diff --git a/syft/pkg/cataloger/binary/capabilities.yaml b/syft/pkg/cataloger/binary/capabilities.yaml index c98e5c57e..a40db6e16 100644 --- a/syft/pkg/cataloger/binary/capabilities.yaml +++ b/syft/pkg/cataloger/binary/capabilities.yaml @@ -846,6 +846,26 @@ catalogers: cpes: - cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:* type: BinaryPkg + - method: glob + criteria: + - '**/libkrb5.so*' + packages: + - class: krb5-library + name: krb5 + purl: pkg:generic/krb5 + cpes: + - cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:* + type: BinaryPkg + - method: glob + criteria: + - '**/libkrb5.so*' + packages: + - class: heimdal-krb5-library + name: heimdal-krb5 + purl: pkg:generic/heimdal-krb5 + cpes: + - cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:* + type: BinaryPkg - method: glob criteria: - '**/java' diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index a57290a9b..ab5af2703 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -1620,6 +1620,40 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("haskell-cabal-binary"), }, }, + { + logicalFixture: "krb5/1.18.4/linux-amd64", + expected: pkg.Package{ + Name: "krb5", + Version: "1.18.4", + Type: "binary", + PURL: "pkg:generic/krb5@1.18.4", + Locations: locations("libkrb5.so.3.3"), + Metadata: metadata("krb5-library"), + }, + }, + { + // base releases brand with a 2-component version (e.g. "krb5-1.17-final 1.17") + logicalFixture: "krb5/1.17/linux-amd64", + expected: pkg.Package{ + Name: "krb5", + Version: "1.17", + Type: "binary", + PURL: "pkg:generic/krb5@1.17", + Locations: locations("libkrb5.so.3.3"), + Metadata: metadata("krb5-library"), + }, + }, + { + logicalFixture: "heimdal-krb5/7.8.0/linux-amd64", + expected: pkg.Package{ + Name: "heimdal-krb5", + Version: "7.8.0", + Type: "binary", + PURL: "pkg:generic/heimdal-krb5@7.8.0", + Locations: locations("libkrb5.so.26.0.0"), + Metadata: metadata("heimdal-krb5-library"), + }, + }, { logicalFixture: "nginx/1.25.1/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index c5229235b..52a9be871 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -1191,6 +1191,32 @@ func DefaultClassifiers() []binutils.Classifier { PURL: mustPURL("pkg:generic/elastic-agent@version"), CPEs: singleCPE("cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), }, + { + Class: "krb5-library", + FileGlob: "**/libkrb5.so*", + // [NUL]KRB5_BRAND: krb5-1.18.4-final 1.18.4 20210722 + // [NUL]KRB5_BRAND: krb5-1.17-final 1.17 20190108 (base releases brand as 2-component) + EvidenceMatcher: m.FileContentsVersionMatcher( + `\x00KRB5_BRAND:\s+krb5-[^\s]+\s+(?P[0-9]+(?:\.[0-9]+){1,2})(?:\s|$)`, + ), + Package: "krb5", + PURL: mustPURL("pkg:generic/krb5@version"), + CPEs: singleCPE("cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "heimdal-krb5-library", + FileGlob: "**/libkrb5.so*", + // $Version: Heimdal 7.5.0 + // $Version: Heimdal 7.8.0 + // $Version: Heimdal 7.1 + // $Version: Heimdal 7.0.3 + EvidenceMatcher: m.FileContentsVersionMatcher( + `(?m)\$Version:\s+Heimdal\s+(?P[0-9]+(?:\.[0-9]+){1,2})(?:\s|$)`, + ), + Package: "heimdal-krb5", + PURL: mustPURL("pkg:generic/heimdal-krb5@version"), + CPEs: singleCPE("cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, } return append(classifiers, defaultJavaClassifiers()...) diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/heimdal-krb5/7.8.0/linux-amd64/libkrb5.so.26.0.0 b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/heimdal-krb5/7.8.0/linux-amd64/libkrb5.so.26.0.0 new file mode 100644 index 000000000..8f7dd1d43 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/heimdal-krb5/7.8.0/linux-amd64/libkrb5.so.26.0.0 differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.17/linux-amd64/libkrb5.so.3.3 b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.17/linux-amd64/libkrb5.so.3.3 new file mode 100644 index 000000000..3c0856ed7 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.17/linux-amd64/libkrb5.so.3.3 differ diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.18.4/linux-amd64/libkrb5.so.3.3 b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.18.4/linux-amd64/libkrb5.so.3.3 new file mode 100644 index 000000000..71d35dd48 Binary files /dev/null and b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/krb5/1.18.4/linux-amd64/libkrb5.so.3.3 differ diff --git a/syft/pkg/cataloger/binary/testdata/config.yaml b/syft/pkg/cataloger/binary/testdata/config.yaml index 41d402bc9..5f8fa88aa 100644 --- a/syft/pkg/cataloger/binary/testdata/config.yaml +++ b/syft/pkg/cataloger/binary/testdata/config.yaml @@ -1433,6 +1433,31 @@ from-images: platform: linux/amd64 paths: - /usr/lib/x86_64-linux-gnu/libQtCore.so.4.8.6 + + - name: krb5 + version: 1.18.4 + images: + - ref: apache/ozone-testkrb5:20230318-1@sha256:6a7eeac1ebd12e8968e34ab93fb8d21f2b92ae52bc0a85b662a2d41065f05d3a + platform: linux/amd64 + paths: + - /usr/lib/libkrb5.so.3.3 + + - name: krb5 + version: 1.17 + images: + - ref: mongo:4.4@sha256:4be76f674fc4b27859816811b8baa3c51830eb1dbf4ca81a51e26b79edd662ef + platform: linux/amd64 + paths: + - /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 + + - name: heimdal-krb5 + version: 7.8.0 + images: + - ref: nadimz/heimdal-krb5:7.8.0@sha256:23a5046493f3e97669353c18abcba6bd57fc9ddf53faa63b91b1a94f52f590e5 + platform: linux/amd64 + paths: + - /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0 + - version: 1.36.4 images: - ref: envoyproxy/envoy:v1.36.4@sha256:ae31562b8cede20913a2d3d6a4f44c8479a50551e033cb8ef7bb8e38cec4b573