[BUG] InternalExecutionError when scanning getRecordInfos method #1337

RonanWilliams1 · 2024-01-31T12:44:57Z

Description:

Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnexpectedException: ApexStringValue{ value=Optional.empty} ApexValue(ApexStringValue) {status=INITIALIZED, declarationVertex=VariableDeclaration{properties={FirstChild=false, BeginLine=464, Type=String, DefiningType_CaseSafe=relatablecore, LastChild=true, DefiningType=RelatableCore, EndLine=464, Name_CaseSafe=namefield, childIdx=1, BeginColumn=16, Name=nameField}}, valueVertex=LiteralExpression{properties={FirstChild=true, BeginLine=464, DefiningType_CaseSafe=relatablecore, LastChild=false, DefiningType=RelatableCore, EndLine=464, childIdx=0, LiteralType=NULL, BeginColumn=28}}, resolvedValues={}, returnedFrom=null, invocableExpression=null, method=null}: com.salesforce.graph.ops.ApexValueUtil.getTypeValue(ApexValueUtil.java:376);com.salesforce.graph.ops.ApexValueUtil.convertApexValueToString(ApexValueUtil.java:305);com.salesforce.rules.fls.apex.operations.FlsValidationRepresentation.addField(FlsValidationRepresentation.java:122);com.salesforce.rules.fls.apex.operations.FlsValidationRepresentation.addField(FlsValidationRepresentation.java:114);com.salesforce.rules.fls.apex.operations.SchemaBasedValidationAnalyzer.convert(SchemaBasedValidationAnalyzer.java:185);com.salesforce.rules.fls.apex.operations.SchemaBasedValidationAnalyzer.checkForValidation(SchemaBasedValidationAnalyzer.java:77)

Method code where the error occurs:

@AuraEnabled    
    public static Map<String,Object> getRecordInfos(String sObjectName, String recordId){

        // TODO: very lavish with the describe calls (here for Name, bit lower for the label)
        // and yet there's no protection checking whether this user can Read this object.
        // Should be cached in a static Map<String, DescribeSObjectResult>?
        Map<String,Object> sObjectInfo = new Map<String,Object>();

        String nameField = getNameFieldForsObject(sObjectName);

        // 1. get record 'Name' equivalent (i.e. OrderNumber, Subject)
        List<String> fields = new List<String>();
        fields.add('Id');
        if (RelatableUtilities.fieldAccessible(sObjectName,nameField)){
            fields.add(nameField);
        }

        sObject sObj = Database.query(
            String.escapeSingleQuotes(
                ' SELECT Id, ' + String.join(fields,',') +
                ' FROM ' + sObjectName +
                ' WHERE Id = :recordId '
            ),
            AccessLevel.USER_MODE
        );
    
        String recordName = String.valueOf(sObj.get(nameField));

        // 2. get the plural label of the sObject (i.e. for Opportunity : Opportunties)
        String pluralLabel = Schema.describeSObjects(new List<String>{sObjectName})[0].getLabelPlural();

        // 3. get active Configuration (Relatable_Configuration__mdt) records for the sObject
        List<cmt_relatable__Relatable_Configuration__mdt> relatableConfigurations = 
            Test.isRunningTest() ?
            RelatableMetadataMock.getMocks() :
            [
                SELECT Id, 
                    Label, 
                    DeveloperName,
                    cmt_relatable__Active__c,
                    cmt_relatable__Deleted__c,
                    cmt_relatable__Configuration_JSON__c, 
                    cmt_relatable__sObject_Name__c, 
                    SystemModstamp
                FROM cmt_relatable__Relatable_Configuration__mdt
                WHERE cmt_relatable__sObject_Name__c = :sObjectName
                WITH USER_MODE
                ORDER BY Label ASC
            ];

        sObjectInfo.put('RecordName',recordName);
        sObjectInfo.put('sObjectLabelPlural',pluralLabel);
        sObjectInfo.put('Configurations',relatableConfigurations);
        return sObjectInfo;
    }

Steps To Reproduce:
I ran the following scanner:
sf scanner run dfa -f html -o QA/appexchange/CodeAnalyzerDFA.html -t './' -c 'Security' --projectdir='./'

Desktop:
Provide these details:

Operating System: Mac OS
Code Analyzer version: v3.20.0
Salesforce CLI version: @salesforce/cli/2.23.20 win32-x64 node-v18.19.0
Additional Context:

Workaround:
Tried the directives to exclude from the engine, but it doesn't work
Urgency:
Medium

The text was updated successfully, but these errors were encountered:

git2gus · 2024-02-20T14:05:56Z

This issue has been linked to a new work item: W-15080643

stephen-carter-at-sf · 2024-06-03T18:59:35Z

Marking this as a duplicate of #1497

johnbelosf added the BUG P3 Rarely Malfunction label Feb 20, 2024

stephen-carter-at-sf added the SFGE Issues related to the Salesforce Graph Engine label May 23, 2024

stephen-carter-at-sf added the duplicate This issue or pull request already exists label Jun 3, 2024

stephen-carter-at-sf closed this as not planned Won't fix, can't repro, duplicate, stale Jun 3, 2024

stephen-carter-at-sf mentioned this issue Jun 3, 2024

[BUG] Consolidation of InternalExecutionError for "manual verify that you have a sanitizer" issues. #1497

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG] InternalExecutionError when scanning getRecordInfos method #1337

[BUG] InternalExecutionError when scanning getRecordInfos method #1337

RonanWilliams1 commented Jan 31, 2024

git2gus bot commented Feb 20, 2024

stephen-carter-at-sf commented Jun 3, 2024

[BUG] InternalExecutionError when scanning getRecordInfos method #1337

[BUG] InternalExecutionError when scanning getRecordInfos method #1337

Comments

RonanWilliams1 commented Jan 31, 2024

git2gus bot commented Feb 20, 2024

stephen-carter-at-sf commented Jun 3, 2024