVEs
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hi,
Could you please confirm whether you are using latest plugins build, post migrating FNCI to 2019 R3 (Build 93).
The Plugins build you should be using is latest plugins Flexnet Codeinsight 2019 R1 Plugins.