From d4733fac1dcae71200f0098bd0406a8fc1fc1748 Mon Sep 17 00:00:00 2001
From: Duane May <duanemay@users.noreply.github.com>
Date: Tue, 21 Nov 2023 11:54:41 -0500
Subject: [PATCH] Add binary classifiers for MySQL and MariaDB  (#2316)

* Add MySQL and MariaDB binary classifiers

Signed-off-by: Duane May <duanemay@gmail.com>
Signed-off-by: Duane May <mduane@vmware.com>

* use smallest possible binary fixtures

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Duane May <duanemay@gmail.com>
Signed-off-by: Duane May <mduane@vmware.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
---
 syft/pkg/cataloger/binary/cataloger_test.go   |  36 ++++++++++++++++
 .../cataloger/binary/default_classifiers.go   |  20 +++++++++
 .../positive/mariadb-10.6.15/README.md        |  31 ++++++++++++++
 .../positive/mariadb-10.6.15/mariadb          | Bin 0 -> 40 bytes
 .../positive/mysql-5.6.51/README.md           |  39 +++++++++++++++++
 .../classifiers/positive/mysql-5.6.51/mysql   | Bin 0 -> 100 bytes
 .../positive/mysql-8.0.34/README.md           |  40 ++++++++++++++++++
 .../classifiers/positive/mysql-8.0.34/mysql   | Bin 0 -> 100 bytes
 8 files changed, 166 insertions(+)
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/README.md
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/mariadb
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/README.md
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/mysql
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/README.md
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/mysql

