From 14ce15c9762ab3016869879a019be167d1484ff4 Mon Sep 17 00:00:00 2001
From: Gavin Schneider <gavin_schneider@rapid7.com>
Date: Tue, 16 Jun 2020 14:28:45 -0700
Subject: [PATCH] Fix failures related to symlinked layer files

---
 .../analyzer/docker/service/DockerImageAnalyzerService.java    | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/main/java/com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService.java b/src/main/java/com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService.java
index 5702952..06b214f 100644
--- a/src/main/java/com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService.java
+++ b/src/main/java/com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService.java
@@ -302,6 +302,9 @@ public void untar(File tar, File destination) throws FileNotFoundException, IOEx
   }
 
   private void processLayer(Image image, Configuration configuration, Layer layer, File tar) throws FileNotFoundException, IOException {
+    // skip invalid files (too small to be a tar or gzipped tar, and symlinks are duplicate layers)
+    if (tar.length() < 100)
+      return;
 
     try (TarArchiveInputStream tarIn = new TarArchiveInputStream(new GZIPInputStream(new FileInputStream(tar), 65536))) {
       processLayerTar(image, configuration, layer, tar, tarIn);