Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(misconf): Panic observed in passing of --tf-vars #7084

Closed
simar7 opened this issue Jul 2, 2024 · 1 comment · Fixed by #7109
Closed

bug(misconf): Panic observed in passing of --tf-vars #7084

simar7 opened this issue Jul 2, 2024 · 1 comment · Fixed by #7109
Assignees
@nikpivkin
Labels
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning

Comments

@simar7
Copy link
Member

simar7 commented Jul 2, 2024 

trivy  config --tf-vars config.tfvars --format json --output output.json .
2024-07-02T11:55:44-06:00	INFO	Misconfiguration scanning is enabled
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x0 pc=0x10432e91c]

goroutine 1 [running]:
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0x0, {0x108ec03d0, 0x140005fe230})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:125 +0x2c
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).EvaluateAll(0x14009146c60, {0x108ec03d0, 0x140005fe230})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/parser.go:272 +0x64
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform.(*Scanner).ScanFS(0x14002ef6300, {0x108ec03d0, 0x140005fe230}, {0x108e6ab40, 0x140047c5860}, {0x107ffa838, 0x1})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/scanner.go:199 +0x4a0
github.com/aquasecurity/trivy/pkg/misconf.(*Scanner).Scan(0x14001ce74a0, {0x108ec03d0, 0x140005fe230}, {0x108e6ab40?, 0x140028bbe00?})
	github.com/aquasecurity/trivy/pkg/misconf/scanner.go:158 +0x1bc
github.com/aquasecurity/trivy/pkg/fanal/analyzer/config.(*Analyzer).PostAnalyze(0x140003b3460, {0x108ec03d0?, 0x140005fe230?}, {{0x108e6ab40?, 0x140028bbe00?}, {0x9?, 0x0?}})
	github.com/aquasecurity/trivy/pkg/fanal/analyzer/config/config.go:45 +0x38
github.com/aquasecurity/trivy/pkg/fanal/analyzer.AnalyzerGroup.PostAnalyze({0x14002c5f9f0, {0x140026565c0, 0x3, 0x4}, {0x14003119600, 0x8, 0x8}, 0x14001ad9020}, {0x108ec03d0, 0x140005fe230}, ...)
	github.com/aquasecurity/trivy/pkg/fanal/analyzer/analyzer.go:493 +0x228
github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect({{0x16d093730, 0x1}, {0x1337ffa18, 0x14002656580}, {0x108e6aaa0, 0x10bbcecc8}, {0x14002c5f9f0, {0x140026565c0, 0x3, 0x4}, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/fanal/artifact/local/fs.go:120 +0x37c
github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact({{_, _}, {_, _}}, {_, _}, {{0x0, 0x0, 0x0}, {0x14002c5f650, ...}, ...})
	github.com/aquasecurity/trivy/pkg/scanner/scan.go:156 +0xa4
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scan(_, {_, _}, {{{0x106c852a0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:628 +0x318
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact(_, {_, _}, {{{0x106c852a0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:254 +0x9c
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanFS(_, {_, _}, {{{0x106c852a0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...})
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:199 +0xac
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).ScanFilesystem(_, {_, _}, {{{0x106c852a0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...})
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:179 +0x1b8
github.com/aquasecurity/trivy/pkg/commands/artifact.Run({_, _}, {{{0x106c852a0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, {0x14001d11c50, ...}, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:364 +0x424
github.com/aquasecurity/trivy/pkg/commands.NewConfigCommand.func2(0x14001faf208, {0x140002d7c00, 0x1, 0x7})
	github.com/aquasecurity/trivy/pkg/commands/app.go:711 +0x294
github.com/spf13/cobra.(*Command).execute(0x14001faf208, {0x140002d7b20, 0x7, 0x7})
	github.com/spf13/[email protected]/command.go:983 +0x840
github.com/spf13/cobra.(*Command).ExecuteC(0x1400064bb08)
	github.com/spf13/[email protected]/command.go:1115 +0x344
github.com/spf13/cobra.(*Command).Execute(0x106ce4973?)
	github.com/spf13/[email protected]/command.go:1039 +0x1c
main.run()
	github.com/aquasecurity/trivy/cmd/trivy/main.go:39 +0x124
main.main()
	github.com/aquasecurity/trivy/cmd/trivy/main.go:19 +0x20
@simar7 simar7 added kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning labels Jul 2, 2024
@mdirkse
Copy link

mdirkse commented Jul 3, 2024

I observe the same behaviour if I pass in a tf-vars file that doesn't exist.

@nikpivkin nikpivkin self-assigned this Jul 8, 2024
@nikpivkin nikpivkin mentioned this issue Jul 8, 2024
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikpivkin nikpivkin

Labels
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(misconf): do not evaluate TF when a load error occurs nikpivkin/trivy
3 participants
@mdirkse @simar7 @nikpivkin