diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index 56a3d9d63..3d79df2e8 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -509,6 +509,39 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("haproxy-binary"), }, }, + { + logicalFixture: "helm/4.1.4/linux-s390x", + expected: pkg.Package{ + Name: "helm", + Version: "4.1.4", + Type: "binary", + PURL: "pkg:golang/helm.sh/helm@4.1.4", + Locations: locations("helm"), + Metadata: metadata("helm"), + }, + }, + { + logicalFixture: "helm/3.15.2/linux-amd64", + expected: pkg.Package{ + Name: "helm", + Version: "3.15.2", + Type: "binary", + PURL: "pkg:golang/helm.sh/helm@3.15.2", + Locations: locations("helm"), + Metadata: metadata("helm"), + }, + }, + { + logicalFixture: "helm/3.12.0/linux-s390x", + expected: pkg.Package{ + Name: "helm", + Version: "3.12.0", + Type: "binary", + PURL: "pkg:golang/helm.sh/helm@3.12.0", + Locations: locations("helm"), + Metadata: metadata("helm"), + }, + }, { logicalFixture: "helm/3.11.1/linux-amd64", expected: pkg.Package{ @@ -520,6 +553,39 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("helm"), }, }, + { + logicalFixture: "helm/3.0.0-alpha.1/linux-amd64", + expected: pkg.Package{ + Name: "helm", + Version: "3.0.0-alpha.1", + Type: "binary", + PURL: "pkg:golang/helm.sh/helm@3.0.0-alpha.1", + Locations: locations("helm"), + Metadata: metadata("helm"), + }, + }, + { + logicalFixture: "helm/2.17.0-rc.1/linux-amd64", + expected: pkg.Package{ + Name: "helm", + Version: "2.17.0-rc.1", + Type: "binary", + PURL: "pkg:golang/helm.sh/helm@2.17.0-rc.1", + Locations: locations("helm"), + Metadata: metadata("helm"), + }, + }, + { + logicalFixture: "helm/2.0.0-beta.2/linux-amd64", + expected: pkg.Package{ + Name: "helm", + Version: "2.0.0-beta.2", + Type: "binary", + PURL: "pkg:golang/helm.sh/helm@2.0.0-beta.2", + Locations: locations("helm"), + Metadata: metadata("helm"), + }, + }, { logicalFixture: "helm/3.10.3/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index d76eca517..ff6b72504 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -132,8 +132,17 @@ func DefaultClassifiers() []binutils.Classifier { { Class: "helm", FileGlob: "**/helm", - EvidenceMatcher: m.FileContentsVersionMatcher( - `(?m)\x00v(?P[0-9]+\.[0-9]+\.[0-9]+)\x00`), + EvidenceMatcher: binutils.MatchAny( + // [NUL]v1.21.2[NUL].......[NUL][NUL]v4.1.4[NUL][NUL][NUL] + // [NUL]v2.0.0-beta.2[NUL][NUL][NUL] + m.FileContentsVersionMatcher(`\x00v(?P[0-9]+\.[0-9]+\.[0-9]+(-alpha\.[0-9]|-beta\.[0-9]|-rc\.[0-9])?)\x00{2,}`), + // [NUK]'[DLE]v3.12.0[NUL][NUL]...go1.20.3[NUL][NUL] + m.FileContentsVersionMatcher(`v(?P[0-9]+\.[0-9]+\.[0-9]+(-alpha\.[0-9]|-beta\.[0-9]|-rc\.[0-9])?)\x00+.{1,500}go[0-9]+\.[0-9]+\.[0-9]+\x00+`), + // [NUL]v3.11.1[NUL]�[NUL] + m.FileContentsVersionMatcher(`\x00v(?P[0-9]+\.[0-9]+\.[0-9]+(-alpha\.[0-9]|-beta\.[0-9]|-rc\.[0-9])?)\x00`), + // [NUL]@�@v3.15.2[NUL][NUL] + m.FileContentsVersionMatcher(`@v(?P[0-9]+\.[0-9]+\.[0-9]+(-alpha\.[0-9]|-beta\.[0-9]|-rc\.[0-9])?)