UnimplementedMethodException: ApexStringValue #1510
Comments
|
This is a duplicate of #1044 |
stephen-carter-at-sf
closed this as not planned
stephen-carter-at-sf
added
duplicate
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Have you tried to resolve this issue yourself first?
Yes
Bug Description
The Graph Engine has identified a security issue related to the method URL.getSalesforceBaseUrl. The method call fails with an UnimplementedMethodException. This issue needs to be manually verified to check if a sanitizer exists in the path. An engine directive should be added to skip this path if a sanitizer is verified.
Output / Logs
Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnimplementedMethodException: ApexStringValue:getSalesforceBaseUrl, vertex=MethodCallExpressionVertex{fullMethodName=URL.getSalesforceBaseUrl, referenceVertex=LazyVertex{result=ReferenceExpression{properties={FirstChild=true, Names=[URL], BeginLine=16, DefiningType_CaseSafe=prescrubsystemcontroller, LastChild=true, DefiningType=PrescrubSystemController, EndLine=16, Name_CaseSafe=url, childIdx=0, BeginColumn=26, ReferenceType=METHOD, Name=URL}}}, chainedNames=[URL], properties={FirstChild=true, FullMethodName=URL.getSalesforceBaseUrl, BeginLine=16, FullMethodName_CaseSafe=url.getsalesforcebaseurl, DefiningType_CaseSafe=prescrubsystemcontroller, LastChild=true, DefiningType=PrescrubSystemController, EndLine=16, MethodName_CaseSafe=getsalesforcebaseurl, childIdx=0, BeginColumn=30, MethodName=getSalesforceBaseUrl}}: com.salesforce.graph.symbols.apex.ApexStringValue.apply(ApexStringValue.java:708);com.salesforce.graph.symbols.PathScopeVisitor.handleApexValueMethod(PathScopeVisitor.java:1487);com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:1242);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:800);com.salesforce.graph.vertex.MethodCallExpressionVertex.afterVisit(MethodCallExpressionVertex.java:79);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577)
Steps To Reproduce
Sanitizer Verification: Manually verify if a sanitizer exists in the path involving URL.getSalesforceBaseUrl.
Engine Directive: If a sanitizer is verified, add an engine directive to skip this path in the Graph Engine.
Issue Creation: Create a GitHub issue for the Code Analyzer team with the provided error and stack trace.
Review: After the issue is fixed, review the Code Analyzer release notes for more information.
Expected Behavior
The method URL.getSalesforceBaseUrl should execute successfully without throwing an UnimplementedMethodException.
Operating System
Windows 11
Salesforce CLI Version
@salesforce/cli/2.44.8 win32-x64 node-v20.13.1
Code Analyzer Plugin (@salesforce/sfdx-scanner) Version
@salesforce/sfdx-scanner 4.2.0 (latest-beta)
Java Version
java version "22.0.1" 2024-04-16
Additional Context (Screenshots, Files, etc)
No response
Workaround
No response
Urgency
High
The text was updated successfully, but these errors were encountered: