You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using the LSP interface with Eclipse the findingDescription.json isn't fully loaded and parsed, before it's used.
Here is an excerpt from a log file:
19:16:20,710 INFO AnalysisServer Registering builtin de.fraunhofer.aisec.codyze.crymlin.builtin.SplitDisjoint
//...
19:16:21,143 INFO AnalysisServer LSP server started
19:16:21,144 INFO AnalysisServer Parsing MARK files in /opt/codyze/mark
19:16:21,642 INFO CpgDocumentService Handling didOpen for file: file:///home/aisec/dev/ews-2021-06-codyze/Java-Demo/src/de/frauhofer/aisec/codyze/demo/Main.java
19:16:21,643 DEBUG CpgDocumentService Starting analysis of file file:///home/aisec/dev/ews-2021-06-codyze/Java-Demo/src/de/frauhofer/aisec/codyze/demo/Main.java
19:16:21,644 DEBUG CpgDocumentService Really starting analysis of file file:///home/aisec/dev/ews-2021-06-codyze/Java-Demo/src/de/frauhofer/aisec/codyze/demo/Main.java
// ...
19:16:23,503 INFO AnalysisServer Loading MARK from directory /opt/codyze/mark
19:16:23,527 INFO AnalysisServer Loading MARK file /opt/codyze/mark/bouncycastle/KeyGenerator.mark
// ...
19:16:25,970 INFO AnalysisServer Loaded 60 entities and 40 rules.
19:16:25,971 INFO FindingDescription Parsing MARK description file from /opt/codyze/mark/findingDescription.json
//...
19:16:26,854 INFO Evaluator Got 8 findings in analysis context: [Rule ID_4_01 verified, Rule ID_2_1_2_3_01 violated, Rule ID_2_1_3_01 verified, Rule ID_2_01 verified, Rule BouncyCastleProvider_MessageDigest violated, Rule BouncyCastleProvider_SecureRandom violated, Rule ID_2_1_01 verified, Rule BouncyCastleProvider_Cipher violated]
19:16:26,855 INFO CpgDocumentService Analysis for file:///home/aisec/dev/ews-2021-06-codyze/Java-Demo/src/de/frauhofer/aisec/codyze/demo/Main.java done. Returning 8 findings.
19:16:26,856 INFO CpgDocumentService Finding short description: null
19:16:26,857 INFO CpgDocumentService Finding short description: null
19:16:26,857 INFO CpgDocumentService Finding short description: null
19:16:26,857 INFO CpgDocumentService Finding short description: null
19:16:26,857 INFO CpgDocumentService Finding short description: null
19:16:26,857 INFO CpgDocumentService Finding short description: null
19:16:27,415 INFO FindingDescription Loaded 68 description(s)
19:16:27,415 DEBUG FindingDescription Descriptions:
{InvalidProvider_AlgorithmParameterGenerator=de.fraunhofer.aisec.codyze.analysis.FindingDescription$FindingDescriptionItem@63b2418e, /* ... */}
Seemingly, the CpgDocumentService access the finding descriptions before they are fully parsed and available through FindingDescription. This method
When using the LSP interface with Eclipse the
findingDescription.json
isn't fully loaded and parsed, before it's used.Here is an excerpt from a log file:
Seemingly, the
CpgDocumentService
access the finding descriptions before they are fully parsed and available throughFindingDescription
. This methodcodyze/src/main/java/de/fraunhofer/aisec/codyze/analysis/FindingDescription.kt
Line 47 in ec0dd43
appears to finish evaluation too late.
This might be caused by some threaded execution and insufficent synchronisation.
The text was updated successfully, but these errors were encountered: