mirror of
https://github.com/anchore/syft.git
synced 2026-07-04 18:18:26 +02:00
Add support for MIT and Heimdal Kerberos 5 library detection (#4781)
* Add support for MIT and Heimdal Kerberos 5 library detection Signed-off-by: Nadim Zubidat <nadimz@users.noreply.github.com> * support 2-component case Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Nadim Zubidat <nadimz@users.noreply.github.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Nadim Zubidat <nadimz@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
This commit is contained in:
parent
1746e96ad3
commit
e388b5249d
@ -846,6 +846,26 @@ catalogers:
|
||||
cpes:
|
||||
- cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:*
|
||||
type: BinaryPkg
|
||||
- method: glob
|
||||
criteria:
|
||||
- '**/libkrb5.so*'
|
||||
packages:
|
||||
- class: krb5-library
|
||||
name: krb5
|
||||
purl: pkg:generic/krb5
|
||||
cpes:
|
||||
- cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
|
||||
type: BinaryPkg
|
||||
- method: glob
|
||||
criteria:
|
||||
- '**/libkrb5.so*'
|
||||
packages:
|
||||
- class: heimdal-krb5-library
|
||||
name: heimdal-krb5
|
||||
purl: pkg:generic/heimdal-krb5
|
||||
cpes:
|
||||
- cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*
|
||||
type: BinaryPkg
|
||||
- method: glob
|
||||
criteria:
|
||||
- '**/java'
|
||||
|
||||
@ -1620,6 +1620,40 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
|
||||
Metadata: metadata("haskell-cabal-binary"),
|
||||
},
|
||||
},
|
||||
{
|
||||
logicalFixture: "krb5/1.18.4/linux-amd64",
|
||||
expected: pkg.Package{
|
||||
Name: "krb5",
|
||||
Version: "1.18.4",
|
||||
Type: "binary",
|
||||
PURL: "pkg:generic/krb5@1.18.4",
|
||||
Locations: locations("libkrb5.so.3.3"),
|
||||
Metadata: metadata("krb5-library"),
|
||||
},
|
||||
},
|
||||
{
|
||||
// base releases brand with a 2-component version (e.g. "krb5-1.17-final 1.17")
|
||||
logicalFixture: "krb5/1.17/linux-amd64",
|
||||
expected: pkg.Package{
|
||||
Name: "krb5",
|
||||
Version: "1.17",
|
||||
Type: "binary",
|
||||
PURL: "pkg:generic/krb5@1.17",
|
||||
Locations: locations("libkrb5.so.3.3"),
|
||||
Metadata: metadata("krb5-library"),
|
||||
},
|
||||
},
|
||||
{
|
||||
logicalFixture: "heimdal-krb5/7.8.0/linux-amd64",
|
||||
expected: pkg.Package{
|
||||
Name: "heimdal-krb5",
|
||||
Version: "7.8.0",
|
||||
Type: "binary",
|
||||
PURL: "pkg:generic/heimdal-krb5@7.8.0",
|
||||
Locations: locations("libkrb5.so.26.0.0"),
|
||||
Metadata: metadata("heimdal-krb5-library"),
|
||||
},
|
||||
},
|
||||
{
|
||||
logicalFixture: "nginx/1.25.1/linux-amd64",
|
||||
expected: pkg.Package{
|
||||
|
||||
@ -1191,6 +1191,32 @@ func DefaultClassifiers() []binutils.Classifier {
|
||||
PURL: mustPURL("pkg:generic/elastic-agent@version"),
|
||||
CPEs: singleCPE("cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
|
||||
},
|
||||
{
|
||||
Class: "krb5-library",
|
||||
FileGlob: "**/libkrb5.so*",
|
||||
// [NUL]KRB5_BRAND: krb5-1.18.4-final 1.18.4 20210722
|
||||
// [NUL]KRB5_BRAND: krb5-1.17-final 1.17 20190108 (base releases brand as 2-component)
|
||||
EvidenceMatcher: m.FileContentsVersionMatcher(
|
||||
`\x00KRB5_BRAND:\s+krb5-[^\s]+\s+(?P<version>[0-9]+(?:\.[0-9]+){1,2})(?:\s|$)`,
|
||||
),
|
||||
Package: "krb5",
|
||||
PURL: mustPURL("pkg:generic/krb5@version"),
|
||||
CPEs: singleCPE("cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
|
||||
},
|
||||
{
|
||||
Class: "heimdal-krb5-library",
|
||||
FileGlob: "**/libkrb5.so*",
|
||||
// $Version: Heimdal 7.5.0
|
||||
// $Version: Heimdal 7.8.0
|
||||
// $Version: Heimdal 7.1
|
||||
// $Version: Heimdal 7.0.3
|
||||
EvidenceMatcher: m.FileContentsVersionMatcher(
|
||||
`(?m)\$Version:\s+Heimdal\s+(?P<version>[0-9]+(?:\.[0-9]+){1,2})(?:\s|$)`,
|
||||
),
|
||||
Package: "heimdal-krb5",
|
||||
PURL: mustPURL("pkg:generic/heimdal-krb5@version"),
|
||||
CPEs: singleCPE("cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
|
||||
},
|
||||
}
|
||||
|
||||
return append(classifiers, defaultJavaClassifiers()...)
|
||||
|
||||
Binary file not shown.
BIN
syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.17/linux-amd64/libkrb5.so.3.3
vendored
Normal file
BIN
syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.17/linux-amd64/libkrb5.so.3.3
vendored
Normal file
Binary file not shown.
BIN
syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.18.4/linux-amd64/libkrb5.so.3.3
vendored
Normal file
BIN
syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.18.4/linux-amd64/libkrb5.so.3.3
vendored
Normal file
Binary file not shown.
25
syft/pkg/cataloger/binary/testdata/config.yaml
vendored
25
syft/pkg/cataloger/binary/testdata/config.yaml
vendored
@ -1433,6 +1433,31 @@ from-images:
|
||||
platform: linux/amd64
|
||||
paths:
|
||||
- /usr/lib/x86_64-linux-gnu/libQtCore.so.4.8.6
|
||||
|
||||
- name: krb5
|
||||
version: 1.18.4
|
||||
images:
|
||||
- ref: apache/ozone-testkrb5:20230318-1@sha256:6a7eeac1ebd12e8968e34ab93fb8d21f2b92ae52bc0a85b662a2d41065f05d3a
|
||||
platform: linux/amd64
|
||||
paths:
|
||||
- /usr/lib/libkrb5.so.3.3
|
||||
|
||||
- name: krb5
|
||||
version: 1.17
|
||||
images:
|
||||
- ref: mongo:4.4@sha256:4be76f674fc4b27859816811b8baa3c51830eb1dbf4ca81a51e26b79edd662ef
|
||||
platform: linux/amd64
|
||||
paths:
|
||||
- /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3
|
||||
|
||||
- name: heimdal-krb5
|
||||
version: 7.8.0
|
||||
images:
|
||||
- ref: nadimz/heimdal-krb5:7.8.0@sha256:23a5046493f3e97669353c18abcba6bd57fc9ddf53faa63b91b1a94f52f590e5
|
||||
platform: linux/amd64
|
||||
paths:
|
||||
- /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0
|
||||
|
||||
- version: 1.36.4
|
||||
images:
|
||||
- ref: envoyproxy/envoy:v1.36.4@sha256:ae31562b8cede20913a2d3d6a4f44c8479a50551e033cb8ef7bb8e38cec4b573
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user