How do you read a stack trace? Are there any reso...
# cfml-beginners
d
How do you read a stack trace? Are there any resources that will educate me?
f
start at the top and you can work your way through the code execution
it’s a great question though, I think I’ll write up a quick blog entry on it
❤️ 1
d
That would be great, thanks! You say start at the top but this means nothing to me!
Copy code
lucee.runtime.exp.NativeException: invalid hexadecimal String
 	at lucee.runtime.coder.HexCoder.decode(HexCoder.java:62)
 	at lucee.runtime.coder.Coder.decode(Coder.java:61)
 	at lucee.runtime.coder.Coder.decode(Coder.java:47)
 	at lucee.runtime.crypt.Cryptor.decrypt(Cryptor.java:194)
 	at lucee.runtime.functions.other.Decrypt.invoke(Decrypt.java:66)
 	at lucee.runtime.functions.other.Decrypt.call(Decrypt.java:45)
 	at cfc.utils.security_cfc$cf$w.udfCall(/cfc/utils/security.cfc:25)
 	at lucee.runtime.type.UDFImpl.implementation(UDFImpl.java:106)
 	at lucee.runtime.type.UDFImpl._call(UDFImpl.java:344)
 	at lucee.runtime.type.UDFImpl.call(UDFImpl.java:217)
f
another hint unless you are working with java library directly, keep going down until you see a cfm or cfc file path
👍 1
so I see one here:
Copy code
cfc.utils.security_cfc$cf$w.udfCall(/cfc/utils/security.cfc:25)
that tells me the error happened on line 25 of your security.cfc
everything before that is happening in Java, so if you wanted to debug that further you could take a look at the lucee source code and follow it through the java parts
d
Yes, I got the file/line number from the regular error message. So the errant code is...
decrypt(trim(ucase(_arguments_.inputString)), eKey, "AES","hex")
So I guess somewhere else in the stacktrace it'll explain more?
f
yeah… the first line will tell you the actual error message
it goes like
ExceptionType: message
so in your case the message is
invalid hexadecimal String
so your inputString in this case is not valid hex
but the stacktrace can also tell us exactally where in lucee code that the error was thrown…
so it’s really useful for them to have a stacktrace when you find a bug
d
So you think that could be a bug in Lucee rather than something in my code or server config?
f
no I don’t think this is a bug in lucee, just saying that when you report a bug they like to have the stacktrace
d
So you found that in the Lucee by searching the codebase for the error message string?
f
yeah, found that in lucee code from this line in your stacktrace:
lucee.runtime.coder.HexCoder.decode(HexCoder.java:62)
the second line
so you just find HexCoder.java and look at line 62
d
gotcha
f
the only issue with this approach is that you have to be looking at the right version of lucee source code
needs to be the same version as you are running
d
Of course
f
going back to the error you are getting
I can tell you that the length of your inputString is an odd number, and that is why they are throwing the exception
because they can’t convert it into hex
would you mind if I used your stacktrace in my blog entry?
it’s a good example
d
You got that from the ST our your knowledge of the function? Would it help if I posted the whole ST here? I'm not asking you to debug it, just help me understand.
f
I got that it was an odd number from where in the lucee code it was throwing the exception…
Copy code
if ((hexa.length() % 2) != 0) {
			throw new CoderException("invalid hexadecimal String");
}
d
ah yes, i can see that
f
so the length of your inputString % 2 is checking the modulus (remainder when dividing by) 2 to see if it is zero
d
which is strange as this code work on another computer (of course!).
f
so if you have 5 % 2 it equals 1, any odd number would equal 1 any even number would equal 0
well what you have to find out now, is what is the value of your inputString variable that you are passing into decrypt
d
I'll have to do some more digging/testing to see what's coming in.
f
so it is more of a problem with the data, rather than a problem with the code
d
gotcha
if fact this illustrates my point, you got that being able to read the ST and then go to the source where as all I got was the error message
invalid hexadecimal String
happy to share the whole ST to seed your blog article if that helps?
f
you posted the important part of the stacktrace, you don’t always need to read them all the way down to the bottom to find the issue 🙂
d
As you've proven 🙂
Is that usually the case? The length always put me off!
Anyway, I've got to peel off now but thanks for your help and insight. I look forward to reading your article!
g
dick [2:43 AM] if fact this illustrates my point, you got that being able to read the ST and then go to the source where as all I got was the error message
invalid hexadecimal String
It also shows that the error message "could be a little better, too". Because it is (in this case) specifically checking for a even length input - the error message could include why it is invalid. "_*Invalid hexadecimal string, arguments.inputstring must be an even number of characters*_" But even without the more verbose error message - it tells "me" everything I need to know. "The hex string is invalid" So "I" would be checking the string that I am providing to the function. And I normally do this by inserting a "log" statement, (just above the offending code) to check what I am passing into the decrypt() function.
writeLog(type="Information", file="securityError", text="Arguments to decrypt are: #serializeJSON(arguments)#");
Just in case you don't know, the above line will insert some information into a file called securityError.log, (the .log extension is auto-magically added for you) you will find it in the same directory as all the other Lucee log files. (the location of the log files directory is dependent on your specific installation type and configuration of Lucee. Anyway... It will insert a line(s) with; • The timestamp of when you ran the writelog command • A log "type" or "importance marker" of Information ◦ You can use Information, Warning, Error or Fatal • And finally the text you provided to the text argument. The writeLog() function only does simple text - so unlike dump() / writeDump() you cannot give it a complex type. So "I" convert everything that can't be displayed as a simple string into a JSON object via serializeJSON(). It will maintain the structure / nesting of what you give it - by converting it to JSON - which is a plain text string that writeLog() can deal with. And finally with viewing the contents of my securityError.log I would be able to see all the arguments that I have passed into the decrypt() function. However, this does mean that you need to know what makes a string valid / invalid hex, too... and if you don't Mr.Google can help - or your friendly neighbourhood CFML slack forum! There are lots of places in Adobe CF and Lucee - where the error message could be a little better. Especially for people that are new to the language (CFML) or programming in general. Both organisations will happily (eagerly, even) accept suggestions that help their users. And for Lucee, at least, being open-source - will with open arms accept a git pull request for a change. (I am not a Lucee committer at all - so I have no idea if I what I propose will be accepted, verbatim, or not... but I have had a stab at creating a PR for this specific error message enhancement.) Best of luck - and keep asking questions! Gavin.
d
Thank you @gavinbaumanis, logging is on my learning to-do list. As suspected @foundeo, the real error was in how the data was being presented to
decrypt()
rather than in the BIF itself. Thanks for the lesson.