oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2026-02-12 02:26:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: add Qt6 binary detection (#4550)

Browse Source 
---------
Signed-off-by: Rez Moss <hi@rezmoss.com>
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
This commit is contained in:
Rez Moss 2026-01-30 10:35:33 -05:00 committed by GitHub
parent e136ebc44f
commit 94c8088542
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 86 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
syft/pkg/cataloger/binary/capabilities.yaml
View File

@ -423,6 +423,17 @@ catalogers:
cpes: cpes:
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* - cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
type: BinaryPkg type: BinaryPkg
- method: glob
criteria:
- '**/libQt*Core.so*'
packages:
- class: qt-qtbase-lib
name: qtbase
purl: pkg:generic/qtbase
cpes:
- cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
- cpe:2.3:a:qt:qtbase:*:*:*:*:*:*:*:*
type: BinaryPkg
- method: glob - method: glob
criteria: criteria:
- '**/gcc' - '**/gcc'

33
syft/pkg/cataloger/binary/classifier_cataloger_test.go
View File

@ -1269,6 +1269,39 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
Metadata: metadata("openssl-binary"), Metadata: metadata("openssl-binary"),
}, },
}, },
{
logicalFixture: "qt/4.8.6/linux-amd64",
expected: pkg.Package{
Name: "qtbase",
Version: "4.8.6",
Type: "binary",
PURL: "pkg:generic/qtbase@4.8.6",
Locations: locations("libQtCore.so.4.8.6"),
Metadata: metadata("qt-qtbase-lib"),
},
},
{
logicalFixture: "qt/5.15.2/linux-amd64",
expected: pkg.Package{
Name: "qtbase",
Version: "5.15.2",
Type: "binary",
PURL: "pkg:generic/qtbase@5.15.2",
Locations: locations("libQt5Core.so.5.15.2"),
Metadata: metadata("qt-qtbase-lib"),
},
},
{
logicalFixture: "qt/6.5.0/linux-amd64",
expected: pkg.Package{
Name: "qtbase",
Version: "6.5.0",
Type: "binary",
PURL: "pkg:generic/qtbase@6.5.0",
Locations: locations("libQt6Core.so.6.5.0"),
Metadata: metadata("qt-qtbase-lib"),
},
},
{ {
logicalFixture: "gcc/12.3.0/linux-amd64", logicalFixture: "gcc/12.3.0/linux-amd64",
expected: pkg.Package{ expected: pkg.Package{

16
syft/pkg/cataloger/binary/classifiers.go
View File

@ -510,6 +510,22 @@ func DefaultClassifiers() []binutils.Classifier {
PURL: mustPURL("pkg:generic/openssl@version"), PURL: mustPURL("pkg:generic/openssl@version"),
CPEs: singleCPE("cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), CPEs: singleCPE("cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
}, },
{
Class: "qt-qtbase-lib",
FileGlob: "**/libQt*Core.so*",
EvidenceMatcher: binutils.MatchAny(
// Qt 5.x and Qt 6.x pattern [NUL][NUL]Qt 6.5.0 (x86_64-little_endian-...
m.FileContentsVersionMatcher(`\x00\x00Qt (?P<version>[0-9]+\.[0-9]+\.[0-9]+) \(`),
// Qt 4.x pattern QtCore lib ver 4.8.7
m.FileContentsVersionMatcher(`QtCore library version (?P<version>[0-9]+\.[0-9]+\.[0-9]+)`),
),
Package: "qtbase",
PURL: mustPURL("pkg:generic/qtbase@version"),
CPEs: []cpe.CPE{
cpe.Must("cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
cpe.Must("cpe:2.3:a:qt:qtbase:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
},
},
{ {
Class: "gcc-binary", Class: "gcc-binary",
FileGlob: "**/gcc", FileGlob: "**/gcc",

2
syft/pkg/cataloger/binary/test-fixtures/Makefile
View File

@ -41,4 +41,4 @@ clean-fingerprint: ## clean up all legacy fingerprint files
help: help:
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "$(BOLD)$(CYAN)%-25s$(RESET)%s\n", $$1, $$2}' @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "$(BOLD)$(CYAN)%-25s$(RESET)%s\n", $$1, $$2}'
.PHONY: default list download download-all clean clean-fingerprint add-snippet fingerprint .PHONY: default list download download-all clean clean-fingerprint add-snippet fingerprint

BIN
syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/qt/4.8.6/linux-amd64/libQtCore.so.4.8.6 Normal file
View File

Binary file not shown.

BIN
syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/qt/5.15.2/linux-amd64/libQt5Core.so.5.15.2 Normal file
View File

Binary file not shown.

BIN
syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/qt/6.5.0/linux-amd64/libQt6Core.so.6.5.0 Normal file
View File

Binary file not shown.

27
syft/pkg/cataloger/binary/test-fixtures/config.yaml
View File

@ -11,7 +11,7 @@ from-images:
- name: busybox - name: busybox
version: 1.36.1 version: 1.36.1
images: images:
- ref: busybox:1.36.1@sha256:058f0df5310fbbbfea7e81a3a3e2b4bf3452438ec841138d170e170adbbd27a4 - ref: busybox:1.36.1@sha256:058f0df5310fbbbfea7e81a3a3e2b4bf3452438ec841138d170e170adbbd27a4
platform: linux/amd64 platform: linux/amd64
paths: paths:
@ -1020,6 +1020,29 @@ from-images:
paths: paths:
- /usr/share/grafana/bin/grafana-server - /usr/share/grafana/bin/grafana-server
- name: qt
version: 6.5.0
images:
- ref: stateoftheartio/qt6:6.5-gcc-aqt@sha256:c0dfd1cd174d855f0157ce0455270b2ee49f5eea4c7a40ffe0e848d41ae4d074
platform: linux/amd64
paths:
- /opt/Qt/6.5.0/gcc_64/lib/libQt6Core.so.6.5.0
- name: qt
version: 5.15.2
images:
- ref: rabits/qt:5.15-desktop@sha256:8dd10b4fcdece7e329dd2b9db52dafcd6590940954bc36d5018567e850d9599c
platform: linux/amd64
paths:
- /opt/Qt/5.15.2/gcc_64/lib/libQt5Core.so.5.15.2
- name: qt
version: 4.8.6
images:
- ref: uvatbc/qt:qt4@sha256:9d6f18e000df14077f4c96e487fc84e02f1cef19c27f2a8f66f161b8a1ef6b06
platform: linux/amd64
paths:
- /usr/lib/x86_64-linux-gnu/libQtCore.so.4.8.6
- version: 1.36.4 - version: 1.36.4
images: images:
- ref: envoyproxy/envoy:v1.36.4@sha256:ae31562b8cede20913a2d3d6a4f44c8479a50551e033cb8ef7bb8e38cec4b573 - ref: envoyproxy/envoy:v1.36.4@sha256:ae31562b8cede20913a2d3d6a4f44c8479a50551e033cb8ef7bb8e38cec4b573
@ -1081,4 +1104,4 @@ from-images:
- ref: envoyproxy/envoy:v1.6.0@sha256:6d02409028d76b69bc348650e080e68fd81b863e68aa16e96c95d74ab0f16f24 - ref: envoyproxy/envoy:v1.6.0@sha256:6d02409028d76b69bc348650e080e68fd81b863e68aa16e96c95d74ab0f16f24
platform: linux/amd64 platform: linux/amd64
paths: paths:
- /usr/local/bin/envoy - /usr/local/bin/envoy