update vault classifier (#4742)

Signed-off-by: witchcraze <witchcraze@gmail.com>

syft/pkg/cataloger/binary/classifier_cataloger_test.go

@@ -1111,6 +1111,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
 				Metadata:  metadata("consul-binary"),
 			},
 		},
+		{
+			logicalFixture: "vault/1.21.0-rc1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "github.com/hashicorp/vault",
+				Version:   "1.21.0-rc1",
+				Type:      "golang",
+				PURL:      "pkg:golang/github.com/hashicorp/vault@1.21.0-rc1",
+				Locations: locations("vault"),
+				Metadata:  metadata("hashicorp-vault-binary"),
+			},
+		},
 		{
 			logicalFixture: "vault/1.20.2/linux-amd64",
 			expected: pkg.Package{
@@ -1133,6 +1144,50 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
 				Metadata:  metadata("hashicorp-vault-binary"),
 			},
 		},
+		{
+			logicalFixture: "vault/1.14.10/linux-amd64",
+			expected: pkg.Package{
+				Name:      "github.com/hashicorp/vault",
+				Version:   "1.14.10",
+				Type:      "golang",
+				PURL:      "pkg:golang/github.com/hashicorp/vault@1.14.10",
+				Locations: locations("vault"),
+				Metadata:  metadata("hashicorp-vault-binary"),
+			},
+		},
+		{
+			logicalFixture: "vault/1.14.3/linux-amd64",
+			expected: pkg.Package{
+				Name:      "github.com/hashicorp/vault",
+				Version:   "1.14.3",
+				Type:      "golang",
+				PURL:      "pkg:golang/github.com/hashicorp/vault@1.14.3",
+				Locations: locations("vault"),
+				Metadata:  metadata("hashicorp-vault-binary"),
+			},
+		},
+		{
+			logicalFixture: "vault/1.13.13/linux-amd64",
+			expected: pkg.Package{
+				Name:      "github.com/hashicorp/vault",
+				Version:   "1.13.13",
+				Type:      "golang",
+				PURL:      "pkg:golang/github.com/hashicorp/vault@1.13.13",
+				Locations: locations("vault"),
+				Metadata:  metadata("hashicorp-vault-binary"),
+			},
+		},
+		{
+			logicalFixture: "vault/1.11.6/linux-amd64",
+			expected: pkg.Package{
+				Name:      "github.com/hashicorp/vault",
+				Version:   "1.11.6",
+				Type:      "golang",
+				PURL:      "pkg:golang/github.com/hashicorp/vault@1.11.6",
+				Locations: locations("vault"),
+				Metadata:  metadata("hashicorp-vault-binary"),
+			},
+		},
 		{
 			logicalFixture: "erlang/25.3.2.6/linux-amd64",
 			expected: pkg.Package{

syft/pkg/cataloger/binary/classifiers.go

@@ -479,9 +479,26 @@ func DefaultClassifiers() []binutils.Classifier {
 		{
 			Class:    "hashicorp-vault-binary",
 			FileGlob: "**/vault",
-			EvidenceMatcher: m.FileContentsVersionMatcher(
+			EvidenceMatcher: binutils.MatchAny(
+				m.FileContentsVersionMatcher(
 					// revoke1.18.0
-				`(?m)revoke(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`),
+					`(?m)revoke(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`,
+				),
+				m.FileContentsVersionMatcher(
+					// secondsindex_state1.20.0-rc1
+					`state(?P<version>[0-9]+\.[0-9]+\.[0-9]+\-rc[0-9])`,
+				),
+				m.FileContentsVersionMatcher(
+					// %s0.0.0.00x%016x1.14.101.49.22123-abc19531252.5.4.32.5.4.52.5.4.62.5.4.72.5.4.82.5.4.92
+					// %s0.0.0.00x%016x1.14.3
+					// txn0.0.0.00x%016x1.13.13123-abc19531252.5.4.32.5.4.52.5.4.62.5.4.72.5.4.82.5.4.92006-019765625: type ::1/128::ffff::method:
+					`016x(?P<version>1.1[1,3,4].[0-9]{1,2})`,
+				),
+				m.FileContentsVersionMatcher(
+					// [NUL][NUL][NUL]1.11.6[NUL][NUL][NUL]
+					`\x00+(?P<version>1\.[0-9][0,1]?\.[0-9]+)\x00+`,
+				),
+			),
 			Package: "github.com/hashicorp/vault",
 			PURL:    mustPURL("pkg:golang/github.com/hashicorp/vault@version"),
 			CPEs:    singleCPE("cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),

syft/pkg/cataloger/binary/testdata/classifiers/snippets/vault/1.13.13/linux-amd64/vault

@@ -0,0 +1,9 @@
+name: vault
+offset: 111090856
+length: 420
+snippetSha256: 6d04a36a400e279a87c110dde8c540566d4c449d1db9014436ec8e74c5febe38
+fileSha256: 96151b53d171e23674cd8a5cd4f60317efa1ae7f2c4abd8b612413cba65c0fb2
+
+### byte snippet to follow ###
+/.*)?$(".*?")(none)
+, Kind=, file=, goid=, j0 = , type=,errno=,packed,proto3-BEGIN .000000.bashrc.config.mathml.member.ndjson.pgpass.sqlite.sv4crc.tar.gz/?.lua;/api/v1/bin/sh/broker/certs//check//commit/config/emails/import/issue//logout/lookup/metric/revert/revoke/rotate/signal/stable/v1/kv//v1/txn0.0.0.00x%016x1.13.13123-abc19531252.5.4.32.5.4.52.5.4.62.5.4.72.5.4.82.5.4.92006-019765625: type ::1/128::ffff::method:

syft/pkg/cataloger/binary/testdata/classifiers/snippets/vault/1.14.10/linux-amd64/vault