\x00`), + ), Package: "helm", PURL: mustPURL("pkg:golang/helm.sh/helm@version"), CPEs: singleCPE("cpe:2.3:a:helm:helm:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/2.0.0-beta.2/linux-amd64/helm b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/2.0.0-beta.2/linux-amd64/helm new file mode 100644 index 000000000..82c54f145 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/2.0.0-beta.2/linux-amd64/helm differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/2.17.0-rc.1/linux-amd64/helm b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/2.17.0-rc.1/linux-amd64/helm new file mode 100644 index 000000000..445c77baf Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/2.17.0-rc.1/linux-amd64/helm differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.0.0-alpha.1/linux-amd64/helm b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.0.0-alpha.1/linux-amd64/helm new file mode 100644 index 000000000..78abc91a2 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.0.0-alpha.1/linux-amd64/helm differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.12.0/linux-unknown-454d5f53333930/helm b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.12.0/linux-unknown-454d5f53333930/helm new file mode 100644 index 000000000..27a361648 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.12.0/linux-unknown-454d5f53333930/helm differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.15.2/linux-amd64/helm b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.15.2/linux-amd64/helm new file mode 100644 index 000000000..dc5d31559 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/3.15.2/linux-amd64/helm differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/4.1.4/linux-unknown-454d5f53333930/helm b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/4.1.4/linux-unknown-454d5f53333930/helm new file mode 100644 index 000000000..df4bd3c25 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/helm/4.1.4/linux-unknown-454d5f53333930/helm differ diff --git a/syft/pkg/cataloger/binary/testdata/config.yaml b/syft/pkg/cataloger/binary/testdata/config.yaml index 4f933c25c..e1603524b 100644 --- a/syft/pkg/cataloger/binary/testdata/config.yaml +++ b/syft/pkg/cataloger/binary/testdata/config.yaml @@ -868,6 +868,27 @@ from-images: - /usr/local/lib/libruby.so.2.6.10 - /usr/local/lib/libruby.so.2.6 + - version: 4.1.4 + images: + - ref: alpine/helm:4.1.4@sha256:d69c97f71f38128c3ed4b8bcd70b4de65efad9e09494c85d158661e7ffd8b719 + platform: linux/s390x + paths: + - /usr/bin/helm + + - version: 3.15.2 + images: + - ref: alpine/helm:3.15.2@sha256:61185768b41810085cb57a9bc8de9003bea78ac0dd417e5b0b16223a6a0aa812 + platform: linux/amd64 + paths: + - /usr/bin/helm + + - version: 3.12.0 + images: + - ref: alpine/helm:3.12.0@sha256:6f6e18df0710af82188ab8b27d3890b6d519c501c0982f3a76f3fdbff39ff3c7 + platform: linux/s390x + paths: + - /usr/bin/helm + - version: 3.11.1 images: - ref: alpine/helm:3.11.1@sha256:8628e3695fb743a8b9de89626f1b7a221280c2152c0e288c2504e59b68233e8b @@ -882,6 +903,27 @@ from-images: paths: - /usr/local/bin/helm + - version: 3.0.0-alpha.1 + images: + - ref: alpine/helm:3.0.0-alpha.1@sha256:95bd39add326ac58a333815666aace6d4a28606a79eef96d4e44287b11540b69 + platform: linux/amd64 + paths: + - /usr/bin/helm + + - version: 2.17.0-rc.1 + images: + - ref: alpine/helm:2.17.0-rc.1@sha256:3938b9f291794fe88489dae2a87e0ad9d634464c686186d4a3ca33beef84278d + platform: linux/amd64 + paths: + - /usr/bin/helm + + - version: 2.0.0-beta.2 + images: + - ref: alpine/helm:2.0.0-beta.2@sha256:97d97b27a723b28c459d6c92e7b0591c553e88e483a248235fbdaa4dacb2e6d5 + platform: linux/amd64 + paths: + - /usr/bin/helm + - version: 1.15.2 images: - ref: hashicorp/consul:1.15.2@sha256:c2169f3bb18dd947ae8eb5f6766896695c71fb439f050a3343e0007d895615b8