search

wordfence / wordfence-cli

Wordfence malware and vulnerability scanner command line utility.
https://www.wordfence.com/products/wordfence-cli/
GNU General Public License v3.0
100 stars 20 forks source link

Error: 'bytes' object has no attribute 'encode' #263

Closed akenion closed 1 month ago

akenion commented 1 month ago

This error can occur when running both malware-scan and vuln-scan. Further investigation is needed to determine exactly where this is occurring.

First reported at https://github.com/wordfence/wordfence-cli/issues/259#issuecomment-2228435862.

akenion commented 1 month ago

@youradds could you try running the command that resulted in this error again using the --debug option and provide the stack trace? That will help us identify where the error is occurring so we can address it.

youradds commented 1 month ago

NP. I'll start one now. It takes a long while to run due to the number of files but I'll post once it gets to the point of dying

youradds commented 1 month ago

@akenion here is the final output before it died:

File locator process exited
All workers have completed and all results have been processed.
1813099 file(s) were skipped as they did not match the configured include patterns. Use --include-all-files (or -a) to include all files in the scan.
Found 1 suspicious file(s) after processing 137634 file(s) containing 4.0 GiB over 13120 second(s)
Traceback (most recent call last):
  File "/usr/local/bin/wordfence", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/cli.py", line 193, in main
    exit_code = invoke_cli()
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/cli.py", line 187, in invoke_cli
    return exception_handler.process_exception(exception)
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/cli.py", line 43, in process_exception
    raise exception
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/cli.py", line 185, in invoke_cli
    return cli.invoke()
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/cli.py", line 178, in invoke
    return subcommand.invoke()
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/malwarescan/malwarescan.py", line 392, in invoke
    report.complete()
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/reporting.py", line 493, in complete
    self.send_emails()
  File "/usr/local/lib/python3.10/dist-packages/wordfence/cli/reporting.py", line 478, in send_emails
    attachment = MIMEApplication(
  File "/usr/lib/python3.10/email/mime/application.py", line 34, in __init__
    MIMENonMultipart.__init__(self, 'application', _subtype, policy=policy,
  File "/usr/lib/python3.10/email/mime/base.py", line 29, in __init__
    self.add_header('Content-Type', ctype, **_params)
  File "/usr/lib/python3.10/email/message.py", line 540, in add_header
    parts.append(_formatparam(k.replace('_', '-'), v))
  File "/usr/lib/python3.10/email/message.py", line 59, in _formatparam
    value.encode('ascii')
AttributeError: 'bytes' object has no attribute 'encode'. Did you mean: 'decode'?
akenion commented 1 month ago

Thanks @youradds, that's exactly what I needed. It looks like it's occurring in the email logic. We'll get this fixed in a patch release soon.

davidnuzik commented 1 month ago

v4.0.3rc1 (7/16/2024)

SUMMARY: QA validation PASSED. I learned specifically what triggers the issue and then successfully reproduced and then validated the fix with v4.0.3rc1.

This was not caught prior because it requires passing both the --email arg and also the --output-path arg and such a test is not yet in our test plan or automation suite. This will be corrected so this is checked for any regression going forward. I have since learned more about the email capability (attachments, etc) and increased test coverage in this area.

REPRODUCTION STEPS

  1. Using v4.0.2, attempt to malware-scan or vuln-scan an applicable directory -- there does not need to be one or more non-ascii files on disk that will get scanned. The subcommand should include the --email argument and also the --output-path argument so a file is output as well as an email sent (with output file attachment). Both args must be passed or the issue will not occur.
  2. I successfully reproduced. Traceback intentionally not included below to save space. AttributeError: 'bytes' object has no attribute 'encode'. Did you mean: 'decode'?

VALIDATION STEPS

  1. Follow the reproduction steps and test again but with v4.0.3rc1 -- the issue indeed does not occur.
  2. Test a few similar commands with different options for the args. The issue still does not occur (the issue is indeed fixed).

NOTES Also ran current automation test suite and smoke tested malware-scan, vuln-scan, and remediate (they all offer the --email arg other subcommands do not use the arg). No issues observed.

youradds commented 1 month ago

@akenion thanks - I've applied to changes to my install, and will let it run on its cron later (rather than risk it clashing). I'll post my outcome later - but it looks like it should do the job

youradds commented 1 month ago

Sorry for the late reply - this has fixed the problem :) Thanks for sorting that so quickly!