Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trivy filesystem scan failing for Windows os filesystem #3259

Open
nimish-salve opened this issue Dec 2, 2022 · 4 comments
Open

Trivy filesystem scan failing for Windows os filesystem #3259

nimish-salve opened this issue Dec 2, 2022 · 4 comments
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/bug Categorizes issue or PR as related to a bug. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor.

Comments

@nimish-salve
Copy link

nimish-salve commented Dec 2, 2022
edited
Loading

Description

Trivy filesystem scan failing for Windows filesystem.

Trivy scan command:

trivy --debug --insecure --security-checks vuln --cache-dir /home/ubuntu/cachedir fs --timeout 10m0s -f json -o result.json --list-all-pkgs /home/ubuntu/volume/

Output of run with -debug:

2022-12-02T06:14:26.466Z	�[35mDEBUG�[0m	Severities: ["UNKNOWN" "LOW" "MEDIUM" "HIGH" "CRITICAL"] 
2022-12-02T06:14:26.468Z	�[35mDEBUG�[0m	cache dir: /home/ubuntu/cachedir 
2022-12-02T06:14:26.468Z	�[35mDEBUG�[0m	Skipping DB update... 
2022-12-02T06:14:26.468Z	�[35mDEBUG�[0m	DB Schema: 2, UpdatedAt: 2022-12-02 06:07:11.026905187 +0000 UTC, NextUpdate: 2022-12-02 12:07:11.026904487 +0000 UTC, DownloadedAt: 2022-12-02 06:10:56.724306839 +0000 UTC 
2022-12-02T06:14:26.469Z	�[34mINFO�[0m	Vulnerability scanning is enabled 
2022-12-02T06:14:26.469Z	�[35mDEBUG�[0m	Vulnerability type:  [os library] 
2022-12-02T06:15:22.383Z	�[31mFATAL�[0m	filesystem scan error:
github.com/aquasecurity/trivy/pkg/commands/artifact.Run         /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:374   
- scan error:     github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact         /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:230   
- scan failed:     github.com/aquasecurity/trivy/pkg/commands/artifact.scan         /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:544   
- failed analysis:     github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact         /home/runner/work/trivy/trivy/pkg/scanner/scan.go:127   
- walk filesystem:     github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect         /home/runner/work/trivy/trivy/pkg/fanal/artifact/local/fs.go:104   
- walk error:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:60   
- unknown error with /home/ubuntu/volume:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54  
- unknown error with /home/ubuntu/volume/Windows:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54  
- unknown error with /home/ubuntu/volume/Windows/assembly:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54  
- unknown error with /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54   
- unknown error with /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64/System.Serv759bfb78#:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54
- unknown error with /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64/System.Serv759bfb78#/065c68c5df73d6d3fe1af0c906703dcf:     github.com/aquasecurity/trivy/pkg/fanal/walker.FS.Walk.func2         /home/runner/work/trivy/trivy/pkg/fanal/walker/fs.go:54
- lstat /home/ubuntu/volume/Windows/assembly/NativeImages_v4.0.30319_64/System.Serv759bfb78#/065c68c5df73d6d3fe1af0c906703dcf/System.ServiceProcess.ni.dll: input/output error

same issue on different fs: (all other call stack is same as above)

- lstat /home/ubuntu/volume/ProgramData/Microsoft/Windows Defender/Platform/4.18.2011.5-0/bs-Latn-BA/mpuxagent.dll.mui: input/output error

- lstat /home/ubuntu/volume/Program Files/WindowsApps/Microsoft.UI.Xaml.2.1_2.11906.6001.0_x64__8wekyb3d8bbwe/Microsoft.UI.Xaml.dll: input/output error

Output of trivy -v:

Version: 0.32.0

Additional details (base image name, container registry info...):

Base OS: Ubuntu: 22.04 Jammy Jellyfish
FIlesystem being scanned: Windows (Dont know exact version)
I mount disk containing Windows OS on ubuntu and perform a filesystem scan.
@nimish-salve nimish-salve added the kind/bug Categorizes issue or PR as related to a bug. label Dec 2, 2022
@github-actions
Copy link

github-actions bot commented Feb 1, 2023

This issue is stale because it has been labeled with inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Feb 1, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Feb 22, 2023
@itaysk itaysk removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Feb 25, 2023
@itaysk itaysk reopened this Feb 25, 2023
@github-actions
Copy link

This issue is stale because it has been labeled with inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Apr 27, 2023
@vdrasutis
Copy link

Similar issue.
0.38.3 - version works fine.
"0.39.1" and "0.40.0" - fails.
But.. on onther project trivy fs files scan - wortks fine with "0.40.0" version.

@itaysk itaysk removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Apr 29, 2023
@knqyf263 knqyf263 added help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. labels May 8, 2023
@g41797
Copy link

g41797 commented May 22, 2023

check golang/go#21782 and this spf13/afero#302

Also you need to check ON WINDOWS whether files in the question are hard/soft links
see Hard links and junctions and/or status of FS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/bug Categorizes issue or PR as related to a bug. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@itaysk @knqyf263 @vdrasutis @g41797 @nimish-salve