PM60803: 'uncaught exception' during WAFL generation; WALA gives an assertion failure: not an interface

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • While scanning a java application that uses struts v1 Framework,
    the scan is getting an 'uncaught exception' during the Framework
    Analysis:
    
    FATAL com.ibm.wala.taint.util.logging.TaintLogger
    com.ibm.appscan.frameworks.FrameworksCLI.runMain(FrameworksCLI.j
    ava:43)
    uncaught exception
    
    There is an issue with the wafl generator. Inspecting the
    *wafl.log file reveals the following stack trace:
    
    2012-03-15
    08:53:15,275?-Sep-?FATAL?-Sep-?com.ibm.wala.taint.util.logging.T
    aintLogger?-Sep-?com.ibm.appscan.frameworks.FrameworksCLI.runMai
    n(FrameworksCLI.java:43)?-Sep-?uncaught
    exception?-Sep-?
    java.lang.AssertionError: not an interface:
    ?Extension,Ldb2j/r/c?
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.addClass(ClassHierarchy.java
    :359)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.addAllClasses(ClassHierarchy
    .java:278)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.?init?(ClassHierarchy.java:2
    39)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.?init?(ClassHierarchy.java:1
    75)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.make(ClassHierarchy.java:117
    2)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.make(ClassHierarchy.java:115
    2)
       at
    com.ibm.appscan.frameworks.WAFLSpecGen.getWAFLSpecForJavaEEApp(W
    AFLSpecGen.java:104)
       at
    com.ibm.appscan.frameworks.WAFLSpecGen.generateWAFLSpecForJavaEE
    App(WAFLSpecGen.java:261)
       at
    com.ibm.appscan.frameworks.FrameworksCLI.runMain(FrameworksCLI.j
    ava:41)
       at
    com.ibm.appscan.frameworks.FrameworksCLI.main(FrameworksCLI.java
    :27)
    
    
    It looks like the WAFL code is encountering something similar to
    the following:
    
      class C implements IFace
    
    However, IFace is not an interface. This code would never
    compile, but this can arise when C and IFace are in different
    jars. Currently, WALA gives an assertion failure, which is a
    defect. Instead, it should just ignore class C and move on while
    logging a warning.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    While scanning a java application that uses struts v1
    Framework, the scan is getting an "uncaught exception"
    during the Framework Analysis:
    
    FATAL com.ibm.wala.taint.util.logging.TaintLogger
    com.ibm.appscan.frameworks.FrameworksCLI.runMain(FrameworksC
    LI.java:43)
    uncaught exception
    
    There is an issue with the wafl generator. Inspecting the
    *wafl.log file reveals the following stack trace:
    
    2012-03-15
    08:53:15,275?-Sep-?FATAL?-Sep-?com.ibm.wala.taint.util.loggi
    ng.TaintLogger?-Sep-?com.ibm.appscan.frameworks.FrameworksCL
    I.runMain(FrameworksCLI.java:43)?-Sep-?uncaught
    exception?-Sep-?
    java.lang.AssertionError: not an interface:
    ?Extension,Ldb2j/r/c?
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.addClass(ClassHierarchy.
    java:359)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.addAllClasses(ClassHiera
    rchy.java:278)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.?init?(ClassHierarchy.ja
    va:239)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.?init?(ClassHierarchy.ja
    va:175)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.make(ClassHierarchy.java
    :1172)
       at
    com.ibm.wala.ipa.cha.ClassHierarchy.make(ClassHierarchy.java
    :1152)
       at
    com.ibm.appscan.frameworks.WAFLSpecGen.getWAFLSpecForJavaEEA
    pp(WAFLSpecGen.java:104)
       at
    com.ibm.appscan.frameworks.WAFLSpecGen.generateWAFLSpecForJa
    vaEEApp(WAFLSpecGen.java:261)
       at
    com.ibm.appscan.frameworks.FrameworksCLI.runMain(FrameworksC
    LI.java:41)
       at
    com.ibm.appscan.frameworks.FrameworksCLI.main(FrameworksCLI.
    java:27)
    
    
    It looks like the WAFL code is encountering something
    similar to the following:
    
      class C implements IFace
    
    However, IFace is not an interface. This code would never
    compile, but this can arise when C and IFace are in
    different jars. Currently, WALA gives an assertion failure,
    which is a defect. Instead, it should just ignore class C
    and move on while logging a warning.
    

Problem conclusion

  • Fixed
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM60803

  • Reported component name

    AS SRC ED, SEC

  • Reported component ID

    5724Z3500

  • Reported release

    800

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-03-20

  • Closed date

    2012-06-11

  • Last modified date

    2012-06-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AS SRC ED, SEC

  • Fixed component ID

    5724Z3500

Applicable component levels

  • R800 PSN

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

IBM Security AppScan Source

Software version:

8.0

Reference #:

PM60803

Modified date:

2012-06-11

Translate my page

Machine Translation

Content navigation