From 555376e2501ee9c2af0baba775a38b9aff5701fd Mon Sep 17 00:00:00 2001
From: Alfredo Deza <adeza@anchore.com>
Date: Tue, 16 Feb 2021 14:20:07 -0500
Subject: [PATCH] python: test leniency with invalid fields in PKG-INFO

Signed-off-by: Alfredo Deza <adeza@anchore.com>
---
 .../python/parse_wheel_egg_metadata_test.go   | 34 +++++++++
 .../test-fixtures/egg-info/PKG-INFO-INVALID   | 69 +++++++++++++++++++
 2 files changed, 103 insertions(+)
 create mode 100644 syft/cataloger/python/test-fixtures/egg-info/PKG-INFO-INVALID

diff --git a/syft/cataloger/python/parse_wheel_egg_metadata_test.go b/syft/cataloger/python/parse_wheel_egg_metadata_test.go
index ac6465198..737da67f9 100644
--- a/syft/cataloger/python/parse_wheel_egg_metadata_test.go
+++ b/syft/cataloger/python/parse_wheel_egg_metadata_test.go
@@ -117,3 +117,37 @@ func TestDetermineSitePackagesRootPath(t *testing.T) {
 		})
 	}
 }
+
+func TestParseWheelEggMetadataInvalid(t *testing.T) {
+	tests := []struct {
+		Fixture          string
+		ExpectedMetadata pkg.PythonPackageMetadata
+	}{
+		{
+			Fixture: "test-fixtures/egg-info/PKG-INFO-INVALID",
+			ExpectedMetadata: pkg.PythonPackageMetadata{
+				Name:                 "mxnet",
+				Version:              "1.8.0",
+				SitePackagesRootPath: "test-fixtures",
+			},
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.Fixture, func(t *testing.T) {
+			fixture, err := os.Open(test.Fixture)
+			if err != nil {
+				t.Fatalf("failed to open fixture: %+v", err)
+			}
+
+			actual, err := parseWheelOrEggMetadata(test.Fixture, fixture)
+			if err != nil {
+				t.Fatalf("failed to parse: %+v", err)
+			}
+
+			for _, d := range deep.Equal(actual, test.ExpectedMetadata) {
+				t.Errorf("diff: %+v", d)
+			}
+		})
+	}
+}
diff --git a/syft/cataloger/python/test-fixtures/egg-info/PKG-INFO-INVALID b/syft/cataloger/python/test-fixtures/egg-info/PKG-INFO-INVALID
new file mode 100644
index 000000000..173d8c512
--- /dev/null
+++ b/syft/cataloger/python/test-fixtures/egg-info/PKG-INFO-INVALID
@@ -0,0 +1,69 @@
+Metadata-Version: 1.1
+Name: mxnet
+Version: 1.8.0
+Summary: <!--- Licensed to the Apache Software Foundation (ASF) under one -->
+<!--- or more contributor license agreements.  See the NOTICE file -->
+<!--- distributed with this work for additional information -->
+<!--- regarding copyright ownership.  The ASF licenses this file -->
+<!--- to you under the Apache License, Version 2.0 (the -->
+<!--- "License"); you may not use this file except in compliance -->
+<!--- with the License.  You may obtain a copy of the License at -->
+
+<!---   http://www.apache.org/licenses/LICENSE-2.0 -->
+
+<!--- Unless required by applicable law or agreed to in writing, -->
+<!--- software distributed under the License is distributed on an -->
+<!--- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -->
+<!--- KIND, either express or implied.  See the License for the -->
+<!--- specific language governing permissions and limitations -->
+<!--- under the License. -->
+
+MXNet Python Package
+====================
+This directory and nested files contain MXNet Python package and language binding.
+
+## Installation
+To install MXNet Python package, visit MXNet [Install Instruction](https://mxnet.apache.org/get_started)
+
+
+## Running the unit tests
+
+For running unit tests, you will need the [nose PyPi package](https://pypi.python.org/pypi/nose). To install:
+```bash
+pip install --upgrade nose
+```
+
+Once ```nose``` is installed, run the following from MXNet root directory (please make sure the installation path of ```nosetests``` is included in your ```$PATH``` environment variable):
+```
+nosetests tests/python/unittest
+nosetests tests/python/train
+
+```
+
+Home-page: https://github.com/apache/incubator-mxnet
+Author: UNKNOWN
+Author-email: UNKNOWN
+License: UNKNOWN
+Description: UNKNOWN
+Platform: UNKNOWN
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Education
+Classifier: Intended Audience :: Science/Research
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: C++
+Classifier: Programming Language :: Cython
+Classifier: Programming Language :: Other
+Classifier: Programming Language :: Perl
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 2.7
+Classifier: Programming Language :: Python :: 3.4
+Classifier: Programming Language :: Python :: 3.5
+Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: Implementation :: CPython
+Classifier: Topic :: Scientific/Engineering
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Scientific/Engineering :: Mathematics
+Classifier: Topic :: Software Development
+Classifier: Topic :: Software Development :: Libraries
+Classifier: Topic :: Software Development :: Libraries :: Python Modules