Skip to main content

Configuring Method of Sending Source Files to Scan Engine

By default, source files are sent from the application to the Scan Engine (legacy WCF Engine Service) as strings. This process can cause issues relating to:

  • Large requests going through the network, which may be an issue on a distributed setup

  • Under some conditions, WCF message sending fails or hangs (special characters are a part of the source code)

To avoid these issues, the method of sending files can be configured to be sent instead as a byte stream in either compressed or uncompressed format.

Notice

This feature is introduced in CxSast 9.2 HF12.

It is not a part of any version starting from 9.3, since a new Engine Service is in place which handles the above issues in a different manner.

How to use

A configurable setting can be set in the database to change the way the sources are being sent.

  • CxSaST configuration table: CxDB.dbo.CxComponentConfiguration

  • Key: WcfFileContentSendingMethod

  • Value:

    • string” (default) - Send code as a string. This is the default behavior which matches the legacy behavior.

    • stream” - Send code as an uncompressed byte array. The size of the payload remains the same.

    • zip” - Send code as a compressed byte array. The size of the payload is reduced.

When to use

Change the default setting to either solve an issue when sending a specific project for scanning or as a performance improvement measure as described in the following table:

Option

Value

Use where

Don’t use where

Stream

“stream”

The code contains special characters that cause WCF service to fail or become unresponsive.

The workflow operates smoothly and sources arrive without any issues. Since there is no size-of-payload benefit, but there is an overhead for the byte conversion, there is no reason to change from the default method.

Zip

“zip”

The code consisted of large highly compressible files (text, documents, or source code).

The code consisted of a large number of small files or files with high entropy. The compression time loss due to the compression process might negate any potential gain in transmission time.