diff --git a/syft/pkg/cataloger/binary/cataloger_test.go b/syft/pkg/cataloger/binary/cataloger_test.go
index 086807cf4..bf32d1828 100644
--- a/syft/pkg/cataloger/binary/cataloger_test.go
+++ b/syft/pkg/cataloger/binary/cataloger_test.go
@@ -72,6 +72,42 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("postgresql-binary"),
 			},
 		},
+		{
+			name:       "positive-mysql-8.0.34",
+			fixtureDir: "test-fixtures/classifiers/positive/mysql-8.0.34",
+			expected: pkg.Package{
+				Name:      "mysql",
+				Version:   "8.0.34",
+				Type:      "binary",
+				PURL:      "pkg:generic/mysql@8.0.34",
+				Locations: locations("mysql"),
+				Metadata:  metadata("mysql-binary"),
+			},
+		},
+		{
+			name:       "positive-mysql-5.6.51",
+			fixtureDir: "test-fixtures/classifiers/positive/mysql-5.6.51",
+			expected: pkg.Package{
+				Name:      "mysql",
+				Version:   "5.6.51",
+				Type:      "binary",
+				PURL:      "pkg:generic/mysql@5.6.51",
+				Locations: locations("mysql"),
+				Metadata:  metadata("mysql-binary"),
+			},
+		},
+		{
+			name:       "positive-mariadb-10.6.15",
+			fixtureDir: "test-fixtures/classifiers/positive/mariadb-10.6.15",
+			expected: pkg.Package{
+				Name:      "mariadb",
+				Version:   "10.6.15",
+				Type:      "binary",
+				PURL:      "pkg:generic/mariadb@10.6.15",
+				Locations: locations("mariadb"),
+				Metadata:  metadata("mariadb-binary"),
+			},
+		},
 		{
 			name:       "positive-traefik-2.9.6",
 			fixtureDir: "test-fixtures/classifiers/positive/traefik-2.9.6",
diff --git a/syft/pkg/cataloger/binary/default_classifiers.go b/syft/pkg/cataloger/binary/default_classifiers.go
index 9b4b2dc2c..88e16454e 100644
--- a/syft/pkg/cataloger/binary/default_classifiers.go
+++ b/syft/pkg/cataloger/binary/default_classifiers.go
@@ -211,6 +211,26 @@ var defaultClassifiers = []classifier{
 		Package: "postgresql",
 		PURL:    mustPURL("pkg:generic/postgresql@version"),
 	},
+	{
+		Class:    "mysql-binary",
+		FileGlob: "**/mysql",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			// ../../mysql-8.0.34
+			// /mysql-5.6.51/bld/client
+			`(?m).*/mysql-(?P<version>[0-9]+(\.[0-9]+)?(\.[0-9]+)?(alpha[0-9]|beta[0-9]|rc[0-9])?)`),
+		Package: "mysql",
+		PURL:    mustPURL("pkg:generic/mysql@version"),
+		CPEs:    singleCPE("cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"),
+	},
+	{
+		Class:    "mariadb-binary",
+		FileGlob: "**/mariadb",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			// 10.6.15-MariaDB
+			`(?m)(?P<version>[0-9]+(\.[0-9]+)?(\.[0-9]+)?(alpha[0-9]|beta[0-9]|rc[0-9])?)-MariaDB`),
+		Package: "mariadb",
+		PURL:    mustPURL("pkg:generic/mariadb@version"),
+	},
 	{
 		Class:    "rust-standard-library-linux",
 		FileGlob: "**/libstd-????????????????.so",
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/README.md b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/README.md
new file mode 100644
index 000000000..20b6bc50c
--- /dev/null
+++ b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/README.md
@@ -0,0 +1,31 @@
+The binary snippet was gathered with:
+
+```bash
+$ cat ./original-mariadb | strings | grep '-MariaDB'
+# assert you can see the value
+
+
+$ xxd ./original-mariadb | grep '\-MariaDB'
+# get the address...
+
+
+$ xxd -s 0x003dd5c0 -l 40 ./original-mariadb
+
+003dd5c0: 2900 4c69 6e75 7800 3130 2e36 2e31 352d  ).Linux.10.6.15-
+003dd5d0: 4d61 7269 6144 4200 7265 6164 6c69 6e65  MariaDB.readline
+003dd5e0: 0078 3836 5f36 3400                      .x86_64.
+
+
+$ dd if=./original-mariadb of=mariadb bs=1 skip=$((0x003dd5c0)) count=40
+
+40+0 records in
+40+0 records out
+40 bytes transferred in 0.000264 secs (151515 bytes/sec)
+
+
+$ xxd mariadb
+
+00000000: 2900 4c69 6e75 7800 3130 2e36 2e31 352d  ).Linux.10.6.15-
+00000010: 4d61 7269 6144 4200 7265 6164 6c69 6e65  MariaDB.readline
+00000020: 0078 3836 5f36 3400                      .x86_64.
+```
\ No newline at end of file
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/mariadb b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/mariadb
new file mode 100644
index 0000000000000000000000000000000000000000..26b2463e6769dae80d26ecd52aa9248ea124f5b3
GIT binary patch
literal 40
vcmdO7@X5?8tza-T&@<CBG}ZM@EXquDabhS+O-#wj%u8jcurP}^GhqM#;CTxp

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/README.md b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/README.md
new file mode 100644
index 000000000..f32d79e0f
--- /dev/null
+++ b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/README.md
@@ -0,0 +1,39 @@
+The binary snippet was gathered with:
+
+```bash
+$ cat ./original-mysql | strings | grep '5.6.51'
+# assert you can see the value
+
+
+$ xxd ./original-mysql | grep '5.6.51'
+# get the address...
+
+
+$ xxd -s 0x008f13d0 -l 100 original-mysql
+
+008f13d0: 2d62 6163 6b75 702d 7265 7374 6f72 6572  -backup-restorer
+008f13e0: 2d6d 7973 716c 2d35 2e36 2f6d 7973 716c  -mysql-5.6/mysql
+008f13f0: 2d35 2e36 2e35 312f 636c 6965 6e74 2f63  -5.6.51/client/c
+008f1400: 6f6d 706c 6574 696f 6e5f 6861 7368 2e63  ompletion_hash.c
+008f1410: 6300 2f76 6172 2f76 6361 702f 6461 7461  c./var/vcap/data
+008f1420: 2f63 6f6d 7069 6c65 2f64 6174 6162 6173  /compile/databas
+008f1430: 652d 6261                                e-ba
+
+
+$ dd if=./original-mysql of=mysql bs=1 skip=$((0x008f13d0)) count=100
+
+100+0 records in
+100+0 records out
+100 bytes transferred in 0.000642 secs (155763 bytes/sec)
+
+
+$ xxd mysql
+                   
+00000000: 2d62 6163 6b75 702d 7265 7374 6f72 6572  -backup-restorer
+00000010: 2d6d 7973 716c 2d35 2e36 2f6d 7973 716c  -mysql-5.6/mysql
+00000020: 2d35 2e36 2e35 312f 636c 6965 6e74 2f63  -5.6.51/client/c
+00000030: 6f6d 706c 6574 696f 6e5f 6861 7368 2e63  ompletion_hash.c
+00000040: 6300 2f76 6172 2f76 6361 702f 6461 7461  c./var/vcap/data
+00000050: 2f63 6f6d 7069 6c65 2f64 6174 6162 6173  /compile/databas
+00000060: 652d 6261                                e-ba
+```
\ No newline at end of file
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/mysql b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/mysql
new file mode 100644
index 0000000000000000000000000000000000000000..827b1f3f5ff2954065681bddeb0fea72ce80b2ae
GIT binary patch
literal 100
zcmX}iOA3H63;<Ctlm-{|I+Dgfi~X6#g0~l3xSIz9f%v>Ts0?c=3gsDB2Jbff%lQ>K
iC#i<qO3z}c)jiUPj(NdJij%41K}O$^vU~_M1OmMQ$s@x6

