From fc4fc0d29f79f6b5c3332677d51eeb3cf922c256 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Max=20Leutha=CC=88user?= <max.leuthaeuser@gmail.com>
Date: Wed, 1 Sep 2021 15:30:46 +0200
Subject: [PATCH] Safer NewDependency node creation

String values from the JS AST constructed by the graalvm js parser may be null for accessors like getName etc.

This is for: https://github.com/ShiftLeftSecurity/product/issues/8437
---
 .../js2cpg/cpg/passes/astcreation/AstNodeBuilder.scala      | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/scala/io/shiftleft/js2cpg/cpg/passes/astcreation/AstNodeBuilder.scala b/src/main/scala/io/shiftleft/js2cpg/cpg/passes/astcreation/AstNodeBuilder.scala
index 36272b9fc..ad16c865f 100644
--- a/src/main/scala/io/shiftleft/js2cpg/cpg/passes/astcreation/AstNodeBuilder.scala
+++ b/src/main/scala/io/shiftleft/js2cpg/cpg/passes/astcreation/AstNodeBuilder.scala
@@ -55,9 +55,9 @@ class AstNodeBuilder[NodeBuilderType](private val diffGraph: DiffGraph.Builder,
 
   def createDependencyNode(name: String, groupId: String, version: String): NewDependency = {
     val dependency = NewDependency()
-      .version(version)
-      .name(name)
-      .dependencyGroupId(Some(groupId))
+      .name(Option(name).getOrElse("<n/a>"))
+      .dependencyGroupId(Option(groupId).getOrElse("<n/a>"))
+      .version(Option(version).getOrElse("<n/a>"))
       .build
     diffGraph.addNode(dependency)
     dependency