fix: update dot net binary parsing logic to remove empty space (#2273)

* fix: update parsing logic to remove empty space
* tests: update with test cases provided by community
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>

syft/pkg/cataloger/dotnet/parse_dotnet_portable_executable.go

@@ -3,6 +3,8 @@ package dotnet
 import (
 	"fmt"
 	"io"
+	"regexp"
+	"strings"
 
 	"github.com/saferwall/pe"
 
@@ -40,14 +42,14 @@ func parseDotnetPortableExecutable(_ file.Resolver, _ *generic.Environment, f fi
 		return nil, nil, nil
 	}
 
-	name := versionResources["FileDescription"]
+	name := findName(versionResources)
 	if name == "" {
-		log.Tracef("unable to find FileDescription in PE file: %s", f.RealPath)
+		log.Tracef("unable to find FileDescription, or ProductName in PE file: %s", f.RealPath)
 		return nil, nil, nil
 	}
 
-	version := versionResources["FileVersion"]
+	version := findVersion(versionResources)
-	if version == "" {
+	if strings.TrimSpace(version) == "" {
 		log.Tracef("unable to find FileVersion in PE file: %s", f.RealPath)
 		return nil, nil, nil
 	}
@@ -84,3 +86,31 @@ func parseDotnetPortableExecutable(_ file.Resolver, _ *generic.Environment, f fi
 
 	return []pkg.Package{p}, nil, nil
 }
+
+func findVersion(versionResources map[string]string) string {
+	for _, key := range []string{"FileVersion"} {
+		if version, ok := versionResources[key]; ok {
+			if strings.TrimSpace(version) == "" {
+				continue
+			}
+			fields := strings.Fields(version)
+			if len(fields) > 0 {
+				return fields[0]
+			}
+		}
+	}
+	return ""
+}
+
+func findName(versionResources map[string]string) string {
+	for _, key := range []string{"FileDescription", "ProductName"} {
+		if name, ok := versionResources[key]; ok {
+			if strings.TrimSpace(name) == "" {
+				continue
+			}
+			trimmed := strings.TrimSpace(name)
+			return regexp.MustCompile(`[^a-zA-Z0-9.]+`).ReplaceAllString(trimmed, "")
+		}
+	}
+	return ""
+}

syft/pkg/cataloger/dotnet/parse_dotnet_portable_executable_test.go

@@ -10,28 +10,74 @@ import (
 )
 
 func TestParseDotnetPortableExecutable(t *testing.T) {
-	fixture := "test-fixtures/System.Buffers.dll"
+	tests := []struct {
-	fixtureLocationSet := file.NewLocationSet(file.NewLocation(fixture))
+		fixture  string
-
+		expected []pkg.Package
-	expected := []pkg.Package{
+	}{
 		{
-			Name:      "System.Buffers",
+			fixture: "test-fixtures/System.Buffers.dll",
-			Version:   "7.0.923.36201",
+			expected: []pkg.Package{
-			Locations: fixtureLocationSet,
+				{
-			Type:      pkg.DotnetPkg,
+					Name:    "System.Buffers",
-			PURL:      "pkg:nuget/System.Buffers@7.0.923.36201",
+					Version: "7.0.923.36201",
-			Metadata: pkg.DotnetPortableExecutableEntry{
+					Type:    pkg.DotnetPkg,
-				AssemblyVersion: "7.0.0.0",
+					PURL:    "pkg:nuget/System.Buffers@7.0.923.36201",
-				LegalCopyright:  "© Microsoft Corporation. All rights reserved.",
+					Metadata: pkg.DotnetPortableExecutableEntry{
-				Comments:        "System.Buffers",
+						AssemblyVersion: "7.0.0.0",
-				InternalName:    "System.Buffers.dll",
+						LegalCopyright:  "© Microsoft Corporation. All rights reserved.",
-				CompanyName:     "Microsoft Corporation",
+						Comments:        "System.Buffers",
-				ProductName:     "Microsoft® .NET",
+						InternalName:    "System.Buffers.dll",
-				ProductVersion:  "7.0.9+8e9a17b2216f51a5788f8b1c467a4cf3b769e7d7",
+						CompanyName:     "Microsoft Corporation",
+						ProductName:     "Microsoft® .NET",
+						ProductVersion:  "7.0.9+8e9a17b2216f51a5788f8b1c467a4cf3b769e7d7",
+					},
+				},
+			},
+		},
+		{
+			fixture: "test-fixtures/Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll",
+			expected: []pkg.Package{
+				{
+					Name:    "ActiveDirectoryAuthenticationLibrary",
+					Version: "3.14.40721.0918",
+					Type:    pkg.DotnetPkg,
+					PURL:    "pkg:nuget/ActiveDirectoryAuthenticationLibrary@3.14.40721.0918",
+					Metadata: pkg.DotnetPortableExecutableEntry{
+						AssemblyVersion: "3.14.2.11",
+						LegalCopyright:  "Copyright (c) Microsoft Corporation. All rights reserved.",
+						InternalName:    "Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll",
+						CompanyName:     "Microsoft Corporation",
+						ProductName:     "Active Directory Authentication Library",
+						ProductVersion:  "c61f043686a544863efc014114c42e844f905336",
+					},
+				},
+			},
+		},
+		{
+			fixture: "test-fixtures/sni.dll",
+			expected: []pkg.Package{
+				{
+					Name:    "bFileVersion",
+					Version: "4.6.25512.01",
+					Type:    pkg.DotnetPkg,
+					PURL:    "pkg:nuget/bFileVersion@4.6.25512.01",
+					Metadata: pkg.DotnetPortableExecutableEntry{
+						LegalCopyright: "© Microsoft Corporation.  All rights reserved.",
+						CompanyName:    "Microsoft Corporation",
+						ProductName:    "Microsoft® .NET Framework",
+						ProductVersion: "4.6.25512.01 built by: dlab-DDVSOWINAGE016. Commit Hash: d0d5c7b49271cadb6d97de26d8e623e98abdc8db",
+					},
+				},
 			},
 		},
 	}
 
-	var expectedRelationships []artifact.Relationship
+	for _, tc := range tests {
-	pkgtest.TestFileParser(t, fixture, parseDotnetPortableExecutable, expected, expectedRelationships)
+		t.Run(tc.fixture, func(t *testing.T) {
+			fixtureLocationSet := file.NewLocationSet(file.NewLocation(tc.fixture))
+			tc.expected[0].Locations = fixtureLocationSet
+			var expectedRelationships []artifact.Relationship
+			pkgtest.TestFileParser(t, tc.fixture, parseDotnetPortableExecutable, tc.expected, expectedRelationships)
+		})
+	}
 }