Skip to content

fix: logging level for parsing potential PE files#2367

Merged
kzantow merged 1 commit intoanchore:mainfrom
kzantow-anchore:fix/pe-logging-level
Nov 29, 2023
Merged

fix: logging level for parsing potential PE files#2367
kzantow merged 1 commit intoanchore:mainfrom
kzantow-anchore:fix/pe-logging-level

Conversation

@kzantow
Copy link
Copy Markdown
Contributor

@kzantow kzantow commented Nov 28, 2023

While looking in to an issue that a library parsing DotNET Portable Executables was writing to stdout, I noticed a number of warnings show up, for example, running:

syft --platform windows/amd64 registry:mcr.microsoft.com/windows/servercore:ltsc2019

Resulted in:

 ✔ Parsed image                                                                                           sha256:c632661e39bb365cf34bfdd943baa4ce5ba1ebdd713d790d1af0b9da20ae0bea
 ✔ Cataloged packages              [4566 packages]  
[0084]  WARN cataloger failed cataloger=dotnet-portable-executable-cataloger error=unable to parse PE file: DOS Header magic not found location=/Files/Windows/WinSxS/x86_microsoft
[0084]  WARN cataloger failed cataloger=dotnet-portable-executable-cataloger error=unable to parse PE file: DOS Header magic not found location=/Files/Windows/WinSxS/x86_microsoft
[0084]  WARN cataloger failed cataloger=dotnet-portable-executable-cataloger error=unable to parse PE file: DOS Header magic not found location=/Files/Windows/WinSxS/x86_microsoft

This PR adjusts the warnings to DEBUG level, e.g. nothing is printed by default but using the -vv option, you'd see:

...
[0083] DEBUG unable to parse PE file '/Files/Windows/WinSxS/x86_microsoft-windows-d..s-commandline-tools_31bf3856ad364e35_10.0.17763.1_none_5c764e9c11f85b2a/dsquery.exe': DOS Header magic not found
[0083] DEBUG unable to parse PE file '/Files/Windows/WinSxS/x86_microsoft-windows-d..s-commandline-tools_31bf3856ad364e35_10.0.17763.1_none_5c764e9c11f85b2a/dsrm.exe': DOS Header magic not found
...

We can see that these are just .exe files, many of which are not portable executables, so we really shouldn't be warning about them.

wagoodman
wagoodman approved these changes Nov 28, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@wagoodman wagoodman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think even the debugs should be trace logs though, since the given input is not guaranteed to be a PE file at all

@kzantow
fix: logging level for parsing potential PE files
3c36f06 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
@kzantow kzantow force-pushed the fix/pe-logging-level branch from 8189744 to 3c36f06 Compare November 29, 2023 03:32
@kzantow kzantow enabled auto-merge (squash) November 29, 2023 03:32
@kzantow kzantow merged commit f5a6b5a into anchore:main Nov 29, 2023
@kzantow kzantow deleted the fix/pe-logging-level branch November 29, 2023 05:58
@wagoodman wagoodman added the bug Something isn't working label Nov 29, 2023
@chenrui333 chenrui333 mentioned this pull request Nov 29, 2023
Merged
spiffcs added a commit to coheigea/syft that referenced this pull request Dec 5, 2023
@spiffcs
Merge branch 'main' into coheigea/yarn-licenses
09423aa 
* main: (40 commits)
  chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 (anchore#2392)
  Retrieve remote licenses using pom.properties when there is no pom.xml (anchore#2315)
  fix(java): improve identification for org.apache.tapestry artifacts (anchore#2384)
  fix(java): improve identification for io.ratpack artifacts (anchore#2379)
  fix(java): improve identification for org.apache.cassandra artifacts (anchore#2386)
  fix(java): improve identification for org.neo4j.procedure artifacts (anchore#2388)
  fix: bump fangs for ptr summarize fix (anchore#2387)
  fix(java): improve identification for org.elasticsearch artifacts (anchore#2383)
  fix(java): improve identification for org.apache.geode artifacts (anchore#2382)
  fix(java): improve identification for org.apache.tomcat.embed artifacts (anchore#2381)
  fix(java): improve identification for io.projectreactor.netty artifacts (anchore#2378)
  fix(java): improve identification for org.eclipse.platform artifacts (anchore#2349)
  Generalize UI events for cataloging tasks (anchore#2369)
  chore(deps): update tools to latest versions (anchore#2376)
  chore(deps): bump github.com/google/go-containerregistry (anchore#2377)
  chore: fix tests failing due to Mac Rosetta cache (anchore#2374)
  fix: improve dotnet portable executable identification (anchore#2133)
  fix file metadata cataloger to use resolved locations (anchore#2370)
  fix: logging level for parsing potential PE files (anchore#2367)
  only remove breaking-change label when there are schema changes (anchore#2371)
  ...

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@kzantow
fix: logging level for parsing potential PE files (anchore#2367)
34c686f 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kzantow @wagoodman