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/README.md b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/README.md
new file mode 100644
index 000000000..c39e45bf1
--- /dev/null
+++ b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/README.md
@@ -0,0 +1,40 @@
+The binary snippet was gathered with:
+
+```bash
+$ cat ./original-mysql | strings | grep '8.0.34'
+# assert you can see the value
+
+
+$ xxd ./original-mysql | grep '8.0.34'
+# get the address...
+
+
+$ xxd -s 0x0014cd20 -l 100 original-mysql
+
+0014cd20: 2069 7320 616c 7265 6164 7920 6c6f 6164   is already load
+0014cd30: 6564 0000 0000 0000 2e2e 2f2e 2e2f 6d79  ed......../../my
+0014cd40: 7371 6c2d 382e 302e 3334 2f73 716c 2d63  sql-8.0.34/sql-c
+0014cd50: 6f6d 6d6f 6e2f 636c 6965 6e74 5f70 6c75  ommon/client_plu
+0014cd60: 6769 6e2e 6363 002f 7573 722f 6c6f 6361  gin.cc./usr/loca
+0014cd70: 6c2f 6d79 7371 6c2f 6c69 622f 706c 7567  l/mysql/lib/plug
+0014cd80: 696e 0049                                in.I
+
+
+
+$ dd if=./original-mysql of=mysql bs=1 skip=$((0x0014cd20)) count=100
+
+100+0 records in
+100+0 records out
+100 bytes transferred in 0.000519 secs (192678 bytes/sec)
+
+
+$  xxd mysql            
+                  
+00000000: 2069 7320 616c 7265 6164 7920 6c6f 6164   is already load
+00000010: 6564 0000 0000 0000 2e2e 2f2e 2e2f 6d79  ed......../../my
+00000020: 7371 6c2d 382e 302e 3334 2f73 716c 2d63  sql-8.0.34/sql-c
+00000030: 6f6d 6d6f 6e2f 636c 6965 6e74 5f70 6c75  ommon/client_plu
+00000040: 6769 6e2e 6363 002f 7573 722f 6c6f 6361  gin.cc./usr/loca
+00000050: 6c2f 6d79 7371 6c2f 6c69 622f 706c 7567  l/mysql/lib/plug
+00000060: 696e 0049                                in.I
+```
\ No newline at end of file
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/mysql b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/mysql
new file mode 100644
index 0000000000000000000000000000000000000000..f927c3b059e3e32d3b41759b990efa841c42d7f0
GIT binary patch
literal 100
zcmY$$ELKR&DN0RDsZ_|xPfSToVE_X?J$)d`tt>9g(Y4Ss&@(pC2QicLb93|a^pkTk
nQ}asV3vx=+GxPM4lNt0&i;MJg@{<#DAbRw3GL!Tn(hQye3?U$f

literal 0
HcmV?d00001