process: make non-existent paths non-fatal, sort scan paths (#493)

* pip: add known good list * process: make non-existent paths non-fatal, sort scan paths
chainguard-dev · Oct 7, 2024 · d47acff · d47acff
1 parent b35790a
commit d47acff
Showing 1 changed file with 15 additions and 5 deletions.
diff --git a/pkg/action/process.go b/pkg/action/process.go
@@ -2,8 +2,11 @@ package action
 
 import (
 	"context"
+	"fmt"
 	"os"
+	"sort"
 
+	"github.com/chainguard-dev/clog"
 	"github.com/shirou/gopsutil/v4/process"
 )
 
@@ -17,15 +20,18 @@ func GetAllProcessPaths(ctx context.Context) ([]Process, error) {
 	// Retrieve all of the active PIDs
 	procs, err := process.ProcessesWithContext(ctx)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("processes: %w", err)
 	}
 
 	// Store PIDs and their respective commands (paths) in a map of paths and their Process structs
 	processMap := make(map[string]Process, len(procs))
 	for _, p := range procs {
 		path, err := p.Exe()
+		// Executable resolution is non-fatal
 		if err != nil {
-			return nil, err
+			name, _ := p.Name()
+			clog.Errorf("%s[%d]: %v", name, p.Pid, err)
+			continue
 		}
 		if _, exists := processMap[path]; !exists && path != "" && isValidPath(path) {
 			processMap[path] = Process{
@@ -40,11 +46,15 @@ func GetAllProcessPaths(ctx context.Context) ([]Process, error) {
 
 // procMapSlice converts a map of paths and their Process structs to a slice of Processes.
 func procMapSlice(m map[string]Process) []Process {
-	result := make([]Process, 0, len(m))
+	ps := make([]Process, 0, len(m))
 	for _, v := range m {
-		result = append(result, v)
+		ps = append(ps, v)
 	}
-	return result
+
+	sort.Slice(ps, func(i, j int) bool {
+		return ps[i].Path < ps[j].Path
+	})
+	return ps
 }
 
 // isValidPath checks if the given path is valid.