Bug DefectDjo Persistence Provider for generic findings #528
Description
Hi,
there seems to be a but within the DefectDojo Hook regarding the generic findings parser somehow 🤔
If im using kubeaudit this leads to erros while trying to persist the results:
2021-06-30 13:59:20 INFO DefectDojoPersistenceProvider:24 - Starting DefectDojo persistence provider
2021-06-30 13:59:25 INFO DefectDojoPersistenceProvider:35 - Downloading Scan Result
Exception in thread "main" java.lang.NullPointerException
at java.base/java.net.URI$Parser.parse(URI.java:3104)
at java.base/java.net.URI.<init>(URI.java:600)
at java.base/java.net.URI.create(URI.java:881)
at io.securecodebox.persistence.mapping.SecureCodeBoxFindingsToDefectDojoMapper.fromSecureCodeBoxFinding(SecureCodeBoxFindingsToDefectDojoMapper.java:69)
at io.securecodebox.persistence.mapping.SecureCodeBoxFindingsToDefectDojoMapper.fromSecureCodeboxFindingsJson(SecureCodeBoxFindingsToDefectDojoMapper.java:32)
at io.securecodebox.persistence.service.ScanService.downloadScan(ScanService.java:27)
at io.securecodebox.persistence.DefectDojoPersistenceProvider.main(DefectDojoPersistenceProvider.java:36)Maybe this is related to the fact there is no null or emtpy check before trying to use the findings.getLocation() method?