njsscan not running properly on MaC

Question

njsscan not running properly on MaC

rohitcoderCdefense opened this issue 3 years ago · 3 comments

rohitcoderCdefense commented 3 years ago

Last login: Thu May 12 11:40:12 on ttys003
rohitcoder@Rohits-MacBook-Pro ~ % njsscan /Users/rohitcoder/Desktop/CloudDefense/dvna
- Pattern Match ████████████████████████████████████████████████████████████ 148
Exception in thread Thread-1:
Traceback (most recent call last):
  File "/opt/homebrew/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/threading.py", line 973, in _bootstrap_inner
    self.run()
  File "/opt/homebrew/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/threading.py", line 910, in run
    self._target(*self._args, **self._kwargs)
  File "/opt/homebrew/lib/python3.9/site-packages/libsast/common.py", line 45, in myrunner
    ret[0] = function(*args, **kwargs)
  File "/opt/homebrew/lib/python3.9/site-packages/libsast/core_sgrep/helpers.py", line 43, in invoke_semgrep
    ) = semgrep_main.main(
  File "/opt/homebrew/lib/python3.9/site-packages/semgrep/semgrep_main.py", line 258, in main
    (rule_matches_by_rule, semgrep_errors, all_targets, profiling_data,) = CoreRunner(
  File "/opt/homebrew/lib/python3.9/site-packages/semgrep/core_runner.py", line 414, in invoke_semgrep
    ) = self._run_rules_direct_to_semgrep_core(rules, target_manager, profiler)
  File "/opt/homebrew/lib/python3.9/site-packages/semgrep/core_runner.py", line 358, in _run_rules_direct_to_semgrep_core
    core_run = sub_run(
  File "/opt/homebrew/lib/python3.9/site-packages/semgrep/util.py", line 139, in sub_run
    result = subprocess.run(cmd, **kwargs)  # nosem: python.lang.security.audit.dangerous-subprocess-use.dangerous-subprocess-use
  File "/opt/homebrew/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/subprocess.py", line 505, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/opt/homebrew/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/subprocess.py", line 951, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "/opt/homebrew/Cellar/python@3.9/3.9.12/Frameworks/Python.framework/Versions/3.9/lib/python3.9/subprocess.py", line 1821, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
OSError: [Errno 8] Exec format error: '/opt/homebrew/lib/python3.9/site-packages/semgrep/bin/semgrep-core'
- Semantic Grep  7
Traceback (most recent call last):
  File "/opt/homebrew/bin/njsscan", line 8, in <module>
    sys.exit(main())
  File "/opt/homebrew/lib/python3.9/site-packages/njsscan/__main__.py", line 72, in main
    scan_results = NJSScan(
  File "/opt/homebrew/lib/python3.9/site-packages/njsscan/njsscan.py", line 44, in scan
    result = scanner.scan()
  File "/opt/homebrew/lib/python3.9/site-packages/libsast/scanner.py", line 64, in scan
    results['semantic_grep'] = SemanticGrep(
  File "/opt/homebrew/lib/python3.9/site-packages/libsast/core_sgrep/semantic_sgrep.py", line 41, in scan
    self.format_output(sgrep_out)
  File "/opt/homebrew/lib/python3.9/site-packages/libsast/core_sgrep/semantic_sgrep.py", line 46, in format_output
    self.findings['errors'] = results['errors']
TypeError: 'NoneType' object is not subscriptable
rohitcoder@Rohits-MacBook-Pro ~ %

I can see theres an issue OSError: [Errno 8] Exec format error: '/opt/homebrew/lib/python3.9/site-packages/semgrep/bin/semgrep-core' any ideas, how we can fix that?

Answer 1 · 2022-05-13T05:00:38.000Z

@rohitCloudDefense when providing these issue's, try to provide as much information as possible to help debug issue, in this case stuff like below would help:

OS
Python Version (yes I know we can see it from the output but still a nicety)
Tool version
Hardware configuration (usually only CPU Architecture but RAM sometimes is useful)

I have run into this same issue, and I suspect that your issue is the same as mine:

OS: Monterey 12.2.1
Python Version: 3.10.3, 3.6.15
Tool version: 0.3.1
Hardware configuration: 16Gb M1 Mac

Now the issue you have run into basically is because of returntocorp/semgrep#2252 whereby they don't support Arm in any capacity and have known about this issue for about 18 months (it was highlighted on Android but the principal applies to M1 as it's Arm based).

It appears as per the linked issue, they are tentatively expecting to release Arm binaries this month, but I don't see a PR or branch so that timeframe is likely open to change given the date.

As to a work around, there doesn't appear to be one that I found to work. I've tried running via Rosetta, it doesn't resolve the issue, and tried building semgrep on the m1 and couldn't seem to get it to work, although admittedly I hadn't tried for very long.

Answer 2 · 2022-05-13T06:17:56.000Z

As @Maraket correctly mentioned, semgrep doesn't support ARM based processors yet.

Answer 3 · 2022-06-01T10:40:31.000Z

This might be fixed soon thx to returntocorp/semgrep#5373