search

docker / scout-cli

Docker Scout CLI
https://docker.com/products/docker-scout
Other
252 stars 60 forks source link

Segfault for 1.0.9 #66

Closed thbley closed 7 months ago

thbley commented 8 months ago

Reproduce (segfault in 1.0.9, no error in 1.0.8):

mkdir -p $HOME/.docker/cli-plugins
wget -q -O/tmp/scout.tgz https://github.com/docker/scout-cli/releases/download/v1.0.9/docker-scout_1.0.9_linux_amd64.tar.gz
tar xvzf /tmp/scout.tgz -C $HOME/.docker/cli-plugins/ docker-scout
echo ${{ secrets.DOCKER_PAT }} | docker login -u ${{ secrets.DOCKER_USER }} --password-stdin
git clone --depth=1 --branch=master git@github.com:thbley/php_frameworkless.git
cd php_frameworkless/
docker scout cves -e --locations fs://.
    ✓ File system read
    ✓ Indexed 70 packages
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1c2c561]

goroutine 1 [running]:
github.com/docker/scout-cli-plugin/internal/dso.(*DSO).VexStatements(0xc0002903c0, {0x2b83758, 0xc000f421e0}, 0xc00077c840)
        /home/runner/work/scout-cli-plugin/scout-cli-plugin/internal/dso/dso.go:85 +0x41
github.com/docker/scout-cli-plugin/cves.(*Lister).FromSBOM(0xc00034c7f0, {0x2b83758, 0xc000f421e0}, _, {{0x3d4fe20, 0x0, 0x0}, {0x3d4fe20, 0x0, 0x0}, ...})
        /home/runner/work/scout-cli-plugin/scout-cli-plugin/cves/cves.go:76 +0xfc
github.com/docker/scout-cli-plugin/internal/commands/cves.NewCmd.func2(0xc000005800?, {0xc000a0ac60?, 0x1?, 0x3?})
        /home/runner/work/scout-cli-plugin/scout-cli-plugin/internal/commands/cves/cves.go:231 +0xb18
github.com/spf13/cobra.(*Command).execute(0xc000005800, {0xc00071e660, 0x3, 0x3})
        /home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:940 +0x87c
github.com/spf13/cobra.(*Command).ExecuteC(0xc000a18300)
        /home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x3a5
github.com/spf13/cobra.(*Command).Execute(...)
        /home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992
github.com/docker/cli/cli-plugins/plugin.RunPlugin(0x970c49?, 0xc000004c00, {{0x215dc84, 0x5}, {0x21870ff, 0xb}, {0xc0008e72d4, 0x6}, {0x2193e8f, 0xc}, ...})
        /home/runner/go/pkg/mod/github.com/docker/cli@v24.0.5+incompatible/cli-plugins/plugin/plugin.go:51 +0x12a
main.runPlugin(0x220e72d?)
        /home/runner/work/scout-cli-plugin/scout-cli-plugin/cmd/docker-scout/main.go:29 +0x14c
main.main()
        /home/runner/work/scout-cli-plugin/scout-cli-plugin/cmd/docker-scout/main.go:53 +0x118

env:

cat /etc/issue
Ubuntu 22.04.3 LTS

uname -a
Linux tb 6.2.0-35-generic #35~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Oct  6 10:23:26 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
cdupuis commented 8 months ago

Thanks for raising this. This has been fixed already and we'll release a new version soon.