@@ -0,0 +1,9 @@
+name: vault
+offset: 162133801
+length: 420
+snippetSha256: f3419c0c0ad0819dc20ce0965458f47fef6970ffe6cfd3057823e0855b92d843
+fileSha256: 64f0aefef6eed97fa9837ee4ebd19f8b043a107dcbf8bb272ba2811a0803c765
+
+### byte snippet to follow ###
+/.*)?$(".*?")(none)
+, Kind=, file=, goid=, j0 = , type=,errno=,packed,proto3-BEGIN .000000.bashrc.config.mathml.member.ndjson.pgpass.sqlite.sv4crc.tar.gz/?.lua;/api/v1/bin/sh/broker/certs//check//checks/commit/config/emails/import/issue//logout/lookup/metric/order//orders/revert/revoke/roles//rotate/signal/stable/v1/kv//v1/txn0.0.0%s0.0.0.00x%016x1.14.101.49.22123-abc19531252.5.4.32.5.4.52.5.4.62.5.4.72.5.4.82.5.4.92

syft/pkg/cataloger/binary/testdata/classifiers/snippets/vault/1.14.3/linux-amd64/vault

@@ -0,0 +1,10 @@
+name: vault
+offset: 160880802
+length: 420
+snippetSha256: 8dbeecbde88f06d946e10e3672aee0baac4688fda28e42d7e9626a3440188fce
+fileSha256: 7369f8de5885507c74e42980079afb109bdc627df1d3de07cba4a2f39ec3ed31
+
+### byte snippet to follow ###
+/.*)?$(".*?")(none)
+, Kind=, file=, goid=, j0 = , type=,errno=,packed,proto3-BEGIN .000000.bashrc.config.mathml.member.ndjson.pgpass.sqlite.sv4crc.tar.gz/?.lua;/api/v1/bin/sh/broker/certs//check//checks/commit/config/emails/import/issue//logout/lookup/metric/order//orders/revert/revoke/roles//rotate/signal/stable/v1/kv//v1/txn0.0.0%s0.0.0.00x%016x1.14.3
+123-abc19531252.5.4.32.5.4.52.5.4.62.5.4.72.5.4.82.5.4.92006-019

syft/pkg/cataloger/binary/testdata/classifiers/snippets/vault/1.21.0-rc1/linux-amd64/vault

@@ -0,0 +1,11 @@
+name: vault
+offset: 215976149
+length: 320
+snippetSha256: 70eeb40843dd6bc76e5a40cacb49ea97dff607dfe3c1df434e9bb806bb4e19d7
+fileSha256: 757f0198f00706eb23afa1037b702520b993025d25f01557c12d2688eabefd7f
+
+### byte snippet to follow ###
+rver: %s
+Voters: %v
+Upgrade: %sencryptionsactive-nodecacheboltdbNeverAlwayslease_tokenvault_indexplugin_infomount_tablenum_entriesalicloudkmsenvironmentcredentialsUserLockout%s.NextPagedr-disabledperfstandbyttl_secondsindex_state1.21.0-rc1
+Options: %sMatches: %sMath_SymbolPrivate_UsePunctuationDives_AkuruMedefaidrinNag

syft/pkg/cataloger/binary/testdata/config.yaml

@@ -797,6 +797,13 @@ from-images:
     paths:
       - /bin/consul
 
+  - version: 1.21.0-rc1
+    images:
+      - ref: hashicorp/vault:1.21.0-rc1@sha256:67523b1e97acc26b050bb74abd251effe728bc3c1d7e80af19d251a511aa68ad
+        platform: linux/amd64
+    paths:
+      - /bin/vault
+
   - version: 1.20.2
     images:
       - ref: hashicorp/vault@sha256:5cd2003247e0a574a66c66aee1916b1e9e7f99640298f2e61271a8842d2d2a19
@@ -811,6 +818,34 @@ from-images:
     paths:
       - /bin/vault
 
+  - version: 1.14.10
+    images:
+      - ref: hashicorp/vault:1.14.10@sha256:cf826411f1172c4109da38d9ad90ff83026ef30caae9312aeb77fde868fc7dc8
+        platform: linux/amd64
+    paths:
+      - /bin/vault
+
+  - version: 1.14.3
+    images:
+      - ref: hashicorp/vault:1.14.3@sha256:e95f46376b39654f4be020c7be91ac88b6729b6b506e48516bef3b140a901bd5
+        platform: linux/amd64
+    paths:
+      - /bin/vault
+
+  - version: 1.13.13
+    images:
+      - ref: hashicorp/vault:1.13.13@sha256:d278cb438626eef0d40de35917b13f032955671b3a15983a7fb336a720bebef4
+        platform: linux/amd64
+    paths:
+      - /bin/vault
+
+  - version: 1.11.6
+    images:
+      - ref: hashicorp/vault:1.11.6@sha256:8366b2e6ad9d0eea9019fda45ccc2551fc67cd0afa0c6e9217ee29f390fa4108
+        platform: linux/amd64
+    paths:
+      - /bin/vault
+
   - version: 3.0.2
     images:
       - ref: fluent/fluent-bit:3.0.2-amd64@sha256:7e6fe8efd51dda0739e355f58bf5e3b1623cbf2d4a23c06c7a365d9553e2d242