cancel
Showing results for 
Search instead for 
Did you mean: 

Static Application Security Test using Polaris tool and got NULL Pointer Dereference for core files

Static Application Security Test using Polaris tool and got NULL Pointer Dereference for core files

Hi Team,

We ran SAST (Static Application Security Test) using Polaris tool for our Magento to codebase and got the NULL Pointer Dereference error for the followings Magento core files.

1.
filepath : lib/web/requirejs/text.js
line no : 269
code : xhr.open('GET', url, true);
error: Accessing a property of null-like value "xhr".

2.
filepath : lib/web/knockoutjs/knockout.js
line no : 2864
code : if (node.nextSibling && isEndComment(node.nextSibling))
error: Accessing a property of null-like value "node".

3.
filepath : lib/web/jquery/timepicker.js
line no : 511
code : if (this.inst !== null) {
error: Checking "this.inst !== null" suggests "this.inst" may be null, but it has already been used as a function or its properties have been accessed on all paths leading to the check.

4.
filepath : lib/web/tiny_mce/classes/dom/TridentSelection.js
line no : 123
code : container = endPoint.node;
error: Accessing a property of null-like value "endPoint".

Please support us on fixing this security issues.
We are using Magento version 2.4.2-p2