Malware tools analyzer container not working properly

[mlodic]

2026-04-02 16:25:55,100 - api_app.classes - log_error - ERROR - (StringsInfo, job: #89). Unexpected error: 'Expecting value: line 1 column 1 (char 0)'
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/requests/models.py", line 978, in json
    return complexjson.loads(self.text, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/simplejson/__init__.py", line 514, in loads
    return _default_decoder.decode(s)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/simplejson/decoder.py", line 386, in decode
    obj, end = self.raw_decode(s)
               ^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/simplejson/decoder.py", line 416, in raw_decode
    return self.scan_once(s, idx=_w(s, idx).end())
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
simplejson.errors.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/deploy/intel_owl/api_app/classes.py", line 281, in start
    _result = self.run()
              ^^^^^^^^^^
  File "/opt/deploy/intel_owl/api_app/analyzers_manager/file_analyzers/strings_info.py", line 42, in run
    result = self._docker_run(req_data, req_files)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/deploy/intel_owl/api_app/analyzers_manager/classes.py", line 416, in _docker_run
  File "/usr/local/lib/python3.11/site-packages/requests/models.py", line 982, in json
    raise RequestsJSONDecodeError(e.msg, e.doc, e.pos)
requests.exceptions.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

branch:develop

This error happens when using every analyzer like Strings_Info which requires communication with the --malware_tools_analyzers optional docker container, even if that container is brought up properly.
It seems 400 errors happens
From the gunicorn_access.log

172.19.0.9 - - [02/Apr/2026:16:10:57 +0000] "POST /clamav HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:10:57 +0000] "POST /peframe HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:10:57 +0000] "POST /qiling HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:10:57 +0000] "POST /qiling HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:10:57 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:13:52 +0000] "POST /clamav HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:13:52 +0000] "POST /qiling HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.9 - - [02/Apr/2026:16:13:52 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.7 - - [02/Apr/2026:16:20:19 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.7 - - [02/Apr/2026:16:23:04 +0000] "POST /clamav HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.7 - - [02/Apr/2026:16:23:35 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.7 - - [02/Apr/2026:16:24:00 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.7 - - [02/Apr/2026:16:24:46 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"
172.19.0.7 - - [02/Apr/2026:16:25:55 +0000] "POST /stringsifter HTTP/1.1" 400 150 "-" "python-requests/2.33.1"

This blocks the current release

[Abhishek9639]

Greetings @mlodic,
I'd like to work on this. From the traceback, it looks like the Strings_Info analyzer is getting a JSON decode error from the docker container response. I'll dig into the malware_tools_analyzers container setup and the request handling to find the root cause.

Could you assign this to me?
Thanks

[Abhishek9639]

Thanks for assigning this to me, @mlodic.
I’ll start working on this issue and will open a PR soon.
Thanks