Crash on using timeout in config file

[andyshinn]

Found a bug? You're welcome to

• Please make sure to:
  • Describe in details what the problem is
  • Attach a log file with relevant data preferably in DEBUG level (--log-level=DEBUG)
  • Attach the scanned sample files, anonymize the data if the original file cannot be provided
  • When attaching files to the issue make sure they are properly formatted

Expected Behavior

(Which results are expected from KICS?)

Do not crash when timeout specified in config.

Actual Behavior

(Formatted logs and samples helps us to better understand the issue)

Crashes when timeout specified in config:

❯ cat .kics-config.yml 
verbose: false
log-path: kics.log
no-color: false
output-path: kics-results
cloud-provider: aws
timeout: 120

❯ docker run -it -w /$PWD -v $PWD:/$PWD checkmarx/kics:v1.5.8 scan -p . --config .kics-config.yml --ci
7:11PM INF Scanning with Keeping Infrastructure as Code Secure v1.5.8
7:11PM INF Operating system: linux
7:11PM INF Total memory: 3.8G
7:11PM ERR failed to get CPU error="open /sys/fs/cgroup/cpu/cpu.cfs_quota_us: no such file or directory"
7:11PM INF Total files in the project: 4492
7:11PM INF Loading queries of type: terraform, dockerfile, ansible
7:11PM INF Inspector initialized, number of queries=596
7:11PM INF Query execution timeout=2m0s
Error: failed to inspect secrets: context deadline exceeded
panic: send on closed channel

goroutine 373 [running]:
github.com/Checkmarx/kics/pkg/kics.(*Service).StartScan(0xc0003e0e70, {0x86b2f58, 0xc00013c000}, {0x78c00b2, 0x7}, 0x0?, 0xc002b61700, 0x0?)
        /app/pkg/kics/service.go:96 +0x1ac
created by github.com/Checkmarx/kics/pkg/scanner.StartScan
        /app/pkg/scanner/scanner.go:67 +0x18e

If I remove timeout: 120 from the config it works fine.

The DEBUG log is very large. Let me know if it is needed. It has a log of the following in the debug log for working and non-working logs:

7:17PM DBG Error trying to eval data source block.
7:17PM DBG Error trying to eval data source block.
7:17PM DBG Error trying to eval data source block.
7:17PM DBG Error trying to eval data source block.

Steps to Reproduce the Problem

(Command line arguments and flags used)

1. Set timeout: 120 in config file.
2. Run using docker run -it -w /$PWD -v $PWD:/$PWD checkmarx/kics:v1.5.8 scan -p . --config .kics-config.yml --ci

Specifications

(N/A if not applicable)

• Version: 1.5.8
• Platform: macOS 12.4
• Subsystem: Docker Desktop 4.7.0 (77141)

[cxlucas]

Hi Andry,
First of all, thanks very much for reporting this bug.

I have replicated it here and at the moment, the information that you sent is enough.
We are going to create a task to solve this issue, and as soon as we have it done, I will let you know 😃.

Thanks,
Lucas.

[joaorufi]

Hi @andyshinn, thanks for the issue

Is it possible for you to send us the code sample that you are using to run Kics ?

[andyshinn]

The project is really large and potentially has secrets. I will first try to make a smaller project to reproduce. I can try this next week.