From 433a7b8a42a51a3deea52efea09189d1b06639b9 Mon Sep 17 00:00:00 2001
From: Sem Provoost <27961543+SemProvoost@users.noreply.github.com>
Date: Thu, 3 Aug 2023 19:09:31 +0200
Subject: [PATCH] feat: nginx binary classifier (#1988)

Signed-off-by: SemProvoost <27961543+SemProvoost@users.noreply.github.com>
---
 syft/pkg/cataloger/binary/cataloger_test.go   |  24 ++++++++++++++++++
 .../cataloger/binary/default_classifiers.go   |  15 +++++++++++
 .../classifiers/positive/nginx-1.25.1/nginx   | Bin 0 -> 837 bytes
 .../positive/nginx-openresty-1.21.4.2/nginx   | Bin 0 -> 1425 bytes
 4 files changed, 39 insertions(+)
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/nginx-1.25.1/nginx
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/nginx-openresty-1.21.4.2/nginx

diff --git a/syft/pkg/cataloger/binary/cataloger_test.go b/syft/pkg/cataloger/binary/cataloger_test.go
index 4a36a5e1d..c66cb88db 100644
--- a/syft/pkg/cataloger/binary/cataloger_test.go
+++ b/syft/pkg/cataloger/binary/cataloger_test.go
@@ -643,6 +643,30 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("consul-binary"),
 			},
 		},
+		{
+			name:       "positive-nginx-1.25.1",
+			fixtureDir: "test-fixtures/classifiers/positive/nginx-1.25.1",
+			expected: pkg.Package{
+				Name:      "nginx",
+				Version:   "1.25.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/nginx@1.25.1",
+				Locations: locations("nginx"),
+				Metadata:  metadata("nginx-binary"),
+			},
+		},
+		{
+			name:       "positive-nginx-openresty-1.21.4.2",
+			fixtureDir: "test-fixtures/classifiers/positive/nginx-openresty-1.21.4.2",
+			expected: pkg.Package{
+				Name:      "nginx",
+				Version:   "1.21.4",
+				Type:      "binary",
+				PURL:      "pkg:generic/nginx@1.21.4",
+				Locations: locations("nginx"),
+				Metadata:  metadata("nginx-binary"),
+			},
+		},
 	}
 
 	for _, test := range tests {
diff --git a/syft/pkg/cataloger/binary/default_classifiers.go b/syft/pkg/cataloger/binary/default_classifiers.go
index 5c2f2e17f..93ed25d30 100644
--- a/syft/pkg/cataloger/binary/default_classifiers.go
+++ b/syft/pkg/cataloger/binary/default_classifiers.go
@@ -254,6 +254,21 @@ var defaultClassifiers = []classifier{
 		PURL:    mustPURL("pkg:golang/github.com/hashicorp/consul@version"),
 		CPEs:    singleCPE("cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*"),
 	},
+	{
+		Class:    "nginx-binary",
+		FileGlob: "**/nginx",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			// [NUL]nginx version: nginx/1.25.1 - fetches '1.25.1'
+			// [NUL]nginx version: openresty/1.21.4.1 - fetches '1.21.4' as this is the nginx version part
+			`(?m)(\x00|\?)nginx version: [^\/]+\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+(?:\+\d+)?(?:-\d+)?)`,
+		),
+		Package: "nginx",
+		PURL:    mustPURL("pkg:generic/nginx@version"),
+		CPEs: []cpe.CPE{
+			cpe.Must("cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*"),
+			cpe.Must("cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*"),
+		},
+	},
 }
 
 // in both binaries and shared libraries, the version pattern is [NUL]3.11.2[NUL]
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/nginx-1.25.1/nginx b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/nginx-1.25.1/nginx
new file mode 100644
index 0000000000000000000000000000000000000000..6311b0515cedb3e623de1e56834b671143899dab
GIT binary patch
literal 837
zcmd6lu~Ne@42GHe6dK_!O|RUsWMN`$7mnQ|isL)Sa&4vb@sV88OUl5C7u%A)U-ExG
zMs^f(vjNz?R@(vQ)c_AJ!+<_&?mWkJZy*o!1!qiIU@)Nryg1gnk3Z^K3ca&aLZEAB
zX@lX0^BQN&3^QVM(p9tfzp5+frZIx!6?R%<d5SS%&JZYUF(pbc%GFrRf+rX3-3U6B
zMD@8Dva`YXqA0eYSn(5K0t2JTj0s|*RwSi>DOPZr99NK#A_m<(nNHQB6k_i#H#MFE
z(eMC|9rkAO+`!>@czaR;p?4mG8BrMR&v1Q#CtFerNJ4p6vb7uw-u}kdZmar2LX*2-
zUAWYGEE*O%m#}4b7Qe0|SWlng$s$e@1NC=4s`zH}@Q+t{>io|eDA(P-etxO<%elV+
D&cM__

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/nginx-openresty-1.21.4.2/nginx b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/nginx-openresty-1.21.4.2/nginx
new file mode 100644
index 0000000000000000000000000000000000000000..79aa8cda4c4f8e2dcfd51ec129d9125d29e93cda
GIT binary patch
literal 1425
zcmd5)O>fjN5VbgR;s(c&(Mqk_-L@-E6%ufPOAkmuFV!lz@g%j#+V0p{b}4@i@ss!q
zOybQ4-L~R{h$7F-oA<`gPK0QmUq64O_o0dziT!sg)3KBI=ij=?vd<1ucD#+u-Da=1
z>?hlJJg8qL&20z&c(14O!`K1u{_Oi05RBaUcBFB$!<xwWxa9oNt@=LYXKvj5!A;DB
z-IsTQalgan37m2`=&;t|0vIY%m)D{9e`WHkqc2EV?(0kyg|Q}XB$xo!MF_R`jv{Js
z7UC77zEZJpv^)e;T1Tk6)5tm??Ft7Ti-X796o$t|=YS`n5NA&5GjmCbHhcRZCqY7?
zOvRkNN!S;*TxUzC>k32K=^e)R<nlLK6Nb=A&gJ1l!py2AtA|OMBaI{~SB4{78oQo(
zqs3c79E^-TuybAe%H)k<V^^v&8f?A1<RM+jV2wi6(e;q?(KvhBS`#8wAg5je;dO1;
zK4@O^=x76t$M%3d4@bO$FC<YyWb4Gto|oUr8~Wv_?-lVrk$n$+zVP19&=1jh!7ig9
zbRI2-ioewE;idujo9*J0T(;+FFBn!xp}mY|7N0zBj!tItli7>e{BcYB6jX_)kk}W~
bS68d^`0;uH7d$`kucoRd_uvT&vtIlL5UPb)

literal 0
HcmV?d00001