fosstars-rating-core icon indicating copy to clipboard operation
fosstars-rating-core copied to clipboard

Published 20 hours ago verified publisher icon SAP

OWASP Dependency check throws a Null Pointer Exception

Open sourabhsparkala opened this issue 2 years ago • 0 comments

Sometimes when the NVD json download fails as a prestep for OWASP dependency check. A null pointer exception is thrown

[!] Holy Moly, VulnerabilitiesFromOwaspDependencyCheck data provider failed!
[!] The last thing that it said was
java.lang.NullPointerException
	at org.owasp.dependencycheck.Engine.writeReports(Engine.java:1189)
	at org.owasp.dependencycheck.Engine.writeReports(Engine.java:1143)
	at com.sap.oss.phosphor.fosstars.data.artifact.VulnerabilitiesFromOwaspDependencyCheck.process(VulnerabilitiesFromOwaspDependencyCheck.java:224)
	at com.sap.oss.phosphor.fosstars.data.artifact.VulnerabilitiesFromOwaspDependencyCheck.scan(VulnerabilitiesFromOwaspDependencyCheck.java:247)
	at com.sap.oss.phosphor.fosstars.data.artifact.VulnerabilitiesFromOwaspDependencyCheck.update(VulnerabilitiesFromOwaspDependencyCheck.java:156)
	at com.sap.oss.phosphor.fosstars.data.artifact.VulnerabilitiesFromOwaspDependencyCheck.update(VulnerabilitiesFromOwaspDependencyCheck.java:63)
	at com.sap.oss.phosphor.fosstars.tool.SingleRatingCalculator.calculateFor(SingleRatingCalculator.java:133)
	at com.sap.oss.phosphor.fosstars.tool.OssArtifactSecurityRatingHandler.processGav(OssArtifactSecurityRatingHandler.java:70)
	at com.sap.oss.phosphor.fosstars.tool.OssArtifactSecurityRatingHandler.processMaven(OssArtifactSecurityRatingHandler.java:49)
	at com.sap.oss.phosphor.fosstars.tool.AbstractHandler.run(AbstractHandler.java:236)
	at com.sap.oss.phosphor.fosstars.tool.Application.run(Application.java:307)
	at com.sap.oss.phosphor.fosstars.tool.Application.main(Application.java:84)

Things to do:

  • Handle this situation if the download fails in a better way.

sourabhsparkala avatar Sep 19 '22 09:09 sourabhsparkala