java.lang.StringIndexOutOfBoundsException when analysing python file without extension

Tmiple · October 28, 2021, 11:22am

versions used
- Sonarcloud
- sonar-scanner-4.6.2.2472-linux
error observed

INFO: Sensor Python Sensor [python]
WARN: Your code is analyzed as compatible with python 2 and 3 by default. This will prevent the detection of issues specific to python 2 or python 3. You can get a more precise analysis by setting a python version in your configuration via the parameter "sonar.python.version"
INFO: Starting global symbols computation
INFO: 27 source files to be analyzed
INFO: 27/27 source files have been analyzed
INFO: Starting rules execution
INFO: 27 source files to be analyzed
WARN: Unable to analyze file: nodes/ground_tf_placer
java.lang.StringIndexOutOfBoundsException: begin 0, end -1, length 16
	at java.base/java.lang.String.checkBoundsBeginEnd(Unknown Source)
	at java.base/java.lang.String.substring(Unknown Source)
	at com.sonar.security.frontend.python.A.G.A(na:1344)
	at com.sonar.security.frontend.python.A.G.A(na:594)
	at com.sonar.security.frontend.python.A.H.A(na:2523)
	at com.sonar.security.frontend.python.A.H.A(na:605)
	at com.sonar.security.frontend.python.A.H.A(na:497)
	at com.sonar.security.frontend.python.A.H.visitFunctionDef(na:1780)
	at org.sonar.python.tree.FunctionDefImpl.accept(FunctionDefImpl.java:166)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:33)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:40)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.visitStatementList(BaseTreeVisitor.java:52)
	at org.sonar.python.tree.StatementListImpl.accept(StatementListImpl.java:46)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:33)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.visitClassDef(BaseTreeVisitor.java:146)
	at com.sonar.security.frontend.python.A.H.visitClassDef(na:1707)
	at org.sonar.python.tree.ClassDefImpl.accept(ClassDefImpl.java:82)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:33)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:40)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.visitStatementList(BaseTreeVisitor.java:52)
	at org.sonar.python.tree.StatementListImpl.accept(StatementListImpl.java:46)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:33)
	at org.sonar.plugins.python.api.tree.BaseTreeVisitor.visitFileInput(BaseTreeVisitor.java:47)
	at com.sonar.security.frontend.python.A.H.visitFileInput(na:152)
	at org.sonar.python.tree.FileInputImpl.accept(FileInputImpl.java:79)
	at com.sonar.security.frontend.python.rules.A.A(na:3038)
	at org.sonar.python.SubscriptionVisitor$SubscriptionContextImpl.execute(SubscriptionVisitor.java:96)
	at java.base/java.util.ArrayList.forEach(Unknown Source)
	at org.sonar.python.SubscriptionVisitor.scan(SubscriptionVisitor.java:77)
	at org.sonar.python.SubscriptionVisitor.analyze(SubscriptionVisitor.java:57)
	at org.sonar.plugins.python.PythonScanner.scanFile(PythonScanner.java:118)
	at org.sonar.plugins.python.Scanner.execute(Scanner.java:52)
	at org.sonar.plugins.python.PythonSensor.execute(PythonSensor.java:128)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:45)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:68)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:447)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:443)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:401)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:58)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:52)
	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
	at com.sun.proxy.$Proxy0.execute(Unknown Source)
	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)

steps to reproduce
- Content of sonar-project.properties

sonar.exclusions=test/**, reports/**
sonar.lang.patterns.py=**/*py, nodes/*
sonar.python.coverage.reportPaths=reports/python-coverage.xml

Content of nodes/ground_tf_placer:

#!/usr/bin/env python

print("hello")

potential workaround
- No, please advice
Other notes:
- python files with .py extension do work.
- Suggestion for the python files found here: Recognize and analyze python files without an extension?

Roberto_Orlandi · November 2, 2021, 8:37am

Hello @Tmiple, and welcome to our community!

Thank you for reporting this issue.

The problem has been fixed, and you will see it working starting from next SonarCloud release.

I wish you a good day.

Best,
Roberto

Tmiple · November 2, 2021, 8:56am

Thank you for the quick fix!

Is there a place I can monitor for new releases?

Roberto_Orlandi · November 3, 2021, 7:44am

Hello @Tmiple,

Let me be more precise about my previous message: the fix will be part of next SonarSecurity analyzer deployment on SonarCloud.

Unfortunately you can’t monitor this, but I can tell you that it should happen around mid-November.

Best,
Roberto

system · November 10, 2021, 7:44am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
StringIndexOutOfBoundsException when analyzing my KomodoAutoConfiguration Eclipse java , eclipse , sonarqube-ide	3	1354	July 3, 2020
SonarJava 5.9.1 LDAPDeserializationCheck crashes with ArrayIndexOutOfBoundsException SonarQube Server / Community Build java	1	632	November 28, 2018
Sonar-java: java.lang.IndexOutOfBoundsException: Index 0 out of bounds for length 0 SonarQube Cloud java , scanner	11	5880	October 14, 2022
BUG: Sonar throws an exception on list comprehensions within f-strings SonarQube Cloud python	3	1012	March 3, 2020
Unable to run string to primitive conversion check (S2130) due to ArrayIndexOutOfBoundsException SonarQube Server / Community Build java	3	748	April 15, 2019

java.lang.StringIndexOutOfBoundsException when analysing python file without extension

Related topics