Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TypeError: unhashable type: 'list' #16

Open
andreacolumbu opened this issue May 27, 2024 · 2 comments
Open

TypeError: unhashable type: 'list' #16

andreacolumbu opened this issue May 27, 2024 · 2 comments

Comments

@andreacolumbu
Copy link

Hello, first of all thank you for this project! I'd really like to contribute in the future.

I tried using your rules to scan against many different applications, and sometimes I got the unhashable type: 'list' error at the end of the scan:

unhashable type: 'list'
Traceback (most recent call last):
  File "/opt/homebrew/Cellar/semgrep/1.74.0/libexec/lib/python3.11/site-packages/semgrep/commands/wrapper.py", line 37, in wrapper
    func(*args, **kwargs)
  File "/opt/homebrew/Cellar/semgrep/1.74.0/libexec/lib/python3.11/site-packages/semgrep/commands/scan.py", line 763, in scan
    ) = semgrep.run_scan.run_scan(
        ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/semgrep/1.74.0/libexec/lib/python3.11/site-packages/semgrep/run_scan.py", line 593, in run_scan
    ) = run_rules(
        ^^^^^^^^^^
  File "/opt/homebrew/Cellar/semgrep/1.74.0/libexec/lib/python3.11/site-packages/semgrep/run_scan.py", line 241, in run_rules
    join_rule_matches, join_rule_errors = join_rule.run_join_rule(
                                          ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/semgrep/1.74.0/libexec/lib/python3.11/site-packages/semgrep/join_rule.py", line 519, in run_join_rule
    ERROR_MAP[error_dict.get(errortype)].from_dict(error_dict)
              ^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: unhashable type: 'list'

I investigated on this and it seems to be caused by the rules in the rules/arch folder. I don't get this error for every application probably because it is raised only if a vulnerability of the arch type is detected during the scan. Do you know how this could be fixed? Thank you in advance
@gand3lf
Copy link
Collaborator

gand3lf commented May 27, 2024
edited
Loading

Hi Andrea,
thank you for having reported this issue. I was already aware of this problem and I would like to explain the root of the problem.
The exception arises in the case where, during the execution of a join-mode rule, the Semgrep motor encounters an error in the source code parsing.
For example, if you try to analyze this snippet with a join-mode rule, you will obtain the same error:
target.setValue(CollectionsKt.firstOrNull((List<? extends ??>) it2));

Often, this kind of weird instructions come from the JADX tool that probably you are using to extract the source code from the APK packet.
The exception you see happens because the Semgrep code that is responsible for handling the message error is buggy.

I will report this problem to the Semgrep team, but for now you can choose to ignore this specific error for the specific join mode. To do that, you can just comment the lines from 518 to 520 of your file join_rule.py.

I hope it was useful and, of course, in case you want to contribute to the project you are welcome!
Anyway, I will keep the issue open for now.

@andreacolumbu
Copy link
Author

Thank you for the explanation and the workaround

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gand3lf @andreacolumbu