syft
syft copied to clipboard
anchore
panic: runtime error: index out of range [0] with length 0
What happened: panic: runtime error: index out of range [0] with length 0 when dealing with files without extension.
What you expected to happen:
Support when file has no extension?
How to reproduce it (as minimally and precisely as possible): On Windows, execute it , guaranteeing that inside a folder, there is a file without an extension.
Anything else we need to know?: As mentioned in https://github.com/anchore/syft/issues/1024, I tried to use the exclude as a workaround but didn't work.
Environment: Application: grype Version: 0.41.0 Syft Version: v0.50.0 BuildDate: 2022-07-06T15:20:18Z GitCommit: 0e0a9d9e7a28592db489499db0294608e5fe69b8 GitDescription: v0.41.0 Platform: windows/amd64 GoVersion: go1.18.3 Compiler: gc Supported DB Schema: 4
Updated the issue link -
Thanks for opening the bug @nba1992 - I'll link this with the other windows issue and try and get you guys a solution. We're working through a backlog of tickets right now so it might be some time before we get an update here. Pull requests or a more detailed stack trace with the exact command that caused it is always welcome if you have extra bandwidth.
Thanks again
Sorry for the delay here @nba1992 -- could you try the latest version of Syft and provide the stack trace output if still seeing this issue?
I had to run a vulnerability check again today.
Built: 2022-11-17 08:20:14 +0000 UTC Schema: 5 Checksum: sha256:cc0cfd203f5f818f23f5374defc30f7b4efc48d42b14ff0b860af16724d44730 Status: valid Application: grype Version: 0.52.0 Syft Version: v0.60.3 BuildDate: 2022-11-03T17:15:32Z GitCommit: c8ddd7e218f63eb3adac1ec98ba9d8db9f3f3fec GitDescription: v0.52.0 Platform: windows/amd64 GoVersion: go1.18.7 Compiler: gc Supported DB Schema: 5
After changing the $env:SYFT_LOG_LEVEL = "debug", i found what was happening, and it seems that for syft for windows does not support files without extension. I deleted the problematic files/folder, and it finish with success.
Stacktrace:
[0000] INFO grype version: 0.52.0 [0000] DEBUG ├── buildDate: 2022-11-03T17:15:32Z [0000] DEBUG ├── compiler: gc [0000] DEBUG ├── gitCommit: c8ddd7e218f63eb3adac1ec98ba9d8db9f3f3fec [0000] DEBUG ├── gitDescription: v0.52.0 [0000] DEBUG ├── goVersion: go1.18.7 [0000] DEBUG ├── platform: windows/amd64 [0000] DEBUG ├── syftVersion: v0.60.3 [0000] DEBUG └── version: 0.52.0 [0000] DEBUG gathering packages [0000] DEBUG loading DB [0000] DEBUG indexing filesystem path="D:\" [0000] WARN unable to access path="D:\System Volume Information": open D:\System Volume Information: Access is denied.[0008] WARN unable to access path="/d/VB/crate/lib": unable to readlink for path="/d/VB/crate/lib": readlink /d/VB/crate/lib: The system cannot find the path specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/etc/os-release" : CreateFile D:\etc: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/usr/lib/os-release" : CreateFile D:\usr: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/etc/system-release-cpe" : CreateFile D:\etc: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/etc/redhat-release" : CreateFile D:\etc: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/bin/busybox" : CreateFile D:\bin: The system cannot find the file specified. [0010] INFO could not identify distro [0010] INFO cataloging directory [0010] DEBUG cataloging with "alpmdb-cataloger" [0010] DEBUG directory resolver unable to evaluate symlink for path="/etc/os-release" : CreateFile D:\etc: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/usr/lib/os-release" : CreateFile D:\usr: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/etc/system-release-cpe" : CreateFile D:\etc: The system cannot find the file