search

eliasgranderubio / dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Apache License 2.0
1.15k stars 160 forks source link

Vuln --init fails #85

Closed yyosioka closed 3 years ago

yyosioka commented 4 years ago

I ran the docker-compose.yml file and got this.

The execution result is as follows. dagda1

$docker exec -it dagda python3 dagda.py vuln --init The execution result is as follows. dagda2

$ docker exec -it dagda python3 dagda.py vuln --init_status

It will fail with an error. dagda3

the following information:

OS: [Ubuntu] OS Version: [18.0.4] Python version: [Python 3.6.9] Docker version [Docker version 19.03.12]

groboclown commented 4 years ago

This is because the code pulls the file https://www.redhat.com/security/data/oval/rhsa.tar.bz2, which is now deprecated and empty. This causes the retrieved lists to be empty, and MongoDB fails to insert the empty list.

The short-term patch is to add a check condition in mongodb_driver.py that does a simple "if" check to ensure the lists aren't empty on insert. One longer-term fix is to switch the URL to the now recommended OVAL single XML file bundle, as described at https://www.redhat.com/security/data/metrics/. This requires a bit more work.

eliasgranderubio commented 3 years ago

I've just updated Dagda to work with Python 3.8.