Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57796

Checkmarx affected by JEP-200

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Component/s: checkmarx-plugin
    • Labels:
    • Environment:
    • Similar Issues:

      Description

      CheckMarx stopped working this afternoon. It had been working in the morning.

      Some Plugins where updated during this time period by CheckMarx (8.90.1) was not.

      step([$class                        : 'CxScanBuilder',
            avoidDuplicateProjectScans    : false,
            comment                       : "Pipeline Scan",
            credentialsId                 : 'checkmarx',
            excludeFolders                : '',
            exclusionsSetting             : 'global',
            failBuildOnNewResults         : true,
            failBuildOnNewSeverity        : 'HIGH',
            fullScanCycle                 : 10,
            generatePdfReport             : true,
            groupId                       : 'XXXXX',
            osaArchiveIncludePatterns     : '*.zip, *.war, *.ear, *.tgz',
            osaInstallBeforeScan          : false,
            preset                        : '100003',
            projectName                   : "${serviceName}${CHECKMARX_PROJECT_TYPE}",
            sastEnabled                   : true,
            sourceEncoding                : '1',
            vulnerabilityThresholdResult  : 'FAILURE'
      ])
      
      

       

      
      java.lang.SecurityException: Rejected: com.cx.restclient.dto.ScanResults; see https://jenkins.io/redirect/class-filter/
      	at hudson.remoting.ClassFilter.check(ClassFilter.java:77)
      	at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:135)
      	at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1867)
      	at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1750)
      	at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2041)
      	at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1572)
      	at java.io.ObjectInputStream.readObject(ObjectInputStream.java:430)
      	at hudson.remoting.UserRequest.deserialize(UserRequest.java:291)
      	at hudson.remoting.UserRequest$NormalResponse.retrieve(UserRequest.java:326)
      	at hudson.remoting.Channel.call(Channel.java:955)
      Caused: java.io.IOException: Failed to deserialize response to UserRequest:com.checkmarx.jenkins.CxScanCallable@40fec119
      	at hudson.remoting.Channel.call(Channel.java:963)
      	at hudson.FilePath.act(FilePath.java:1072)
      	at hudson.FilePath.act(FilePath.java:1061)
      	at com.checkmarx.jenkins.CxScanBuilder.perform(CxScanBuilder.java:711)
      	at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:80)
      	at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:67)
      	at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
      	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at java.lang.Thread.run(Thread.java:748)
      

        Attachments

          Issue Links

            Activity

            haskinsmp Mark Haskins created issue -
            rkamath3 Ramachandra Kamath Arbettu made changes -
            Field Original Value New Value
            Priority Major [ 3 ] Critical [ 2 ]
            akom Alexander Komarov made changes -
            Link This issue relates to JENKINS-47736 [ JENKINS-47736 ]
            sternlir Liran Stern made changes -
            Assignee Sergey Kadaner [ sergeyk ] Liran Stern [ sternlir ]
            saikiranchalla Sai Kiran Challa made changes -
            Comment [ I upgraded to 8.90.4 and still see the same error: ```
            FATAL: Failed to deserialize response to UserRequest:com.checkmarx.jenkins.CxScanCallable@2a8aedd3: java.lang.SecurityException: Rejected: com.cx.restclient.dto.ScanResults; see
            [https://jenkins.io/redirect/class-filter/]
            java.lang.SecurityException: Rejected: com.cx.restclient.dto.ScanResults; see
            [https://jenkins.io/redirect/class-filter/]
            at hudson.remoting.ClassFilter.check(ClassFilter.java:77)
            at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:135)
            at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1866)
            at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1749)
            at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2040)
            at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1571)
            at java.io.ObjectInputStream.readObject(ObjectInputStream.java:431)
            at hudson.remoting.UserRequest.deserialize(UserRequest.java:291)
            at hudson.remoting.UserRequest$NormalResponse.retrieve(UserRequest.java:326)
            at hudson.remoting.Channel.call(Channel.java:957)
            Caused: java.io.IOException: Failed to deserialize response to UserRequest:com.checkmarx.jenkins.CxScanCallable@2a8aedd3
            at hudson.remoting.Channel.call(Channel.java:965)
            at hudson.FilePath.act(FilePath.java:1070)
            at hudson.FilePath.act(FilePath.java:1059)
            at com.checkmarx.jenkins.CxScanBuilder.perform(CxScanBuilder.java:711)
            at hudson.tasks.BuildStepCompatibilityLayer.perform(BuildStepCompatibilityLayer.java:79)
            at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
            at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:741)
            at hudson.model.Build$BuildExecution.build(Build.java:206)
            at hudson.model.Build$BuildExecution.doRun(Build.java:163)
            at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:504)
            at hudson.model.Run.execute(Run.java:1818)
            at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
            at hudson.model.ResourceController.execute(ResourceController.java:97)
            at hudson.model.Executor.run(Executor.java:429)``` ]

              People

              Assignee:
              sternlir Liran Stern
              Reporter:
              haskinsmp Mark Haskins
              Votes:
              5 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated: