Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ORA-00933: SQL command not properly ended #5581

Closed
mialberhasky opened this issue Mar 22, 2023 · 0 comments · Fixed by #5590
Closed

ORA-00933: SQL command not properly ended #5581

mialberhasky opened this issue Mar 22, 2023 · 0 comments · Fixed by #5590
Labels
bug

Comments

@mialberhasky
Copy link

Describe the bug
dependency-check version: 8.1.2
internal Database schema version: 5.4
internal Database vendor: Oracle 19c, ojdbc8-21.9.0.0 driver

When the tool is attempting to run the lines in https://github.com/jeremylong/DependencyCheck/blob/main/core/src/main/resources/data/dbEcosystemCacheUpdates.sql, Oracle is throwing a ORA-00933 because of the semicolons at then end of each statement. If I update the SQL script and remove the semicolons, rebuild the app, and run the CLI tool again, the statements are executed without error.

Version of dependency-check used
The problem occurs using version 8.1.2

Log file

[INFO] Checking for updates
[ERROR] Database Exception, unable to update the data to use the most current data.
org.owasp.dependencycheck.data.update.exception.UpdateException: Database Exception, unable to update the data to use the most current data.
	at org.owasp.dependencycheck.data.update.NvdCveUpdater.update(NvdCveUpdater.java:160)
	at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:900)
	at org.owasp.dependencycheck.Engine.initializeAndUpdateDatabase(Engine.java:705)
	at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:631)
	at org.owasp.dependencycheck.App.runScan(App.java:259)
	at org.owasp.dependencycheck.App.run(App.java:191)
	at org.owasp.dependencycheck.App.main(App.java:86)
Caused by: org.owasp.dependencycheck.data.nvdcve.DatabaseException: Unable to update the ecosystem cache
	at org.owasp.dependencycheck.data.nvdcve.CveDB.updateEcosystemCache(CveDB.java:153)
	at org.owasp.dependencycheck.data.update.NvdCveUpdater.update(NvdCveUpdater.java:144)
	... 6 common frames omitted
Caused by: java.sql.SQLSyntaxErrorException: ORA-00933: SQL command not properly ended

	at oracle.jdbc.driver.T4CTTIoer11.processError(T4CTTIoer11.java:629)
	at oracle.jdbc.driver.T4CTTIoer11.processError(T4CTTIoer11.java:563)
	at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:1150)
	at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:770)
	at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:298)
	at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:497)
	at oracle.jdbc.driver.T4CStatement.doOall8(T4CStatement.java:111)
	at oracle.jdbc.driver.T4CStatement.executeForRows(T4CStatement.java:1010)
	at oracle.jdbc.driver.OracleStatement.executeSQLStatement(OracleStatement.java:1530)
	at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1310)
	at oracle.jdbc.driver.OracleStatement.executeUpdateInternal(OracleStatement.java:2088)
	at oracle.jdbc.driver.OracleStatement.executeLargeUpdate(OracleStatement.java:2053)
	at oracle.jdbc.driver.OracleStatement.executeUpdate(OracleStatement.java:2041)
	at oracle.jdbc.driver.OracleStatementWrapper.executeUpdate(OracleStatementWrapper.java:309)
	at org.apache.commons.dbcp2.DelegatingStatement.executeUpdate(DelegatingStatement.java:341)
	at org.apache.commons.dbcp2.DelegatingStatement.executeUpdate(DelegatingStatement.java:341)
	at org.owasp.dependencycheck.data.nvdcve.CveDB.updateEcosystemCache(CveDB.java:149)
	... 7 common frames omitted
Caused by: oracle.jdbc.OracleDatabaseException: ORA-00933: SQL command not properly ended

	at oracle.jdbc.driver.T4CTTIoer11.processError(T4CTTIoer11.java:636)
	... 23 common frames omitted
[INFO] Skipping RetireJS update since last update was within 24 hours.
[INFO] Skipping Hosted Suppressions file update since last update was within 2 hours.
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[WARN] Unable to update 1 or more Cached Web DataSource, using local data instead. Results may not include recent vulnerabilities.
[ERROR] Unable to continue dependency-check analysis.
[ERROR] One or more fatal errors occurred
[ERROR] Database Exception, unable to update the data to use the most current data.
[ERROR] No documents exist

To Reproduce
Run dependency-check.sh on an existing database.

Expected behavior
The tool should be able to complete updating the database without throwing an error.

Additional context
Running the statements manually is successful, just running them via the tool fails.
jeremylong added a commit that referenced this issue Mar 23, 2023
@jeremylong
fix: SQL Syntax for Oracle
bdfa4ae 
Resolves #5581
@jeremylong jeremylong mentioned this issue Mar 23, 2023
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 21, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: SQL Syntax for Oracle jeremylong/DependencyCheck
1 participant
@mialberhasky