dockerfile.correctness.invalid-port.invalid-port

semgrep

Author

unknown

Download Count*

LGPL Commons Clause

License

Detected an invalid port number. Valid ports are 0 through 65535.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: invalid-port
    message: Detected an invalid port number. Valid ports are 0 through 65535.
    severity: ERROR
    languages:
      - dockerfile
    metadata:
      source-rule-url: https://github.com/hadolint/hadolint/wiki/DL3011
      references:
        - https://github.com/hadolint/hadolint/wiki/DL3011
      category: correctness
      technology:
        - dockerfile
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
    pattern-either:
      - patterns:
          - pattern: EXPOSE $PORT
          - metavariable-comparison:
              metavariable: $PORT
              comparison: int($PORT) > 65535

Examples

invalid-port.dockerfile

# cf. https://github.com/hadolint/hadolint/wiki/DL3011

FROM busybox

# ok: invalid-port
EXPOSE 65535

# ruleid: invalid-port
EXPOSE 65536

# ok: invalid-port
EXPOSE 0

# this is invalid dockerfile code and can not be parsed with dockerfile parser
# EXPOSE -1

Short Link: https://sg.run/w4Ex