From 2f3a504acfba83982351fff32f78d19d5c31bbf4 Mon Sep 17 00:00:00 2001 From: Rez Moss Date: Thu, 8 Jan 2026 12:18:51 -0500 Subject: [PATCH] Feat/catalog mongodb bin (#4541) * fixed #4550, catalog mongodb bin Signed-off-by: Rez Moss * fixed #4550, catalog mongodb bin Signed-off-by: Rez Moss --------- Signed-off-by: Rez Moss --- syft/pkg/cataloger/binary/capabilities.yaml | 10 ++++ .../binary/classifier_cataloger_test.go | 55 ++++++++++++++++++ syft/pkg/cataloger/binary/classifiers.go | 18 ++++++ .../mongodb/4.4.30/linux-amd64/mongod | Bin 0 -> 331 bytes .../mongodb/5.0.32/linux-amd64/mongod | Bin 0 -> 331 bytes .../mongodb/6.0.27/linux-amd64/mongod | Bin 0 -> 331 bytes .../mongodb/7.0.28/linux-amd64/mongod | Bin 0 -> 331 bytes .../mongodb/8.0.17/linux-amd64/mongod | Bin 0 -> 331 bytes .../binary/test-fixtures/config.yaml | 40 +++++++++++++ 9 files changed, 123 insertions(+) create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/4.4.30/linux-amd64/mongod create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/5.0.32/linux-amd64/mongod create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/6.0.27/linux-amd64/mongod create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/7.0.28/linux-amd64/mongod create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/8.0.17/linux-amd64/mongod diff --git a/syft/pkg/cataloger/binary/capabilities.yaml b/syft/pkg/cataloger/binary/capabilities.yaml index 0adf563ea..b55e0f082 100644 --- a/syft/pkg/cataloger/binary/capabilities.yaml +++ b/syft/pkg/cataloger/binary/capabilities.yaml @@ -653,6 +653,16 @@ catalogers: cpes: - cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:* type: BinaryPkg + - method: glob + criteria: + - '**/mongod' + packages: + - class: mongodb-binary + name: mongodb + purl: pkg:generic/mongodb + cpes: + - cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:* + type: BinaryPkg - method: glob criteria: - '**/java' diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index 80e962502..061a91017 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -183,6 +183,61 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("mariadb-binary"), }, }, + { + logicalFixture: "mongodb/8.0.17/linux-amd64", + expected: pkg.Package{ + Name: "mongodb", + Version: "8.0.17", + Type: "binary", + PURL: "pkg:generic/mongodb@8.0.17", + Locations: locations("mongod"), + Metadata: metadata("mongodb-binary"), + }, + }, + { + logicalFixture: "mongodb/7.0.28/linux-amd64", + expected: pkg.Package{ + Name: "mongodb", + Version: "7.0.28", + Type: "binary", + PURL: "pkg:generic/mongodb@7.0.28", + Locations: locations("mongod"), + Metadata: metadata("mongodb-binary"), + }, + }, + { + logicalFixture: "mongodb/6.0.27/linux-amd64", + expected: pkg.Package{ + Name: "mongodb", + Version: "6.0.27", + Type: "binary", + PURL: "pkg:generic/mongodb@6.0.27", + Locations: locations("mongod"), + Metadata: metadata("mongodb-binary"), + }, + }, + { + logicalFixture: "mongodb/5.0.32/linux-amd64", + expected: pkg.Package{ + Name: "mongodb", + Version: "5.0.32", + Type: "binary", + PURL: "pkg:generic/mongodb@5.0.32", + Locations: locations("mongod"), + Metadata: metadata("mongodb-binary"), + }, + }, + { + logicalFixture: "mongodb/4.4.30/linux-amd64", + expected: pkg.Package{ + Name: "mongodb", + Version: "4.4.30", + Type: "binary", + PURL: "pkg:generic/mongodb@4.4.30", + Locations: locations("mongod"), + Metadata: metadata("mongodb-binary"), + }, + }, { logicalFixture: "traefik/1.7.34/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index 8420faf64..600c1f3d4 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -784,6 +784,24 @@ func DefaultClassifiers() []binutils.Classifier { PURL: mustPURL("pkg:generic/envoy@version"), CPEs: singleCPE("cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), }, + { + Class: "mongodb-binary", + FileGlob: "**/mongod", + EvidenceMatcher: binutils.MatchAny( + // mongodb 4.x, 5.x, 6.x: ber followed by tcmalloc + // e.g 6.0.27[NUL]tcmalloc + m.FileContentsVersionMatcher(`(?P[0-9]+\.[0-9]+\.[0-9]+)\x00tcmalloc`), + // mongodb 7.x: ver followed by "heap_size" + // e.g 7.0.28[NUL]heap_size + m.FileContentsVersionMatcher(`(?P[0-9]+\.[0-9]+\.[0-9]+)\x00+heap_size`), + // mongodb 8.x: ber followed by "cppdefines" + // e.g 8.0.17[NUL]cppdefines + m.FileContentsVersionMatcher(`(?P[0-9]+\.[0-9]+\.[0-9]+)\x00+cppdefines`), + ), + Package: "mongodb", + PURL: mustPURL("pkg:generic/mongodb@version"), + CPEs: singleCPE("cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, } return append(classifiers, defaultJavaClassifiers()...) diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/4.4.30/linux-amd64/mongod b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/4.4.30/linux-amd64/mongod new file mode 100644 index 0000000000000000000000000000000000000000..b875198e9a83cf92a8966809209f5929aba60d8f GIT binary patch literal 331 zcmXwz%Sr?>6hyPmS43u`o8ji2^j<{JmEb;)o1T_*GEAot{dybGT~T$as1{b7*xK9N zGwr2pI3}h+J8u=I727;66XO7MYs>YD6oHX~qQG#^E zgcuALTEvXVOA^WhB=pHTLCaF{e=HX#Vv-7YQPveNGj vS^M|LMxJVqp}zF_HMB6}jXbsxE50AirMKr+I?2m6)}F~8_cnF`pnk0%j89}6 literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/5.0.32/linux-amd64/mongod b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/5.0.32/linux-amd64/mongod new file mode 100644 index 0000000000000000000000000000000000000000..4089a008ee5092e279fe3dc875af91ad6629c0a1 GIT binary patch literal 331 zcmXv|%WA|R6m{)a2(urqMz5M}>7wgGx8+8!GbxD<6GIUtno&cdEx)DXwlk&OZ!xZC7)U?^F_41-}e3>?hNO_h@MtDa!IW1=VKGk pm8ON?_`c1pzSPo0p0~cXEcR)yeK!F1PojIeim!n0Xhli~egT;1V;}$k literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/6.0.27/linux-amd64/mongod b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/6.0.27/linux-amd64/mongod new file mode 100644 index 0000000000000000000000000000000000000000..e777db227b71850c35b9aa0c97baf745abe7fce1 GIT binary patch literal 331 zcmXv|$!fze6x3N?A;>*wv-IR^>7nOBujM^0iGwYfSf4Oxj{>Y$!6?n=Trd4P3MD1q>a?!8zg|%fZWN(N9Wz+zqgPg0B#;O;mY`(}nu3F0 zkEBnK5`f7>=)H$%jdz)NndbaIhC@*%S&vDPLgj~|;aHHxSdc(E9c*<-h9r?wIqG0t z3DMvH7_;L1bUF$8>RCK)irz$N^V~kf5%H&1%XDFF@9W+l!ky(=d)DKEM=!Faecv|r pT#@Gdmhaot>Psz+rD^L+OKhjT_FZdf|17-6EBgfZ?ktP(zz-X%W8MG& literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/7.0.28/linux-amd64/mongod b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/7.0.28/linux-amd64/mongod new file mode 100644 index 0000000000000000000000000000000000000000..822a512963133e84c8a6403483854d2608820cc0 GIT binary patch literal 331 zcmXw!&1%Ci5QKHsQwVYmLBE#l2k5nw9NJr0NxQMBV+mWKB&F|OAKKe61K-RnaKk~| z%5p847orW@AdC;8*D~-Kmunjbp`_&7GS!OhJc4%JAb`l(3=w^#q_j2}Q*hemV5E+n zQ$Ffstk)W%vq?EjU839tudNH-aGGZPhlO4lDRZZ!4Fs<1t?~g8NRbCAy(fsqWfyyI zEn$wk3q~4g!QkG``QdO7@zGHH%@nN&D)U^v#2)c{Zm_m{eXVUO%Ncjc{7Ig4U?W1k zY||6j)*yYd@8RQzZ41=;I6k+QkI#9E>~gOe8op0$e7ocNU`K)LTGm0Z7ucU<(S8AC C0%aip literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/8.0.17/linux-amd64/mongod b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/mongodb/8.0.17/linux-amd64/mongod new file mode 100644 index 0000000000000000000000000000000000000000..1195943808e7087c048c84fe4b0794f2921e3fb0 GIT binary patch literal 331 zcmXxf%WA_g5QSl_^%R0Ex(k*vx_Q}_u1hZuAZcb2gDn|brS$FVK)e3on=>^nG^(Z5 zYeU(Xcj}{pU?LdfJ(O saR>G{N+@t^>qpwI)CKK*T2d!`yw{hF=*X!j@pSN1`qZj=5LtZw0ySc0g8%>k literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml index 6085c555f..96373cf12 100644 --- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml +++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml @@ -269,6 +269,46 @@ from-images: # paths: # - /usr/sbin/mysqld + - name: mongodb + version: 8.0.17 + images: + - ref: mongo:8.0@sha256:48432a75b23f0883e9b631af3497cbf0d477124d33a67f217c71f6e9b40fde39 + platform: linux/amd64 + paths: + - /usr/bin/mongod + + - name: mongodb + version: 7.0.28 + images: + - ref: mongo:7.0@sha256:32b5cbf6e1075ad0f5eb2b880ee61e985d5135519a7a34a7d81712af37f27913 + platform: linux/amd64 + paths: + - /usr/bin/mongod + + - name: mongodb + version: 6.0.27 + images: + - ref: mongo:6.0@sha256:03cda579c8caad6573cb98c2b3d5ff5ead452a6450561129b89595b4b9c18de2 + platform: linux/amd64 + paths: + - /usr/bin/mongod + + - name: mongodb + version: 5.0.32 + images: + - ref: mongo:5.0@sha256:5e3e87afd24d75e722884d777c5713d254f7e88ba65381b5d6484f75a21b73e3 + platform: linux/amd64 + paths: + - /usr/bin/mongod + + - name: mongodb + version: 4.4.30 + images: + - ref: mongo:4.4@sha256:4be76f674fc4b27859816811b8baa3c51830eb1dbf4ca81a51e26b79edd662ef + platform: linux/amd64 + paths: + - /usr/bin/mongod + - version: 1.25.1 images: - ref: nginx:1.25.1@sha256:73e957703f1266530db0aeac1fd6a3f87c1e59943f4c13eb340bb8521c6041d7