From ffd95970c8e5c99972e5833ee42f9cb3a383f5f5 Mon Sep 17 00:00:00 2001 From: witchcraze Date: Thu, 26 Sep 2024 17:31:16 +0900 Subject: [PATCH 1/2] update redis classifier Signed-off-by: witchcraze --- .../binary/classifier_cataloger_test.go | 11 +++++++++++ syft/pkg/cataloger/binary/classifiers.go | 2 +- .../linux-unknown-454d5f333836/redis-server | Bin 0 -> 9257 bytes .../cataloger/binary/test-fixtures/config.yaml | 7 +++++++ 4 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/redis-server/7.2.5/linux-unknown-454d5f333836/redis-server diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index 48744a612d7..6e5c8dd81e1 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -485,6 +485,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("redis-binary"), }, }, + { + logicalFixture: "redis-server/7.2.5/linux-386", + expected: pkg.Package{ + Name: "redis", + Version: "7.2.5", + Type: "binary", + PURL: "pkg:generic/redis@7.2.5", + Locations: locations("redis-server"), + Metadata: metadata("redis-binary"), + }, + }, { logicalFixture: "python-shared-lib/3.7.4/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index 52dc1549a8b..3d7ec8d7f1a 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -78,7 +78,7 @@ func DefaultClassifiers() []Classifier { FileGlob: "**/redis-server", EvidenceMatcher: evidenceMatchers( FileContentsVersionMatcher(`(?s)payload %5.*?(?P\d.\d\.\d\d*)[a-z0-9]{12,15}-[0-9]{19}`), - FileContentsVersionMatcher(`(?s)\x00(?P\d.\d\.\d\d*)[a-z0-9]{12}-[0-9]{19}\x00.*?payload %5`), + FileContentsVersionMatcher(`(?s)\x00(?P\d.\d\.\d\d*)[a-z0-9]{12,15}-[0-9]{19}\x00.*?payload %5`), ), Package: "redis", PURL: mustPURL("pkg:generic/redis@version"), diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/redis-server/7.2.5/linux-unknown-454d5f333836/redis-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/redis-server/7.2.5/linux-unknown-454d5f333836/redis-server new file mode 100644 index 0000000000000000000000000000000000000000..d9890fac75ce4c187bb3167679af6fcdb1ddbaa6 GIT binary patch literal 9257 zcmbtaU2Ggz6`r=~PZpOBekJ&g`G1iMx{_VcI=p1TMoGz4^s_Y)pTv!y{>{) zSau^!mD%>PdYw7plM4Qf3{(b&YLR6d3sx8~$EdkWrw2zWL)FpYGG?6oA=zW<3cJ&1z-iYkb@@&3jIdzSBmLRgwZCLsu^HWM)*W1Ij28#6eNWt@6 zod}g81w0;LGp9X8Q&aGxD7wGPpYS4z`W_ zq76X9&oE*q%Ts+GSO&a9O3U>Lmf>BE)WGfa$uW8u!j2dg%!V&yExp*#_#(5ra3J49 zQ=t2n7Y5mePSmKu?_E>VnLZCEh-IXUw7F*FV7BSDXftf9<}=^ovDi0Rf|#d#2GPq;>& zEYJHZbi!jFJ35CRmr-+}lLgC;u4O5Dd!Z7nm*5*IuEqK!elg?1;|vOEZ&JEQLBr_ zICY@Aj+h1ukwb!&ii-njtoUk{9=Agf4kI+7WGHD8vqVZDGK8dIGTfd5G!!Tkdo)!? zwryK6CDSrUqwpoqLMqYOt}Q@cDW9B*JCs|X1!hEbpI`T_kki?lvqF{^P}GdFt%QA& zruo@Y!(_I-C4_<+j4pf6*fP^`Vvj6|(id1ZqTEL_nPnrD%E}4FU6l$>-l9lCF)a!M z3;PU^<#lOF`z1S7xlCgDh+M-l94}o;OSWS?>2wL?KG))Vhdh9xA`!14=QC;h$sI%5 z4Q{h#ieGIqjVIoonn({ao}18R_=@A9NUahMxmI$lkuzZrB`hk@Rkv0#D@|b9jd;k~ z`7rGPx=UccV6VtQWRg&kX<{`KFHQs+$jFf9X7;_Xq~&0Gi2M$BBb*!_ByhNk%_jJ= zxx>RGZI!1}2QNuiyD}-j-?Oz4=%OM&Hkmdr)I9hn(z_#tJUedRlP{Z#u6oMEIy!}X zP5~dQmN9c2BSaiGBRk2eMBPI=X(7jUk-iE;<*3|8)-T9$xJgoQ%03bj76m&g;|d8w zLsBySW1BOLnqQ^qqwvs!R zB;u;UZ~45^b|<1iBeH!={q<$x*Car zI#{01O=~G#tH^-LIFGu7vg9(4wd&qHz3xMzhZ35`a-1vTEykC5r0}5}3$v$q8oL)?MDAw0t|#}N zAj28kWFrz8Kb|$B2DRzV)Eh8KDv*zFZCzq}=i)T9^%71yPBsH%ake#(z#-1hy8)7Q z93ydEKF(kV#C1xe>HJGFvxH3PAB-7C7UZ9}%d}gGaMzgu$vs8uB3uRcNAXT5w`an{ zL6M^;;}ja@;-@EPM}I9hq|WGP)HnT$!;#&EA=O+`+e zhFNhy!^Uz_o^QEG32_Td1B)1{>)4VeHjd6TL^0f>^f;MJ+82#6%bO?$C0d$^qEVvN z;6#vynjiy~Y*xnyIzY2ze3Z@6O;D^KB6fR~MUTi2Iw_S-QhqVy1iP#r=|hSpZg=TB z8U~Z2XEM4R-L!l-6Rl0Yx17*CZc#|+;@yTh9#bz~c_Dt@po0#tA{4p@isfN4gGj!J zjt@F*_cPD{CkNhbaqH?TKrOpUD5-MN(O~qQ3v*bIiL@?{W|&p4!r^1XV4G6R{;Z<0jj_{F#cK8fjPj2Y(L5-%3WX!*Z>ZJ zHvT#AfD*8Y`cag7Koi&nW`Mpo(FWxPa0^(c60&cBz7E_1=72Te_~)Su7zdiD_oLhe zHi0c*9oPVjFKoAFf#bkk)W=cY0%m}Ipb1(P<yTbF?sfC}&& zaQ184t&_k6pa27e_3hS2fxWM9x1N4`yETRHC%(1adJ-50zW2^{>sgfJ--UjlAGrG+ zj34Ffdsr)=3ao!0<3-sI^Z|RQZvrKJFZ_7B^=aUfzz=@3-C9BUZIo{VUjg0#j{b1F z^%UsCKneH&v}aLn{RHy_c7au357_!CXuus{4cGD z0c!=U18czC@1gIH&;{%Q?*V;H@c#@sU=yeUYe3&$Ad9jI>;nB%2m1bs{(-mf-2`lW z&jB;QIIs#F`VeEji#-5r0;4hB&3q@c|F>L&&hfv&-atRFfxc%@-U4=kEnp7V0A~IH zS)c^W{T+5k*$3?5y9ulT{itsMO<)%Yfi0l)FUb89bl^77hx(yClt4dlhxovnveU8; z0Lf(Kvfl@_J&2#^`k>1giudib_J9w8pZ^#5<^y^8TXFqQ&{6x<`>js_&jD}Ve!uk^ z%J3n~4_F862X|Tq%8f^MS|yYRVKtVsA3j+2AYEDh|I+_)jG+%`V%)cY8GIWU-wZGg z^aHb07Is>X0rvy-!#l0VQFfDSg4fx03$h!)EnppJ()VNd2G)Q#f##z-E$vC@1{y#B zd<^KHgpGi4;P%Cx)=`vn;N5rs1BV`b=;22W$ERQ6BYj66eXQ$ID2NF^FoJ1E_h-1H zC>koyvju+DbsNvPzL2{Q|K1N!sVJ`x0cGG6a6&mAPAkgFByqm_vky@syYs7knYt4Z7@b5mgswS>cZsIRiRQ0`ae>0ustx5 z8{+aK7fLNgH`N>XJx#@>lYU1dLg9v(ro0pg!a;gznT3&V6b>`P@YV8Cv3$;6Disb} zj=`7IV#UCBqH)NMP@6aWQ`GCSip3mLi$gJys>KRb+Fp^c+Z1sJfL)TH>2ABk}WbcLTjkMRo+{W!Lqf(m@>h3QMPXDizC7haS;8Sfh<@!q_I+=%LV zG{>uj?$VD^%3*mqR+VD8vb3rkemMyJR}@n`lAvZe;VZZs7)s%$asxku-7F~bHZEQt b6`zNy7>^{<_>}R;S#WSWKCgVk+iCq9BhTa^ literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml index f32705f2a38..434a93d1b7c 100644 --- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml +++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml @@ -440,6 +440,13 @@ from-images: paths: - /usr/local/bin/redis-server + - version: 7.2.5 + images: + - ref: redis:7.2.5@sha256:3b44455ef048b5f0a3a26d874c00c0f4ffe6a71a40834f2b038f816c6ad5ca4f + platform: linux/386 + paths: + - /usr/local/bin/redis-server + - version: 2.9.0 images: - ref: wordpress:cli-2.9.0-php8.3@sha256:3a008aafccc6a8d2d7ec2b069722cb43b3569b61cd833f9f2f13d74a9284746e From f2d79b12b2c8e9c6af8d2af1a070b7bd6ab40818 Mon Sep 17 00:00:00 2001 From: witchcraze Date: Thu, 26 Sep 2024 17:37:18 +0900 Subject: [PATCH 2/2] Remove snippets to pass Validation. In this case, 9000 byte was required... Signed-off-by: witchcraze --- .../linux-unknown-454d5f333836/redis-server | Bin 9257 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/redis-server/7.2.5/linux-unknown-454d5f333836/redis-server diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/redis-server/7.2.5/linux-unknown-454d5f333836/redis-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/redis-server/7.2.5/linux-unknown-454d5f333836/redis-server deleted file mode 100644 index d9890fac75ce4c187bb3167679af6fcdb1ddbaa6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 9257 zcmbtaU2Ggz6`r=~PZpOBekJ&g`G1iMx{_VcI=p1TMoGz4^s_Y)pTv!y{>{) zSau^!mD%>PdYw7plM4Qf3{(b&YLR6d3sx8~$EdkWrw2zWL)FpYGG?6oA=zW<3cJ&1z-iYkb@@&3jIdzSBmLRgwZCLsu^HWM)*W1Ij28#6eNWt@6 zod}g81w0;LGp9X8Q&aGxD7wGPpYS4z`W_ zq76X9&oE*q%Ts+GSO&a9O3U>Lmf>BE)WGfa$uW8u!j2dg%!V&yExp*#_#(5ra3J49 zQ=t2n7Y5mePSmKu?_E>VnLZCEh-IXUw7F*FV7BSDXftf9<}=^ovDi0Rf|#d#2GPq;>& zEYJHZbi!jFJ35CRmr-+}lLgC;u4O5Dd!Z7nm*5*IuEqK!elg?1;|vOEZ&JEQLBr_ zICY@Aj+h1ukwb!&ii-njtoUk{9=Agf4kI+7WGHD8vqVZDGK8dIGTfd5G!!Tkdo)!? zwryK6CDSrUqwpoqLMqYOt}Q@cDW9B*JCs|X1!hEbpI`T_kki?lvqF{^P}GdFt%QA& zruo@Y!(_I-C4_<+j4pf6*fP^`Vvj6|(id1ZqTEL_nPnrD%E}4FU6l$>-l9lCF)a!M z3;PU^<#lOF`z1S7xlCgDh+M-l94}o;OSWS?>2wL?KG))Vhdh9xA`!14=QC;h$sI%5 z4Q{h#ieGIqjVIoonn({ao}18R_=@A9NUahMxmI$lkuzZrB`hk@Rkv0#D@|b9jd;k~ z`7rGPx=UccV6VtQWRg&kX<{`KFHQs+$jFf9X7;_Xq~&0Gi2M$BBb*!_ByhNk%_jJ= zxx>RGZI!1}2QNuiyD}-j-?Oz4=%OM&Hkmdr)I9hn(z_#tJUedRlP{Z#u6oMEIy!}X zP5~dQmN9c2BSaiGBRk2eMBPI=X(7jUk-iE;<*3|8)-T9$xJgoQ%03bj76m&g;|d8w zLsBySW1BOLnqQ^qqwvs!R zB;u;UZ~45^b|<1iBeH!={q<$x*Car zI#{01O=~G#tH^-LIFGu7vg9(4wd&qHz3xMzhZ35`a-1vTEykC5r0}5}3$v$q8oL)?MDAw0t|#}N zAj28kWFrz8Kb|$B2DRzV)Eh8KDv*zFZCzq}=i)T9^%71yPBsH%ake#(z#-1hy8)7Q z93ydEKF(kV#C1xe>HJGFvxH3PAB-7C7UZ9}%d}gGaMzgu$vs8uB3uRcNAXT5w`an{ zL6M^;;}ja@;-@EPM}I9hq|WGP)HnT$!;#&EA=O+`+e zhFNhy!^Uz_o^QEG32_Td1B)1{>)4VeHjd6TL^0f>^f;MJ+82#6%bO?$C0d$^qEVvN z;6#vynjiy~Y*xnyIzY2ze3Z@6O;D^KB6fR~MUTi2Iw_S-QhqVy1iP#r=|hSpZg=TB z8U~Z2XEM4R-L!l-6Rl0Yx17*CZc#|+;@yTh9#bz~c_Dt@po0#tA{4p@isfN4gGj!J zjt@F*_cPD{CkNhbaqH?TKrOpUD5-MN(O~qQ3v*bIiL@?{W|&p4!r^1XV4G6R{;Z<0jj_{F#cK8fjPj2Y(L5-%3WX!*Z>ZJ zHvT#AfD*8Y`cag7Koi&nW`Mpo(FWxPa0^(c60&cBz7E_1=72Te_~)Su7zdiD_oLhe zHi0c*9oPVjFKoAFf#bkk)W=cY0%m}Ipb1(P<yTbF?sfC}&& zaQ184t&_k6pa27e_3hS2fxWM9x1N4`yETRHC%(1adJ-50zW2^{>sgfJ--UjlAGrG+ zj34Ffdsr)=3ao!0<3-sI^Z|RQZvrKJFZ_7B^=aUfzz=@3-C9BUZIo{VUjg0#j{b1F z^%UsCKneH&v}aLn{RHy_c7au357_!CXuus{4cGD z0c!=U18czC@1gIH&;{%Q?*V;H@c#@sU=yeUYe3&$Ad9jI>;nB%2m1bs{(-mf-2`lW z&jB;QIIs#F`VeEji#-5r0;4hB&3q@c|F>L&&hfv&-atRFfxc%@-U4=kEnp7V0A~IH zS)c^W{T+5k*$3?5y9ulT{itsMO<)%Yfi0l)FUb89bl^77hx(yClt4dlhxovnveU8; z0Lf(Kvfl@_J&2#^`k>1giudib_J9w8pZ^#5<^y^8TXFqQ&{6x<`>js_&jD}Ve!uk^ z%J3n~4_F862X|Tq%8f^MS|yYRVKtVsA3j+2AYEDh|I+_)jG+%`V%)cY8GIWU-wZGg z^aHb07Is>X0rvy-!#l0VQFfDSg4fx03$h!)EnppJ()VNd2G)Q#f##z-E$vC@1{y#B zd<^KHgpGi4;P%Cx)=`vn;N5rs1BV`b=;22W$ERQ6BYj66eXQ$ID2NF^FoJ1E_h-1H zC>koyvju+DbsNvPzL2{Q|K1N!sVJ`x0cGG6a6&mAPAkgFByqm_vky@syYs7knYt4Z7@b5mgswS>cZsIRiRQ0`ae>0ustx5 z8{+aK7fLNgH`N>XJx#@>lYU1dLg9v(ro0pg!a;gznT3&V6b>`P@YV8Cv3$;6Disb} zj=`7IV#UCBqH)NMP@6aWQ`GCSip3mLi$gJys>KRb+Fp^c+Z1sJfL)TH>2ABk}WbcLTjkMRo+{W!Lqf(m@>h3QMPXDizC7haS;8Sfh<@!q_I+=%LV zG{>uj?$VD^%3*mqR+VD8vb3rkemMyJR}@n`lAvZe;VZZs7)s%$asxku-7F~bHZEQt b6`zNy7>^{<_>}R;S#WSWKCgVk+iCq9BhTa^