Comments (9)
vladimernan
commented on July 29, 2024
To add details - I'm using docker to run the scanner
from nodejsscan.
ajinabraham
commented on July 29, 2024
Can you share any logs from the app?
from nodejsscan.
vladimernan
commented on July 29, 2024
I attempted 128MB size .zip file and it was like sitting on this whole eternity, then I just cancelled the job:
[INFO] Unzipping from Zip File
[INFO] Running Static Analyzer Running on - /root/.NodeJsScan/b20fbf07031ea0aed9c657798f6fec2136b2e9647f4628ffb68f57cfc4c75e6f/
from nodejsscan.
vladimernan
commented on July 29, 2024
I ran scan on 5MB file and it returned results:
[INFO] Unzipping from Zip File
[INFO] Running Static Analyzer Running on - /root/.NodeJsScan/052c19fc061df118d6861220d835fc5c1ae478da7ffca66f1c5fa669628a4b5e/
[INFO] Static Analysis Completed!
[INFO] Saving Scan Results!
172.17.0.1 - - [16/Jun/2017 21:31:11] "POST /upload/ HTTP/1.1" 200 -
172.17.0.1 - - [16/Jun/2017 21:31:12] "GET /result/052c19fc061df118d6861220d835fc5c1ae478da7ffca66f1c5fa669628a4b5e HTTP/1.1" 301 -
172.17.0.1 - - [16/Jun/2017 21:31:18] "GET /result/052c19fc061df118d6861220d835fc5c1ae478da7ffca66f1c5fa669628a4b5e/ HTTP/1.1" 200 -
from nodejsscan.
vladimernan
commented on July 29, 2024
I have increased memory, space and added CPUs on VM, as I suspected that there were no sufficient resources to run the scan. Not sure if that fixes issue in a long run. I suspect that after adding memory and power it may take a couple of hours to scan the file of that large size.
from nodejsscan.
vladimernan
commented on July 29, 2024
Or maybe I'm too impatient?
from nodejsscan.
ajinabraham
commented on July 29, 2024
The scan time is directly promotional to the file size and sometimes regex can cause it a bit exponential. Be patient :)
from nodejsscan.
vladimernan
commented on July 29, 2024
Thanks Ajin, but I have left it overnight - and seems it definitely has some issues with handling the large files. Mine is ~128MB. Finally it erred out with the message - server responded with 0 code. Does it ring any bells? Please help, if you can. As I said I am rinning Ubuntu workstation under Virtualbox and I am using the docker container to run the NodeJsScan tool...
from nodejsscan.
ajinabraham
commented on July 29, 2024
I cannot really help until i have access to the source code or problematic file. I guess it's a regex DoS.
from nodejsscan.
Related Issues (20)
- [Feature Request] Allow configuration files HOT 1
- Not detecting any errors HOT 2
- Nodejsscan failing : Attaching logs HOT 2
- Exception on /upload/ HOT 6
- Not written in Node HOT 1
- NodeJSScan fails locally on requirements.txt step HOT 2
- Hangs on upload HOT 2
- module is stuck at pattern match HOT 1
- Feature Request: Download results file via web UI HOT 1
- Bug: Crash on what appears to be empty file HOT 3
- Javascript Framework HOT 1
- Getting json.decoder.JSONDecodeError HOT 1
- first project scan HOT 1
- Wrong nodejsscan version is displayed HOT 2
- RuntimeError: Cannot add child handler, the child watcher does not have a loop attached HOT 6
- Base image contains vulnerabilities HOT 1
- Python 3.7 is not available in the latest docker image HOT 1
- Feature Request - Google Chat Alerts
- module 'sqlalchemy' has no attribute '__all__'. Did you mean: '__file__'? HOT 2
- Error HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nodejsscan.