Skip to content

Error when using Mysql database: Table 'dependencycheck.CPEENTRY' doesn't exist #3193

Closed
Closed
Error when using Mysql database: Table 'dependencycheck.CPEENTRY' doesn't exist#3193
Labels
bug
Milestone
6.1.3
@umbertooo

Description

@umbertooo
umbertooo
opened on Mar 15, 2021

Describe the bug
Dependency Check fails with [ERROR] An unexpected SQL Exception occurred; please see the verbose log for more details. when used with a database. I'm using this Database Docker Container https://github.com/stefanneuhaus/dependencycheck-central-mysql-docker

Version of dependency-check used
The problem occurs using version 6.1.2 of the cli on macOS and owasp/dependency-check. Last known working version was 6.1.1. Last time the docker image worked was 2021-03-08

dependency-check: stable 6.1.2
OWASP dependency-check
https://owasp.org/www-project-dependency-check/
/usr/local/Cellar/dependency-check/6.1.2 (72 files, 23.9MB) *
  Built from source on 2021-03-12 at 09:24:31
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/dependency-check.rb
License: Apache-2.0

Log file
complete log file available here https://gist.github.com/umbertooo/3f0d91a9a3675c17ae0313fae2aa1d94

2021-03-15 09:08:09,120 org.owasp.dependencycheck.App:208
ERROR - An unexpected SQL Exception occurred; please see the verbose log for more details.
2021-03-15 09:08:09,120 org.owasp.dependencycheck.App:209
DEBUG - unexpected error
org.owasp.dependencycheck.data.nvdcve.DatabaseException: An unexpected SQL Exception occurred; please see the verbose log for more details.
	at org.owasp.dependencycheck.data.nvdcve.CveDB.simpleCPESearch(CveDB.java:549)
	at org.owasp.dependencycheck.analyzer.CPEAnalyzer.lambda$simpleSearch$6(CPEAnalyzer.java:1019)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
	at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177)
	at java.base/java.util.TreeMap$KeySpliterator.tryAdvance(TreeMap.java:3050)
	at java.base/java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:127)
	at java.base/java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:502)
	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:488)
	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
	at java.base/java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:230)
	at java.base/java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:196)
	at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
	at java.base/java.util.stream.ReferencePipeline.anyMatch(ReferencePipeline.java:528)
	at org.owasp.dependencycheck.analyzer.CPEAnalyzer.simpleSearch(CPEAnalyzer.java:1043)
	at org.owasp.dependencycheck.analyzer.CPEAnalyzer.determineCPE(CPEAnalyzer.java:259)
	at org.owasp.dependencycheck.analyzer.CPEAnalyzer.analyzeDependency(CPEAnalyzer.java:721)
	at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.analyze(AbstractAnalyzer.java:131)
	at org.owasp.dependencycheck.AnalysisTask.call(AnalysisTask.java:88)
	at org.owasp.dependencycheck.AnalysisTask.call(AnalysisTask.java:37)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)
Caused by: java.sql.SQLSyntaxErrorException: Table 'dependencycheck.CPEENTRY' doesn't exist
	at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:120)
	at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:97)
	at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:122)
	at com.mysql.cj.jdbc.ClientPreparedStatement.executeInternal(ClientPreparedStatement.java:953)
	at com.mysql.cj.jdbc.ClientPreparedStatement.executeQuery(ClientPreparedStatement.java:1003)
	at org.owasp.dependencycheck.data.nvdcve.CveDB.simpleCPESearch(CveDB.java:543)
	... 22 common frames omitted

To Reproduce
Steps to reproduce the behavior:

  1. Set up Database Docker Container: docker run -p 33060:3306 stefanneuhaus/dependencycheck-central-mysql
  2. The container triggers an automatic database update every hour. Wait for the initial update to complete. This takes about 1 hour on my machine, but running the dependency check with an incomplete database would cause other errors.
  3. Run dependency check dependency-check --scan 'backend/target/baudb.war' --connectionString jdbc:mysql://localhost:33060/dependencycheck\?useSSL=false\&allowPublicKeyRetrieval=true --dbUser dc --dbPassword dc --dbDriverPath backend/target/baudb/WEB-INF/lib/mysql-connector-java-8.0.22.jar --dbDriverName com.mysql.jdbc.Driver --log dependencycheck.log
  4. See error in log file

Expected behavior
The dependency check cli should connect to the database container and use the database for analysis.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions