trivy icon indicating copy to clipboard operation
trivy copied to clipboard
Published 3 weeks ago verified publisher icon aquasecurity

Trivy filesystem scan failing for Windows os filesystem

Open nimish-salve opened this issue 3 years ago • 1 comments

Description

Trivy filesystem scan failing for Windows filesystem.

Trivy scan command:

trivy --debug --insecure --security-checks vuln --cache-dir /home/ubuntu/cachedir fs --timeout 10m0s -f json -o result.json --list-all-pkgs /home/ubuntu/volume/

Output of run with -debug:

2022-12-02T06:14:26.466Z	[35mDEBUG[0m	Severities: ["UNKNOWN" "LOW" "MEDIUM" "HIGH" "CRITICAL"] 
2022-12-02T06:14:26.468Z	[35mDEBUG[0m	cache dir: /home/ubuntu/cachedir 
2022-12-02T06:14:26.468Z	[35mDEBUG[0m	Skipping DB update... 
2022-12-02T06:14:26.468Z	[35mDEBUG[0m	DB Schema: 2, UpdatedAt: 2022-12-02 06:07:11.026905187 +0000 UTC, NextUpdate: 2022-12-02 12:07:11.026904487 +0000 UTC, DownloadedAt: 2022-12-02 06:10:56.724306839 +0000 UTC 
2022-12-02T06:14:26.469Z	[34mINFO[0m	Vulnerability scanning is enabled 
2022-12-02T06:14:26.469Z	[35mDEBUG[0m	Vulnerability type:  [os library] 
2022-12-02T06:15:22.383Z	[31mFATAL[0m	filesystem scan error:
github.com/aquasecurity/trivy/pkg/commands/artifact.Run         /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:374   
- scan error:     github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact         /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:230   
- scan failed:     github.com/aquasecurity/trivy/pkg/commands/artifact.scan         /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:544   
- failed analysis:     github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact         /home/runner/work/trivy/trivy/pkg/scanner/scan.go:127   
- walk filesystem:     github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect         /home/runner/work/trivy/trivy/pkg/fanal/artifact/local/fs.go:104   
- walk error:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:60   
- unknown error with /home/ubuntu/volume:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54  
- unknown error with /home/ubuntu/volume/Windows:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54  
- unknown error with /home/ubuntu/volume/Windows/assembly:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54  
- unknown error with /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54   
- unknown error with /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64/System.Serv759bfb78#:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54
- unknown error with /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64/System.Serv759bfb78#/065c68c5df73d6d3fe1af0c906703dcf:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54
- lstat /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64/System.Serv759bfb78#/065c68c5df73d6d3fe1af0c906703dcf/System.ServiceProcess.ni.dll: input/output error

same issue on different fs: (all other call stack is same as above)

- lstat /home/ubuntu/volume/ProgramData/Microsoft/Windows Defender/Platform/4.18.2011.5-0/bs-Latn-BA/mpuxagent.dll.mui: input/output error

- lstat /home/ubuntu/volume/Program Files/WindowsApps/Microsoft.UI.Xaml.2.1_2.11906.6001.0_x64__8wekyb3d8bbwe/Microsoft.UI.Xaml.dll: input/output error

Output of trivy -v:

Version: 0.32.0

Additional details (base image name, container registry info...):

Base OS: Ubuntu: 22.04 Jammy Jellyfish FIlesystem being scanned: Windows (Dont know exact version) I mount disk containing Windows OS on ubuntu and perform a filesystem scan.

nimish-salve avatar Dec 02 '22 16:12 nimish-salve

This issue is stale because it has been labeled with inactivity.

github-actions[bot] avatar Feb 01 '23 00:02 github-actions[bot]

This issue is stale because it has been labeled with inactivity.

github-actions[bot] avatar Apr 27 '23 00:04 github-actions[bot]

Similar issue. 0.38.3 - version works fine. "0.39.1" and "0.40.0" - fails. But.. on onther project trivy fs files scan - wortks fine with "0.40.0" version.

vdrasutis avatar Apr 27 '23 10:04 vdrasutis

check https://github.com/golang/go/issues/21782 and this https://github.com/spf13/afero/pull/302

Also you need to check ON WINDOWS whether files in the question are hard/soft links
see Hard links and junctions and/or status of FS

g41797 avatar May 22 '23 11:05 g41797