Add support for identifying ffmpeg/libav libraries (#4227)

* Add support for identifying ffmpeg/libav libraries Signed-off-by: Alan Pope <alan.pope@anchore.com> * Undo my snippet-based confusion Signed-off-by: Alan Pope <alan.pope@anchore.com> * Put test fixture config back Signed-off-by: Alan Pope <alan.pope@anchore.com> --------- Signed-off-by: Alan Pope <alan.pope@anchore.com>
2025-11-17 08:23:15 +01:00 · 2025-09-26 15:43:47 +01:00 · 2025-09-26 15:43:47 +01:00 · e1483e0285
commit e1483e0285
parent 0a36dabf23
4 changed files with 47 additions and 0 deletions
--- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go
+++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go
@ -1392,6 +1392,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
 				Metadata:  metadata("ffmpeg-binary"),
 			},
 		},
 		{
 			logicalFixture: "ffmpeg-shared-libs/5.1.4/linux-amd64",
 			expected: pkg.Package{
 				Name:      "ffmpeg",
 				Version:   "5.1.4",
 				Type:      "binary",
 				PURL:      "pkg:generic/ffmpeg@5.1.4",
 				Locations: locations("libavcodec"),
 				Metadata:  metadata("ffmpeg-library"),
 			},
 		},
 	}
 	for _, test := range tests {
--- a/syft/pkg/cataloger/binary/classifiers.go
+++ b/syft/pkg/cataloger/binary/classifiers.go
@ -639,6 +639,30 @@ func DefaultClassifiers() []binutils.Classifier {
 			PURL:    mustPURL("pkg:generic/ffmpeg@version"),
 			CPEs:    singleCPE("cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
 		},
 		{
 			Class:    "ffmpeg-library",
 			FileGlob: "**/libav*",
 			EvidenceMatcher: binutils.MatchAny(
 				// Primary pattern: FFmpeg version found in most libraries
 				m.FileContentsVersionMatcher(`(?m)FFmpeg version (?P<version>[0-9]+\.[0-9]+(\.[0-9]+)?)`),
 				// Fallback: library-specific version patterns for libavcodec and libavformat
 				m.FileContentsVersionMatcher(`(?m)Lavc(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`),
 				m.FileContentsVersionMatcher(`(?m)Lavf(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`),
 			),
 			Package: "ffmpeg",
 			PURL:    mustPURL("pkg:generic/ffmpeg@version"),
 			CPEs:    singleCPE("cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
 		},
 		{
 			Class:    "ffmpeg-library",
 			FileGlob: "**/libswresample*",
 			EvidenceMatcher: m.FileContentsVersionMatcher(
 				// FFmpeg version pattern for libswresample
 				`(?m)FFmpeg version (?P<version>[0-9]+\.[0-9]+(\.[0-9]+)?)`),
 			Package: "ffmpeg",
 			PURL:    mustPURL("pkg:generic/ffmpeg@version"),
 			CPEs:    singleCPE("cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
 		},
 	}
 	return append(classifiers, defaultJavaClassifiers()...)
--- a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/ffmpeg-shared-libs/5.1.4/linux-amd64/libavcodec
+++ b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/ffmpeg-shared-libs/5.1.4/linux-amd64/libavcodec
--- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml
+++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml
@ -830,3 +830,15 @@ from-images:
        platform: linux/arm64
    paths:
      - /usr/local/bin/ffmpeg
  - name: ffmpeg-shared-libs
    version: 5.1.4
    images:
      - ref: demisto/opencv:1.0.0.111908@sha256:abba3aab213990c666900a93db03420238527b757bf5825543cf7b4c5e11ac65
        platform: linux/amd64
    paths:
      - /usr/local/lib/python3.11/site-packages/opencv_contrib_python.libs/libavcodec-9aae324f.so.59.37.100
      - /usr/local/lib/python3.11/site-packages/opencv_contrib_python.libs/libavformat-3ff1be5b.so.59.27.100
      - /usr/local/lib/python3.11/site-packages/opencv_contrib_python.libs/libavutil-a0a0531e.so.57.28.100
      - /usr/local/lib/python3.11/site-packages/opencv_contrib_python.libs/libswresample-2ec4394e.so.4.7.100