--from-json allows reading from device files using a significant amount of memory

aboutcode-org / scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

2.14k stars 552 forks source link

Description

Related to #3588, #3589, #3590, #3591, #3592

--from-json allows reading from device files such as /dev/zero causing scancode to use quite a bit of memory.

How To Reproduce

$ ./scancode --from-json /dev/zero --yaml /tmp/scancode.yaml
Setup plugins...
Collect file inventory...
Terminated

System configuration

For bug reports, it really helps us to know:

What OS are you running on? (Windows/MacOS/Linux)
What version of scancode-toolkit was used to generate the scan file?
What installation method was used to install/run scancode? (pip/source download/other)

aboutcode-org / scancode-toolkit