specified. [0010] DEBUG directory resolver unable to evaluate symlink for path="/etc/redhat-release" : CreateFile D:\etc: The system cannot find the file specified. [0011] DEBUG directory resolver unable to evaluate symlink for path="/bin/busybox" : CreateFile D:\bin: The system cannot find the file specified. [0013] DEBUG directory resolver unable to evaluate symlink for path="D:\VB\chocolatey-tools\msys64\var\lib\pacman\local\gmp-6.2.1-1\mtree" : CreateFile D:\D:: The filename, directory name, or volume label syntax is incorrect. panic: runtime error: index out of range [0] with length 0
goroutine 36 [running]: github.com/anchore/syft/syft/pkg/cataloger/alpm.getFileReader({0xc0081270e0, 0x44}, {0x29cb570, 0xc00028ad20}) /Users/runner/go/pkg/mod/github.com/anchore/[email protected]/syft/pkg/cataloger/alpm/parse_alpm_db.go:110 +0x1a5 github.com/anchore/syft/syft/pkg/cataloger/alpm.parseAlpmDB({0x29cb570, 0xc00028ad20}, 0xc00d28ea28, {{{{0xc0080d2b90, 0x43}, {0x0, 0x0}}, {0x0, 0x0}, {0x18fdb, ...}}, ...}) /Users/runner/go/pkg/mod/github.com/anchore/[email protected]/syft/pkg/cataloger/alpm/parse_alpm_db.go:41 +0x13d github.com/anchore/syft/syft/pkg/cataloger/generic.(*Cataloger).Catalog(0xc007c22810, {0x29cb570, 0xc00028ad20}) /Users/runner/go/pkg/mod/github.com/anchore/[email protected]/syft/pkg/cataloger/generic/cataloger.go:127 +0x70e github.com/anchore/syft/syft/pkg/cataloger.Catalog({0x29cb570?, 0xc00028ad20}, 0x8?, {0xc00037ef20, 0x16, 0x0?}) /Users/runner/go/pkg/mod/github.com/anchore/[email protected]/syft/pkg/cataloger/catalog.go:54 +0x3d8 github.com/anchore/syft/syft.CatalogPackages(0xc0004fca80, {{0x1, 0x0, {0x2423d77, 0x8}}, {0x0, 0x0, 0x0}}) /Users/runner/go/pkg/mod/github.com/anchore/[email protected]/syft/lib.go:72 +0x5a5 github.com/anchore/grype/grype/pkg.syftProvider({0xc0000460b0?, 0x0?}, {0xc0006a71d0, {0x3e47a58, 0x0, 0x0}, {{0x1, 0x0, {0x2423d77, 0x8}}, ...}, ...}) /Users/runner/work/grype/grype/grype/pkg/syft_provider.go:24 +0x17e github.com/anchore/grype/grype/pkg.Provide({0xc0000460b0, 0x8}, {0xc0006a71d0, {0x3e47a58, 0x0, 0x0}, {{0x1, 0x0, {0x2423d77, 0x8}}, ...}, ...}) /Users/runner/work/grype/grype/grype/pkg/provider.go:32 +0x20c github.com/anchore/grype/cmd.startWorker.func1.2() /Users/runner/work/grype/grype/cmd/root.go:342 +0x16f created by github.com/anchore/grype/cmd.startWorker.func1 /Users/runner/work/grype/grype/cmd/root.go:339 +0x83d
Hello @spiffcs, @kzantow We got the same error for both latest and previous releases.
Error: [xxxx] DEBUG directory resolver unable to evaluate symlink for path="C:\msys64\var\lib\pacman\local\libp11-kit-0.24.1-4\mtree" : CreateFile C:\C:: The filename, directory name, or volume label syntax is incorrect. panic: runtime error: index out of range [0] with length 0
Repro steps (with choco, prev. version): run workflow with job:
Windows:
runs-on: windows-2019
steps:
- name: 'Install syft'
run: choco install syft -y
- name: 'Creating SBOM'
run: syft dir:C:/ -vv -o spdx-json=sbom.json
Logs: logs_74.zip
Repro steps (installed from sources, latest) : run workflow with job:
Windows:
runs-on: windows-2019
steps:
- name: 'Install syft'
run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b D:/syft
- name: 'Creating SBOM'
run: D:/syft/syft dir:C:/ -vv -o spdx-json=sbom.json
Logs: logs_77.zip
https://github.com/anchore/syft/pull/1366 removes the panic condition. We should start seeing sane errors again for this failure. Based on the debug log posted by @erik-bershel it looks like the directory resolver needs a look so that the symlinks are being handled correctly.
Closing this since the underlying panic has been solved. Kept the replication and steps for debugging purposes on the new #1373 issue that addresses the directory resolution error case