Webinspect WebApi scan out of memory

When I try to run a WebApi WebInspect scan with a large Swagger file (>130 paths), after about 10 minutes my computer gives an out of memory warning. With smaller files I don't have this problem.

Does anyone have a solution for my problem? I'm thinking about splitting the large file into smaller parts with a custom script and then run each part seperatly.

I use WebInspect version 22.1.0.99, but previous versions (20 and 21) also had this problem. My computer (Server 2016) has 16GB of memory. I have set the thread count to 1 for crawl and audit.

  • Suggested Answer

    Have you tried running WiSWag at CLI against your Swagger definition file? WiSwag can be located in the WebInspect installation folder. I would run it with just a -i switch and the location of the json file.

    The next step would be to try and create the macro (-m) and settings (-s) file. 

    If you still receive an out of memory error, please open a ticket with support (https://www.microfocus.com/en-us/support/login) and provide a copy of the json file.

  • I tried the WiSwag tool, but had a simular issue with the memory: System.Windows.Threading.Dispatcher Build:22.1.0.99 Exception type:  System.ComponentModel.Win32Exception Not enough quota is available to process this command

    I think I've found the problem. We use some domain model objects as a inputparameter for our methods. Those objects have a lot of nesting objects. WebInspect tries to create a json for those methods. The created json's are enormous. If I skip those methods it looks like the scan is working better.

  • I think I've found the problem. We use some domain model objects as a inputparameter for our methods. Those objects have a lot of nesting objects. WebInspect tries to create a json for those methods.

    You could try the excludeOperations switch in WISwag. We would also be interested in viewing the Swagger file if you can provide us a copy. If you have an existing support ticket where this file is available, please PM me the ticket number.