From ac34808b9c55bb274b1205f9b5d9cf495239577d Mon Sep 17 00:00:00 2001 From: Keith Zantow Date: Tue, 28 May 2024 10:13:06 -0400 Subject: [PATCH] feat: detect fluent-bit binaries (#2905) Signed-off-by: Keith Zantow --- .../binary/classifier_cataloger_test.go | 22 ++++++++++++++++++ syft/pkg/cataloger/binary/classifiers.go | 13 +++++++++++ .../fluent-bit/2.2.1/linux-arm64/fluent-bit | Bin 0 -> 355 bytes .../fluent-bit/3.0.2/linux-amd64/fluent-bit | Bin 0 -> 354 bytes .../binary/test-fixtures/config.yaml | 14 +++++++++++ 5 files changed, 49 insertions(+) create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/fluent-bit/2.2.1/linux-arm64/fluent-bit create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/fluent-bit/3.0.2/linux-amd64/fluent-bit diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index ba87b50d9..7ec368b85 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -952,6 +952,28 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("gcc-binary"), }, }, + { + logicalFixture: "fluent-bit/3.0.2/linux-amd64", + expected: pkg.Package{ + Name: "fluent-bit", + Version: "3.0.2", + Type: "binary", + PURL: "pkg:github/fluent/fluent-bit@3.0.2", + Locations: locations("fluent-bit"), + Metadata: metadata("fluent-bit-binary"), + }, + }, + { + logicalFixture: "fluent-bit/2.2.1/linux-arm64", + expected: pkg.Package{ + Name: "fluent-bit", + Version: "2.2.1", + Type: "binary", + PURL: "pkg:github/fluent/fluent-bit@2.2.1", + Locations: locations("fluent-bit"), + Metadata: metadata("fluent-bit-binary"), + }, + }, { logicalFixture: "wp/2.9.0/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index e8952fbd1..c7ebafa97 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -464,6 +464,19 @@ func DefaultClassifiers() []Classifier { PURL: mustPURL("pkg:generic/gcc@version"), CPEs: singleCPE("cpe:2.3:a:gnu:gcc:*:*:*:*:*:*:*:*"), }, + { + Class: "fluent-bit-binary", + FileGlob: "**/fluent-bit", + EvidenceMatcher: FileContentsVersionMatcher( + // [NUL]3.0.2[NUL]%sFluent Bit + // [NUL]2.2.3[NUL]Fluent Bit + // [NUL]2.2.1[NUL][NUL][NUL]Fluent Bit + `\x00(?P[0-9]+\.[0-9]+\.[0-9]+)\x00[^\d]*Fluent`, + ), + Package: "fluent-bit", + PURL: mustPURL("pkg:github/fluent/fluent-bit@version"), + CPEs: singleCPE("cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*"), + }, { Class: "wordpress-cli-binary", FileGlob: "**/wp", diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/fluent-bit/2.2.1/linux-arm64/fluent-bit b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/fluent-bit/2.2.1/linux-arm64/fluent-bit new file mode 100644 index 0000000000000000000000000000000000000000..e892daa1e5159bcf4b80df0745cea9b4509f5c16 GIT binary patch literal 355 zcmXw#%}xU`41{~mEA$ensssnBBzD%x9y!1RaO^2RcDvI4RN4UI?OCAsWO-&jSu>}J zdoANT&+RD>O)VlTw_aNW1PVcoJYU*%J2<1(dAQxUyafJc0A+}Xqj6Mi; zgt0gv7ko%mOfurpAu`v{VHFR;XlxWE!^rGC=1_c!9uiSbK%~^+aM1ayvA(~l+oEL|$K_LRl3E`gb!z&!_Q$Grf8$Q>WViL@ zw*dV-H2ra0)h?h*7@UJ#Is2MAUo)D>oUzLw-lS5C5Z^Jo*DY99uv(eZ%2{|b~%OC=GOnXG(q#a01IsAu79<6ZBAhLji(}SIrHcIHIx%D&CT28@p z6O9o@I-Dl!QCT(#Gw>KWA&0{O{Ido4s|js^xa7Qi!Hx)}Jx!H#^ijbyf);eA;zu)ZF^l2faOXcBmnqk^%Tkf#t?V1W4X+6GBD(lu> F