KICS 1.7.3 is throwing exception panic: interface conversion: interface {} is string, not yaml.Node

[p3pijn]

KICS 1.7.3 is throwing exception panic: interface conversion: interface {} is string, not yaml.Node
Looks very similar to #4521

Expected Behavior

• KICS should provide the scan results
• Even if KICS runs into some parse error, do not fail the entire scan

Actual Behavior
KICS throws below exception

goroutine 51 [running]:
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).resolveYamlPath(0x4019dbd0e8, {0x4010187180, 0x1b0, 0x1c0}, 0x12?, 0x4012e0e0a0, {0x4012641270, 0x46}, 0x0, 0x0?, ...)
	/app/pkg/resolver/file/file.go:246 +0x820
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0x4019dbd0e8?, {0x4010187180, 0x1b0, 0x1c0}, 0x247774?, 0x4012e0e0a0, {0x4012641270, 0x46}, 0x0?, 0x40127fd800?, ...)
	/app/pkg/resolver/file/file.go:155 +0x108
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0xa14c?, {0x4010187180, 0x1b0, 0x1c0}, 0x4001fdf000?, 0x4012d15ea0, {0x4012641270, 0x46}, 0x12?, 0x10?, ...)
	/app/pkg/resolver/file/file.go:164 +0x28c
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0x199?, {0x4010187180, 0x1b0, 0x1c0}, 0x4012d15cc0?, 0x4012d15d60, {0x4012641270, 0x46}, 0x4012d15c20?, 0x40127fd800?, ...)
	/app/pkg/resolver/file/file.go:164 +0x28c
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0xffffffffffffffff?, {0x4010187180, 0x1b0, 0x1c0}, 0x0?, 0x4012d15c20, {0x4012641270, 0x46}, 0x24990?, 0x21084?, ...)
	/app/pkg/resolver/file/file.go:164 +0x28c
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlResolve(0x4019dbd0e8, {0x4010187180, 0x1b0, 0x1c0}, {0x4012641270, 0x46}, 0x4019dbd028?, 0x1d824?)
	/app/pkg/resolver/file/file.go:129 +0xf0
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).Resolve(0x4019dbd0e8, {0x4010187180, 0x1b0, 0x1c0}, {0x4012641270, 0x46}, 0x4019dbd0c8?, 0x23ba94?)
	/app/pkg/resolver/file/file.go:50 +0x200
github.com/Checkmarx/kics/pkg/parser/yaml.(*Parser).Resolve(0x4000194b20, {0x4010187180, 0x1b0, 0x1c0}, {0x4012641270, 0x46})
	/app/pkg/parser/yaml/parser.go:25 +0x108
github.com/Checkmarx/kics/pkg/parser.(*Parser).Parse(0x40005ce720, {0x4012641270, 0x46}, {0x4010187180, 0x1b0, 0x1c0})
	/app/pkg/parser/parser.go:124 +0xe4
github.com/Checkmarx/kics/pkg/kics.(*Service).sink(0x4000568af0, {0x27657d0, 0x40001a4000}, {0x4012641270, 0x46}, {0x210aa06, 0x7}, {0x27487c0, 0x4017d17ca8}, {0x4004ab4000, ...})
	/app/pkg/kics/sink.go:44 +0x18c
github.com/Checkmarx/kics/pkg/kics.(*Service).PrepareSources.func1({0x27657d0, 0x40001a4000}, {0x4012641270, 0x46}, {0x27539c8?, 0x4017d17ca8})
	/app/pkg/kics/service.go:72 +0xa8
github.com/Checkmarx/kics/pkg/engine/provider.(*FileSystemSourceProvider).walkDir.func1({0x4012641270, 0x46}, {0x276d1a0, 0x4012e02900}, {0x0?, 0x0?})
	/app/pkg/engine/provider/filesystem.go:184 +0x3e0
path/filepath.walk({0x4012641270, 0x46}, {0x276d1a0, 0x4012e02900}, 0x4019dbde08)
	/usr/local/go/src/path/filepath/path.go:480 +0xc8
path/filepath.walk({0x4011ee7900, 0x33}, {0x276d1a0, 0x40125fb380}, 0x4019dbde08)
	/usr/local/go/src/path/filepath/path.go:504 +0x1d4
path/filepath.walk({0x400e7217a0, 0x2a}, {0x276d1a0, 0x400e6e6cc0}, 0x4019dbde08)
	/usr/local/go/src/path/filepath/path.go:504 +0x1d4
path/filepath.walk({0x4013bda0c0, 0x1f}, {0x276d1a0, 0x400da4bec0}, 0x4019dbde08)
	/usr/local/go/src/path/filepath/path.go:504 +0x1d4
path/filepath.walk({0x40009dc130, 0x5}, {0x276d1a0, 0x40005f40c0}, 0x4019dbde08)
	/usr/local/go/src/path/filepath/path.go:504 +0x1d4
path/filepath.Walk({0x40009dc130, 0x5}, 0x400203be08)
	/usr/local/go/src/path/filepath/path.go:571 +0x6c
github.com/Checkmarx/kics/pkg/engine/provider.(*FileSystemSourceProvider).walkDir(0x40009dc130?, {0x27657d0?, 0x40001a4000?}, {0x40009dc130?, 0x10000?}, 0x1, 0xffff5e9d8c78?, 0xffff85f9d5b8?, 0x20?)
	/app/pkg/engine/provider/filesystem.go:146 +0x74
github.com/Checkmarx/kics/pkg/engine/provider.(*FileSystemSourceProvider).GetSources(0x4000530200, {0x27657d0, 0x40001a4000}, 0x0?, 0x40004f4280, 0x0?)
	/app/pkg/engine/provider/filesystem.go:135 +0x170
github.com/Checkmarx/kics/pkg/kics.(*Service).PrepareSources(0x4000568af0, {0x27657d0, 0x40001a4000}, {0x210aa06, 0x7}, 0x0?, 0x0?)
	/app/pkg/kics/service.go:68 +0x1c0
created by github.com/Checkmarx/kics/pkg/scanner.PrepareAndScan
	/app/pkg/scanner/scanner.go:24 +0xb4

Steps to Reproduce the Problem
docker run -t -v ~/somefolder:/path checkmarx/kics:latest scan -p /path -o "/path"

Specifications
(N/A if not applicable)

KICS Version: 1.7.3 (latest)
Platform: MacOS

[cxMiguelSilva]

Hi @p3pijn, thank you for reaching out and reporting this issue 😃
This is already being tackled in #6511. With those changes, any panic error during the resolve phase of the scan will be captured and handled as a normal error. The value returned in those cases is the original file content.
Hope this helps 🙂

[p3pijn]

Thank you @cxMiguelSilva, I will monitor the issue you referenced.

[gabriel-cx]

Hi @p3pijn ,

Thanks for let us know about this situation.
As @cxMiguelSilva said, we have a possible solution for the issue in this PR.
Since we don't have access to the project you scanned in order to test, are you available to support us by checking if the previous mentioned PR solves the issue from your side?

If needed, we can prepare a docker image containing the fix and share it with you.

[p3pijn]

@gabriel-cx Happy to try this out, let me know how to pull the docker image and I will try to give it a spin.

[pereiramarco011]

Hello @p3pijn, we have created a docker image, if you run docker pull pereiramarco/kics:panic-handle you should get a docker image containing a panic handler for the Resolver. Along with that, 2 PRs were/are being closed and the next release of kics should already contain a fix for that issue 😄