Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error unarchiving chunk: input type must be an io.ReaderAt and io.Seeker because of zip format constraints #2378

Closed
rgmz opened this issue Feb 4, 2024 · 4 comments
Closed

error unarchiving chunk: input type must be an io.ReaderAt and io.Seeker because of zip format constraints #2378

rgmz opened this issue Feb 4, 2024 · 4 comments
Labels
bug

Comments

@rgmz
Copy link
Contributor

rgmz commented Feb 4, 2024

Please review the Community Note before submitting

TruffleHog Version

Trace Output

2024-02-04T17:35:52-05:00       error   trufflehog      error unarchiving chunk.        {"source_manager_worker_id": "g9Nv6", "repo": "https://github.com/intel-cloud/cosbench.git", "commit": "380218a", "path": "0.3.1.0.zip", "timeout": 30, "error": "handling file 69: 0.3.1.0/ext/libs/com.springsource.org.apache.commons.codec-1.3.0.jar: input type must be an io.ReaderAt and io.Seeker because of zip format constraints"}

Expected Behavior

It should be possible to scan nested zip files.

Actual Behavior

Scanning zip files inside of other archives appears to fail.

Steps to Reproduce

Scan a zip or other archive that contains other zip files.

Environment

N/A

Additional Context

https://github.com/mholt/archiver/blob/81f9e06b11ad6ba424f8311c0bc18ceb01f2b67a/zip.go#L182

References

N/A
@rgmz rgmz added the bug label Feb 4, 2024
@rgmz
Copy link
Contributor Author

rgmz commented Feb 6, 2024
edited
Loading

@ahrav according to git bisect, #2253 broke scanning nested archives (or at least zip files nested inside of other archives). Any thoughts on how we could resolve this? Could the logic be tweaked while preserving some optimizations?

$ git bisect start
$ git bisect good <old-commit>
$ git bisect bad
$ git bisect run /tmp/bisect_script.sh
...
commit 39f0310f1f02a05cf12c1c8ac358fedbbd15b848
Author: ahrav <>
Date:   Fri Dec 22 07:41:54 2023 -0800

    [fixup] -  Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup (#2253)

 main.go                    | 30 ++++++++++++++++++++++++++++--
 pkg/cleantemp/cleantemp.go | 25 -------------------------
 pkg/engine/engine.go       |  5 +++++
 pkg/handlers/archive.go    |  7 +------
 pkg/sources/git/git.go     | 23 +----------------------
 5 files changed, 35 insertions(+), 55 deletions(-)
bisect found first bad commit
script code 
 #!/bin/sh

~/sdk/go1.21.0/bin/go build || exit 125   # an exit code of 125 asks "git bisect"
         # to "skip" the current commit

# run the application and check that it produces good output
./trufflehog filesystem /tmp/0.3.1.0.zip --only-verified 2>&1 | grep -q "input type must be an io.ReaderAt and io.Seeker because of zip format constraints"

if [ $? -eq 0 ]; then
    exit 1
else
    exit 0
fi

@rgmz rgmz mentioned this issue Feb 9, 2024
Closed
2 tasks
@rgmz rgmz mentioned this issue Feb 27, 2024
Open
@matazr
Copy link

matazr commented May 22, 2024

I still run to this issue with different versions using github scanner

@ahrav
Copy link
Collaborator

ahrav commented May 22, 2024

I still run to this issue with different versions using github scanner

Hey @matazr could you provide the error you are getting along with the scanner version you are using?

@rgmz
Copy link
Contributor Author

rgmz commented Jun 13, 2024

This was fixed by the handler refactor.

@rgmz rgmz closed this as completed Jun 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Partially revert #2253 rgmz/trufflehog
3 participants
@ahrav @rgmz @matazr