diff --git a/syft/internal/fileresolver/chroot_context.go b/syft/internal/fileresolver/chroot_context.go index f643411a8..3a718635d 100644 --- a/syft/internal/fileresolver/chroot_context.go +++ b/syft/internal/fileresolver/chroot_context.go @@ -169,7 +169,11 @@ func (r ChrootContext) ToNativeGlob(chrootPath string) (string, error) { return "", err } - parts[0] = strings.TrimRight(responsePath, "/") + "/" + hasSlash := strings.HasSuffix(parts[0], "/") + parts[0] = responsePath + if hasSlash { + parts[0] = strings.TrimRight(parts[0], "/") + "/" + } return strings.Join(parts, "*"), nil } diff --git a/syft/internal/fileresolver/chroot_context_test.go b/syft/internal/fileresolver/chroot_context_test.go index 245e08b63..71621efa5 100644 --- a/syft/internal/fileresolver/chroot_context_test.go +++ b/syft/internal/fileresolver/chroot_context_test.go @@ -558,6 +558,16 @@ func TestToNativeGlob(t *testing.T) { expectedResult: "/cwd/relative/path/**/file*.txt", expectedError: nil, }, + { + name: "ending with glob", + chrootContext: ChrootContext{ + root: "/root", + cwdRelativeToRoot: "/cwd", + }, + chrootPath: "/var/lib/dpkg/info/name.*", + expectedResult: "/root/var/lib/dpkg/info/name.*", + expectedError: nil, + }, } for _, tt := range tests { diff --git a/syft/pkg/cataloger/debian/cataloger_test.go b/syft/pkg/cataloger/debian/cataloger_test.go index 1a9de610b..b8c0c6c18 100644 --- a/syft/pkg/cataloger/debian/cataloger_test.go +++ b/syft/pkg/cataloger/debian/cataloger_test.go @@ -288,7 +288,6 @@ func TestDpkgArchiveCataloger(t *testing.T) { }) } } - func TestCataloger_Globs(t *testing.T) { tests := []struct { name string @@ -305,6 +304,9 @@ func TestCataloger_Globs(t *testing.T) { "var/lib/dpkg/status.d/pkg-1.0", "usr/lib/opkg/info/pkg-1.0.control", "usr/lib/opkg/status", + "usr/lib/dpkg/info/libpam-runtime.conffiles", + "usr/lib/dpkg/info/libpam-runtime.md5sums", + "usr/share/doc/libpam-runtime/copyright", }, }, } diff --git a/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.conffiles b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.conffiles new file mode 100644 index 000000000..1fe9bc1cd --- /dev/null +++ b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.conffiles @@ -0,0 +1,2 @@ +/etc/pam.conf +/etc/pam.d/other \ No newline at end of file diff --git a/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.md5sums b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.md5sums new file mode 100644 index 000000000..70a9410cf --- /dev/null +++ b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.md5sums @@ -0,0 +1,4 @@ +55f905631797551d4d936a34c7e73474 lib/x86_64-linux-gnu/libz.so.1.2.11 +cede84bda30d2380217f97753c8ccf3a usr/share/doc/zlib1g/changelog.Debian.gz +f3c9dafa6da7992c47328b4464f6d122 usr/share/doc/zlib1g/changelog.gz +a4fae96070439a5209a62ae5b8017ab2 usr/share/doc/zlib1g/copyright \ No newline at end of file diff --git a/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.preinst b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.preinst new file mode 100644 index 000000000..52b07edd8 --- /dev/null +++ b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/info/libpam-runtime.preinst @@ -0,0 +1 @@ +# some shell script... \ No newline at end of file diff --git a/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/status b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/status index 90786794c..501e65e55 100644 --- a/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/status +++ b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/lib/dpkg/status @@ -1 +1,23 @@ -bogus status \ No newline at end of file +Package: + +Package: libpam-runtime +Status: install ok installed +Priority: required +Section: admin +Installed-Size: 1016 +Maintainer: Steve Langasek +Architecture: all +Multi-Arch: foreign +Source: pam +Version: 1.1.8-3.6 +Replaces: libpam0g-dev, libpam0g-util +Depends: debconf (>= 0.5) | debconf-2.0, debconf (>= 1.5.19) | cdebconf, libpam-modules (>= 1.0.1-6) +Conflicts: libpam0g-util +Conffiles: + /etc/pam.conf 87fc76f18e98ee7d3848f6b81b3391e5 + /etc/pam.d/other 31aa7f2181889ffb00b87df4126d1701 +Description: Runtime support for the PAM library + Contains configuration files and directories required for + authentication to work on Debian systems. This package is required + on almost all installations. +Homepage: http://www.linux-pam.org/ \ No newline at end of file diff --git a/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/share/doc/libpam-runtime/copyright b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/share/doc/libpam-runtime/copyright new file mode 100644 index 000000000..363b056eb --- /dev/null +++ b/syft/pkg/cataloger/debian/test-fixtures/glob-paths/usr/share/doc/libpam-runtime/copyright @@ -0,0 +1,43 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: auditd +Source: https://people.redhat.com/sgrubb/audit/ + +Files: * +Copyright: 2012-2016 Steve Grubb + 2006-2012 Rik Faith +License: GPL-2 + +Files: src/libev/* +Copyright: 2007-2009 Marc Alexamder Lehmann +License: GPL-2 + +Files: lib/* +Copyright: 2005-2008 Steve Grubb +License: LGPL-2.1 + The audit daemon's library libaudit.* is released under LGPL + so that it may be linked with 3rd party software. + . + On Debian systems, refer to /usr/share/common-licenses/LGPL-2.1 + for the complete text of the GNU Lesser General Public License. + +Files: debian/* +Copyright: 2007-2011 Philipp Matthias Hahn + 2012-2016 Laurent Bigonville +License: GPL-2 + +License: GPL-2 + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2, + as published by the Free Software Foundation. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + . + On Debian systems, the complete text of the GNU General + Public License can be found in `/usr/share/common-licenses/GPL-1'.