Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reverse conversion of metadata mode is broken #2886

Open
Rupikz opened this issue May 20, 2024 · 4 comments
Open

Reverse conversion of metadata mode is broken #2886

Rupikz opened this issue May 20, 2024 · 4 comments
Assignees
@spiffcs
Labels
bug Something isn't working

Comments

@Rupikz
Copy link

Rupikz commented May 20, 2024

What happened:

Syft generate sbom for type files.metadata.mode more than int32. fs.ModeDir by default equal "20000000000"

syft/syft/format/syftjson/to_format_model.go

Line 155 in 1bec1fc

mode, err = strconv.Atoi(fmt.Sprintf("%o", metadata.Mode()))

But reverse conversion just reset to zero all files with type "Directory":

syft/syft/format/syftjson/to_syft_model.go

Lines 139 to 141 in 1bec1fc

if val < math.MinInt32 || val > math.MaxInt32 {
// Value is out of the range that int32 can represent
return 0, fmt.Errorf("value %d is out of the range that int32 can represent", val)

What you expected to happen:

Syft should convert correctly files.metadata.mode (example: "20000000777") instead of just equating to 0

Environment:

  • Output of syft version:
    Application: syft
    Version: 1.4.1
    BuildDate: 2024-05-09T19:45:46Z
    GitCommit: c200896
    GitDescription: v1.4.1
    Platform: darwin/amd64
    GoVersion: go1.21.9
    Compiler: gc
  • OS (e.g: cat /etc/os-release or similar): macOS 14.4.1
@Rupikz Rupikz added the bug Something isn't working label May 20, 2024
@tgerla
Copy link
Contributor

tgerla commented May 30, 2024

Hi @Rupikz, thanks for the report! Do you have an image or container and a sequence of conversions that can be used to reproduce this? That would be very helpful for us to solve the problem. Thanks.

@Rupikz
Copy link
Author

Rupikz commented Jun 3, 2024

Thanks for the reply.

You can use "vulhub/spring-security" image to reproduce this.

After execute command:

SYFT_FILE_METADATA_SELECTION=all syft vulhub/spring-security:5.6.3 -o syft-json=new.json && syft convert new.json -o syft-json=converted.json

Syft print too many warnings:

 ✔ Loaded image                                                                                                                                                                                           vulhub/spring-security:5.6.3
 ✔ Parsed image                                                                                                                                                sha256:ce8a41189a055e3a59e21cc7b377c3e2aa766e7bdaf0b10ecd0ad05cc6c9c312
 ✔ Cataloged contents                                                                                                                                                 88167988b3d238cbe343f7c4e00116825e5827dab707679b1915fa8dfc2c9870
   ├── ✔ Packages                        [115 packages]  
   ├── ✔ File digests                    [1,630 files]  
   ├── ✔ File metadata                   [1,896 locations]  
   └── ✔ Executables                     [205 executables]  
A newer version of syft is available for download: 1.5.0 (installed version is 1.4.1)
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/alsa/ucm/tegraalc5632" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of t
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int3
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys/aarch64" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the ra
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys/armhf" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the rang
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys/ppc64le" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the ra
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys/s390x" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the rang
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys/x86" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range 
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/apk/keys/x86_64" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the ran
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/ca-certificates" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of the ran
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/ca-certificates/mozilla" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/man" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int3
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/misc" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/p11-kit" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of the range that 
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/usr/share/p11-kit/modules" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of the ran
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of the range that int32 can repr
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/cache" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of the range that int32 ca
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/cache/apk" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int3
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/cache/misc" Layer="sha256:ceaf9e1ebef5f9eaa707a838848a3c13800fcf32d7757be10d4b08fb85f1bc8a"> mode='': value 20000000755 is out of the range that int
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/empty" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000555 is out of the range that int32 ca
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/lib" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 can 
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/lib/apk" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/lib/misc" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/lib/udhcpd" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/local" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 ca
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/lock" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 can
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/lock/subsys" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that in
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/log" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 can 
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/opt" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 can 
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/spool" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int32 ca
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/spool/cron" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20000000755 is out of the range that int
[0000]  WARN invalid mode found in file catalog @ location=Location<RealPath="/var/tmp" Layer="sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"> mode='': value 20004000777 is out of the range that int32 can 
A newer version of syft is available for download: 1.5.0 (installed version is 1.4.1)

And if check final sbom, all files with type metadata.type=Directory have mode=0

@Rupikz
Copy link
Author

Rupikz commented Jun 5, 2024

Related PR #2605

@spiffcs spiffcs self-assigned this Jun 5, 2024
@spiffcs
Copy link
Contributor

spiffcs commented Jun 5, 2024

Thanks @Rupikz - let me take a look at that old PR and see if I can make some time to get a fix in for this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spiffcs spiffcs

Labels
bug Something isn't working
Projects
OSS
Status: No status
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tgerla @spiffcs @Rupikz