Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(docker): oom when scanning a dockerfile with multi-line commands and comments #7257

Open
saars-orca opened this issue Sep 15, 2024 · 1 comment
Open

bug(docker): oom when scanning a dockerfile with multi-line commands and comments #7257

saars-orca opened this issue Sep 15, 2024 · 1 comment
Labels
bug Something isn't working community Community contribution docker Docker query dockerfile

Comments

@saars-orca
Copy link

Hey,
When scanning a Dockerfile with multi-line RUN commands that contain comments, the scan hangs until the process eventually runs out of memory.

Expected Behavior

KICS should scan the Dockerfile without hanging or running out of memory.

Actual Behavior

debug.log
KICS stops printing trace logs after a few seconds and hangs, leading to the container running out of memory and crashing.

Steps to Reproduce the Problem

  1. Download "Dockerfile.txt" and rename it to "Dockerfile"
    Dockerfile.txt
  2. Run KICS: docker run -m 2G -it -v $PWD:/path checkmarx/kics:latest scan --path "/path/" --ci --log-level TRACE
    (the docker image is used to avoid running out of host memory)
  3. wait for the container to run out of memory and crash

Specifications

  • Version: v2.1.2
  • Platform: Linux AMD64/MacOS ARM64
  • Subsystem: Docker
@saars-orca saars-orca added bug Something isn't working community Community contribution labels Sep 15, 2024
@github-actions github-actions bot added docker Docker query dockerfile labels Sep 15, 2024
@saars-orca saars-orca changed the title bug(docker): OOM when scanning a Dockerfile with multi-line commands and comments bug(docker): oom when scanning a dockerfile with multi-line commands and comments Sep 15, 2024
@cx-monicac
Copy link
Collaborator

Hi @saars-orca

Thank you for bringing this bug to our attention we opened an internal bug and will work on it as soon as possible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working community Community contribution docker Docker query dockerfile
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cx-monicac @saars-orca and others