DependencyCheck: Stack overflow after upgrading to dependency-check 8.0.0

Describe the bug Seeing a stack overflow after upgrading to dependency-check 8.0.0

Version of dependency-check used The problem occurs using version 8.0.0 of the gradle plugin

* What went wrong:
Execution failed for task ':download:dependencyCheckAnalyze'.
> java.lang.StackOverflowError (no error message)

* Try:
> Run with --info or --debug option to get more log output.

* Exception is:
org.gradle.api.tasks.TaskExecutionException: Execution failed for task ':download:dependencyCheckAnalyze'.
        at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.lambda$executeIfValid$1(ExecuteActionsTaskExecuter.java:142)
        at org.gradle.internal.Try$Failure.ifSuccessfulOrElse(Try.java:282)
        at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeIfValid(ExecuteActionsTaskExecuter.java:140)
        at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.execute(ExecuteActionsTaskExecuter.java:128)
        at org.gradle.api.internal.tasks.execution.CleanupStaleOutputsExecuter.execute(CleanupStaleOutputsExecuter.java:77)
        at org.gradle.api.internal.tasks.execution.FinalizePropertiesTaskExecuter.execute(FinalizePropertiesTaskExecuter.java:46)
        at org.gradle.api.internal.tasks.execution.ResolveTaskExecutionModeExecuter.execute(ResolveTaskExecutionModeExecuter.java:51)
        at org.gradle.api.internal.tasks.execution.SkipTaskWithNoActionsExecuter.execute(SkipTaskWithNoActionsExecuter.java:57)
        at org.gradle.api.internal.tasks.execution.SkipOnlyIfTaskExecuter.execute(SkipOnlyIfTaskExecuter.java:57)
        at org.gradle.api.internal.tasks.execution.CatchExceptionTaskExecuter.execute(CatchExceptionTaskExecuter.java:36)
        at org.gradle.api.internal.tasks.execution.EventFiringTaskExecuter$1.executeTask(EventFiringTaskExecuter.java:77)
        at org.gradle.api.internal.tasks.execution.EventFiringTaskExecuter$1.call(EventFiringTaskExecuter.java:55)
        at org.gradle.api.internal.tasks.execution.EventFiringTaskExecuter$1.call(EventFiringTaskExecuter.java:52)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:204)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:199)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:66)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:157)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.call(DefaultBuildOperationRunner.java:53)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.call(DefaultBuildOperationExecutor.java:73)
        at org.gradle.api.internal.tasks.execution.EventFiringTaskExecuter.execute(EventFiringTaskExecuter.java:52)
        at org.gradle.execution.plan.LocalTaskNodeExecutor.execute(LocalTaskNodeExecutor.java:69)
        at org.gradle.execution.taskgraph.DefaultTaskExecutionGraph$InvokeNodeExecutorsAction.execute(DefaultTaskExecutionGraph.java:322)
        at org.gradle.execution.taskgraph.DefaultTaskExecutionGraph$InvokeNodeExecutorsAction.execute(DefaultTaskExecutionGraph.java:309)
        at org.gradle.execution.taskgraph.DefaultTaskExecutionGraph$BuildOperationAwareExecutionAction.execute(DefaultTaskExecutionGraph.java:302)
        at org.gradle.execution.taskgraph.DefaultTaskExecutionGraph$BuildOperationAwareExecutionAction.execute(DefaultTaskExecutionGraph.java:288)
        at org.gradle.execution.plan.DefaultPlanExecutor$ExecutorWorker.execute(DefaultPlanExecutor.java:462)
        at org.gradle.execution.plan.DefaultPlanExecutor$ExecutorWorker.run(DefaultPlanExecutor.java:379)
        at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
        at org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:49)
Caused by: java.lang.StackOverflowError
        at jdk.internal.reflect.GeneratedMethodAccessor296.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at org.owasp.dependencycheck.gradle.tasks.AbstractAnalyze$_collectDependencyMap_closure17.doCall(AbstractAnalyze.groovy:475)
        at jdk.internal.reflect.GeneratedMethodAccessor301.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at org.owasp.dependencycheck.gradle.tasks.AbstractAnalyze.collectDependencyMap(AbstractAnalyze.groovy:471)
        at jdk.internal.reflect.GeneratedMethodAccessor300.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at org.owasp.dependencycheck.gradle.tasks.AbstractAnalyze$_collectDependencyMap_closure17.doCall(AbstractAnalyze.groovy:484)
        at jdk.internal.reflect.GeneratedMethodAccessor301.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at org.owasp.dependencycheck.gradle.tasks.AbstractAnalyze.collectDependencyMap(AbstractAnalyze.groovy:471)
        at jdk.internal.reflect.GeneratedMethodAccessor300.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at org.owasp.dependencycheck.gradle.tasks.AbstractAnalyze$_collectDependencyMap_closure17.doCall(AbstractAnalyze.groovy:484)
        at jdk.internal.reflect.GeneratedMethodAccessor301.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at org.owasp.dependencycheck.gradle.tasks.AbstractAnalyze.collectDependencyMap(AbstractAnalyze.groovy:471)
        at jdk.internal.reflect.GeneratedMethodAccessor300.invoke(Unknown Source)
        ...

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Reactions: 25
  • Comments: 18 (6 by maintainers)

Most upvoted comments

Getting the same issue. Here is the most minimalistic build.gradle.kts

@Evenprime thanks for digging into your failure Can confirm that I can reproduce it. If @jeremylong doesn’t beat me to it I hope to take a look on Wednesday.

+9
aikebah on Jan 16, 2023

@jeremylong confirmed working OK in 8.0.1

+1
FyiurAmron on Jan 19, 2023

Version 8.0.1 is failing with another error:

Some of the file system contents retained in the virtual file system are on file systems that Gradle doesn't support watching.
Caused by: org.gradle.api.GradleException: Analysis failed.
Caused by: org.owasp.dependencycheck.exception.ExceptionCollection: One or more exceptions occurred during analysis:
	DatabaseException: Unable to connect to the dependency-check database
		caused by DatabaseException: Database schema does not match this version of dependency-check
		caused by DatabaseException: Database schema is out of date

Stacktrace

As the error message says: you have to update your database schema. Have a look: https://github.com/jeremylong/DependencyCheck/tree/main/core/src/main/resources/data

+1
xtermi2 on Jan 19, 2023

In the process of releasing 8.0.1 that will include the fix.

+1
jeremylong on Jan 18, 2023
Read more comments on GitHub
← DependencyCheck: Several false positives with version 4.0.1
DependencyCheck: Version 8.0.0. KnownExploitedDataSource proxy HTTP 403 →