trufflehog icon indicating copy to clipboard operation
trufflehog copied to clipboard
verified publisher icon trufflesecurity

Error unarchiving chunk

Open rotciw opened this issue 2 years ago • 7 comments

TruffleHog Version

3.61.0

Trace Output

https://gist.github.com/rotciw/e8843c9e042b2f151552808d939abe5c

Expected Behavior

Trufflehog correctly extract to find secret in the file

Actual Behavior

Got error unarchiving chunk and invalid header error. Fails to find the secret.

Steps to Reproduce

Environment

Docker image: trufflesecurity/trufflehog:3.61.0

Additional Context

Works on 3.60.4, but updating breaks the scan.

References

  • #1319

rotciw avatar Oct 30 '23 15:10 rotciw

Got error unarchiving chunk and invalid header error. Fails to find the secret. ... Works on 3.60.4, but updating breaks the scan.

Are you sure that these files contain secrets and that they were detected in v3.60.4? There was a bug preventing binary files from being scanned that was fixed in v3.61.0, meaning that the files in your trace wouldn't have been scanned in v3.60.4.

rgmz avatar Oct 30 '23 18:10 rgmz

I see, it would make sense that these files were not scanned in v3.60.4 then. However, that means the new binary files scan in v3.61.0 crashes when there are too many error unarchiving chunk, which ultimately kills the process with the last logs being:

"msg": "error unarchiving chunk.",
"error": "context deadline exceeded"

How could I solve an error like that?

rotciw avatar Oct 31 '23 07:10 rotciw

Im also facing the same issue

keertana1 avatar Nov 13 '23 13:11 keertana1

We are also facing the same issue.

AyoubOukh avatar Dec 11 '23 11:12 AyoubOukh

Hi @rotciw thanks for opening this issue. If you are still experiencing a problem would you mind providing a sample file or repo we could test against?

zricethezav avatar Feb 23 '24 16:02 zricethezav

It seems like it does complete without crashing using the newest version, which is good 😄 There application still reports issues with the same error message: error unarchiving chunk, but does provide a better error message.

Seems like the issues are zipped files, for example we have this zip file in one of our repos which renders the same error message as initially reported.

rotciw avatar Feb 26 '24 09:02 rotciw

I got the following in a filesystem check where it seemed like it had just stalled, but I left it long enough (many minutes with no logging output) and it continued.

{"level":"error","ts":"2024-05-17T20:21:49-07:00","logger":"trufflehog","msg":"error unarchiving chunk.","source_manager_worker_id":"I3U3N","unit":"/home/(user)/go/pkg/mod/github.com/vbatts/[email protected]/archive/tar/testdata/gnu-incremental.tar","unit_kind":"unit","timeout":30,"error":"error extracting archive with format: .tar: handling file: test2/sparse: context deadline exceeded"}

Looks like this should contain the file: https://github.com/vbatts/tar-split/releases

daveoconnor avatar May 18 '24 03:05 daveoconnor