oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add detection for Oracle GraalVM (#2705)

Browse Source 
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
This commit is contained in:
Laurent Goderre 2024-03-14 11:40:07 -04:00 committed by GitHub
parent 1c8d29d577
commit cf17bd69b2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
syft/pkg/cataloger/binary/classifier_cataloger_test.go
View File

@ -627,6 +627,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
Metadata: metadata("java-binary-openjdk", "java"), Metadata: metadata("java-binary-openjdk", "java"),
}, },
}, },
{
logicalFixture: "java-graal-openjdk/17.0.3+7-jvmci-22.1-b06/linux-amd64",
expected: pkg.Package{
Name: "java",
Version: "17.0.3+7-jvmci-22.1-b06",
Type: "binary",
PURL: "pkg:generic/java@17.0.3+7-jvmci-22.1-b06",
Locations: locations("java"),
Metadata: metadata("java-binary-graalvm", "java"),
},
},
{ {
// TODO: find original binary... // TODO: find original binary...
// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo // note: cannot find the original binary, using a custom snippet based on the original snippet in the repo

13
syft/pkg/cataloger/binary/classifiers.go
View File

@ -90,7 +90,9 @@ func DefaultClassifiers() []Classifier {
EvidenceMatcher: FileContentsVersionMatcher( EvidenceMatcher: FileContentsVersionMatcher(
// [NUL]openjdk[NUL]java[NUL]0.0[NUL]11.0.17+8-LTS[NUL] // [NUL]openjdk[NUL]java[NUL]0.0[NUL]11.0.17+8-LTS[NUL]
// [NUL]openjdk[NUL]java[NUL]1.8[NUL]1.8.0_352-b08[NUL] // [NUL]openjdk[NUL]java[NUL]1.8[NUL]1.8.0_352-b08[NUL]
`(?m)\x00openjdk\x00java\x00(?P<release>[0-9]+[.0-9]*)\x00(?P<version>[0-9]+[^\x00]+)\x00`), // Equivalent to the following regexp with lookahead support:
// (?m)\x00openjdk\x00java\x00(?P<release>[0-9]+[.0-9]*)\x00(?P<release>[0-9]+[.0-9]*) (?P<version>[0-9]+[^-\x00]+(-(?!jvmci)[^-\x00]+)+)
`(?m)\x00openjdk\x00java\x00(?P<release>[0-9]+[.0-9]*)\x00(?P<version>[0-9]+[^-\s]+(-([^-j\x00][^-\x00]?|[^-\x00][^-v\x00][^-\x00]?|[^-\x00][^-\x00][^-m\x00][^-\x00]?|[^-\x00][^-\x00][^-\x00][^-c\x00][^-\x00]?|[^-\x00][^-\x00][^-\x00][^-\x00][^-i\s].?|[^-\x00]{6,}))+)\x00`),
Package: "java", Package: "java",
PURL: mustPURL("pkg:generic/java@version"), PURL: mustPURL("pkg:generic/java@version"),
// TODO the updates might need to be part of the CPE Attributes, like: 1.8.0:update152 // TODO the updates might need to be part of the CPE Attributes, like: 1.8.0:update152
@ -116,6 +118,15 @@ func DefaultClassifiers() []Classifier {
PURL: mustPURL("pkg:generic/java@version"), PURL: mustPURL("pkg:generic/java@version"),
CPEs: singleCPE("cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*"), CPEs: singleCPE("cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*"),
}, },
{
Class: "java-binary-graalvm",
FileGlob: "**/java",
EvidenceMatcher: FileContentsVersionMatcher(
`(?m)\x00(?P<version>[0-9]+[.0-9]+[.0-9]+\+[0-9]+-jvmci-[0-9]+[.0-9]+-b[0-9]+)\x00`),
Package: "java",
PURL: mustPURL("pkg:generic/java@version"),
CPEs: singleCPE("cpe:2.3:a:oracle:graalvm:*:*:*:*:*:*:*:*"),
},
{ {
Class: "nodejs-binary", Class: "nodejs-binary",
FileGlob: "**/node", FileGlob: "**/node",

BIN
syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/java-graal-openjdk/17.0.3+7-jvmci-22.1-b06/linux-amd64/java Normal file
View File

Binary file not shown.

9
syft/pkg/cataloger/binary/test-fixtures/config.yaml
View File

@ -203,6 +203,15 @@ from-images:
paths: paths:
- /usr/lib/jvm/java-11-amazon-corretto/bin/java - /usr/lib/jvm/java-11-amazon-corretto/bin/java
- name: java-graal-openjdk
version: 17.0.3+7-jvmci-22.1-b06
images:
- ref: springci/graalvm-ce:java17-0.12.x@sha256:110bf78b81e4e29c9217b565f10a1f11bb2ec0486d7336c047d803428e09685d
platform: linux/amd64
paths:
- /opt/java/bin/java
# TODO: this is not the original binary used in the test fixture # TODO: this is not the original binary used in the test fixture
# - version: 5.12.5 # - version: 5.12.5
# images: # images:

3
syft/pkg/cataloger/binary/test-fixtures/manager/internal/download_from_image.go
View File

@ -6,6 +6,7 @@ import (
"os" "os"
"os/exec" "os/exec"
"path/filepath" "path/filepath"
"strings"
"github.com/google/uuid" "github.com/google/uuid"
@ -147,7 +148,7 @@ func copyBinariesFromDockerImages(config config.BinaryFromImage, destination str
} }
func copyBinariesFromDockerImage(config config.BinaryFromImage, destination string, image config.Image) (err error) { func copyBinariesFromDockerImage(config config.BinaryFromImage, destination string, image config.Image) (err error) {
containerName := fmt.Sprintf("%s-%s-%s", config.Name(), config.Version, uuid.New().String()) containerName := fmt.Sprintf("%s-%s-%s", config.Name(), strings.ReplaceAll(config.Version, "+", "-"), uuid.New().String())
cmd := exec.Command("docker", "create", "--name", containerName, image.Reference) cmd := exec.Command("docker", "create", "--name", containerName, image.Reference)
if err = cmd.Run(); err != nil { if err = cmd.Run(); err != nil {