diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index ba32f672a..3ff8f328f 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -1634,6 +1634,28 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("istio-binary"), }, }, + { + logicalFixture: "grafana/12.4.0-22081664032/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "12.4.0-22081664032", + Type: "binary", + PURL: "pkg:generic/grafana@12.4.0-22081664032", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/12.3.2-security-01/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "12.3.2", + Type: "binary", + PURL: "pkg:generic/grafana@12.3.2", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/12.3.1/linux-amd64", expected: pkg.Package{ @@ -1645,6 +1667,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/12.2.0-258092/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "12.2.0-258092", + Type: "binary", + PURL: "pkg:generic/grafana@12.2.0-258092", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/12.0.0/linux-amd64", expected: pkg.Package{ @@ -1656,6 +1689,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/11.0.0-preview/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "11.0.0-preview", + Type: "binary", + PURL: "pkg:generic/grafana@11.0.0-preview", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/11.0.0/linux-amd64", expected: pkg.Package{ @@ -1678,6 +1722,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/10.3.12/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "10.3.12", + Type: "binary", + PURL: "pkg:generic/grafana@10.3.12", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/9.5.21/linux-amd64", expected: pkg.Package{ @@ -1689,6 +1744,50 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/9.4.0-beta1/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.4.0-beta1", + Type: "binary", + PURL: "pkg:generic/grafana@9.4.0-beta1", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/9.3.0-beta1/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.3.0-beta1", + Type: "binary", + PURL: "pkg:generic/grafana@9.3.0-beta1", + Locations: locations("grafana-server"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/9.2.20/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.2.20", + Type: "binary", + PURL: "pkg:generic/grafana@9.2.20", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/9.2.13/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.2.13", + Type: "binary", + PURL: "pkg:generic/grafana@9.2.13", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/9.0.0/linux-amd64", expected: pkg.Package{ @@ -1722,6 +1821,28 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/6.7.0-test/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "6.7.0-test", + Type: "binary", + PURL: "pkg:generic/grafana@6.7.0-test", + Locations: locations("grafana-server"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/6.0.0-beta1/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "6.0.0-beta1", + Type: "binary", + PURL: "pkg:generic/grafana@6.0.0-beta1", + Locations: locations("grafana-server"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "envoy/1.36.4/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index 2a0982d96..ec2f9b62c 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -747,15 +747,27 @@ func DefaultClassifiers() []binutils.Classifier { Class: "grafana-binary", FileGlob: "**/grafana", EvidenceMatcher: binutils.MatchAny( + // [NUL][NUL][NUL][NUL]12.2.0-258092[NUL][NUL][NUL][NUL] + m.FileContentsVersionMatcher(`\x00+(?P[0-9]{2}\.[0-9]+\.[0-9]+\-[0-9]{6,})\x00+`), + // [NUL][NUL][NUL][NUL]release-12.3.2+security-01[NUL][NUL][NUL][NUL] // [NUL][NUL][NUL][NUL]release-12.3.1[NUL][NUL][NUL][NUL] - m.FileContentsVersionMatcher(`\x00+release-(?P[0-9]{2}\.[0-9]+\.[0-9]+)\x00+`), + m.FileContentsVersionMatcher(`\x00+release-(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+`), + // [NUL][NUL][NUL][NUL]go1.21.8[NUL][NUL][NUL][NUL][NUL][NUL][NUL][NUL]11.0.0-preview[NUL][NUL]...+DT + m.FileContentsVersionMatcher(`(?s)\x00+go1\.[0-9]+\.[0-9]+\x00+(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+.{1,500}\+DT`), // HEAD[NUL][NUL][NUL][NUL]12.0.0[NUL][NUL]$a // 11.0.0[NUL][NUL]$a - m.FileContentsVersionMatcher(`(?P[0-9]{2}\.[0-9]+\.[0-9]+)\x00+\$a`), + m.FileContentsVersionMatcher(`(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+\$a`), // [NUL]0xDC0xBF10.4.19[NUL] - m.FileContentsVersionMatcher(`\x00.(?P10\.[0-9]+\.[0-9]+)\x00`), + m.FileContentsVersionMatcher(`\x00.(?P10\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00`), + // 10.3.12[NUL]...[NUL]go1.22.7[NUL][NUL][NUL][NUL]...+DT + m.FileContentsVersionMatcher(`(?s)(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+.{1,100}\x00go1\.[0-9]+\.[0-9]+\x00.{1,100}\+DT`), // 9.5.21[NUL][NUL]v9.5.x[NUL][NUL][NUL][NUL][NUL][NUL]$a - m.FileContentsVersionMatcher(`(?P9\.[0-9]+\.[0-9]+)\x00\x00v`), + m.FileContentsVersionMatcher(`(?P[0-9]+\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+v[0-9]+\.[0-9]+\.x\x00+`), + // HEAD[NUL][NUL][NUL][NUL]9.2.20[NUL][NUL][NUL][NUL] + // HEAD[NUL][NUL]:[NUL][NUL][NUL][NUL][NUL][NUL][NUL][NUL][NUL]9.2.13[NUL][NUL][NUL][NUL] + m.FileContentsVersionMatcher(`HEAD\x00+.*\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+`), + // 1b0f5f0a81[NUL][NUL][NUL][NUL][NUL][NUL]9.4.0-beta1[NUL][NUL][NUL][NUL][NUL]/usr/local/go + m.FileContentsVersionMatcher(`[a-z0-9]+\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+\/usr\/local\/go`), ), Package: "grafana", PURL: mustPURL("pkg:generic/grafana@version"), @@ -764,11 +776,17 @@ func DefaultClassifiers() []binutils.Classifier { { Class: "grafana-binary", FileGlob: "**/grafana-server", - EvidenceMatcher: m.FileContentsVersionMatcher( + EvidenceMatcher: binutils.MatchAny( + // 78f0340031[NUL][NUL][NUL][NUL][NUL][NUL]9.3.0-beta1[NUL][NUL][NUL][NUL][NUL]/usr/local/go + m.FileContentsVersionMatcher(`[a-z0-9]+\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test)?)\x00+\/usr\/local\/go`), // HEAD[NUL][NUL][NUL][NUL]9.0.0[NUL]:[NUL] // HEAD[NUL][NUL][NUL][NUL]:[NUL][NUL][NUL][NUL][NUL][NUL][NUL]7.5.17[NUL][NUL][NUL][NUL] // HEAD[NUL][NUL][NUL][NUL]m[NUL]...[NUL][NUL]6.7.6[NUL][NUL][NUL].[NUL][NUL][NUL][NUL][NUL][NUL][NUL]: - `HEAD\x00+.*\x00+(?P[0-9]\.[0-9]+\.[0-9]+)\x00+`), + m.FileContentsVersionMatcher(`HEAD\x00+.*\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test)?)\x00+`), + // [NUL][NUL][NUL][NUL][NUL]6.7.0-test[NUL][NUL][NUL]...[NUL][NUL][NUL][NUL]/usr/local/go + // [NUL][NUL][NUL][NUL][NUL]6.0.0-beta1[NUL][NUL][NUL]...[NUL][NUL][NUL][NUL]/usr/local/go + m.FileContentsVersionMatcher(`(?s)\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test)?)\x00+.*\x00+.{1,1000}\x00+\/u`), + ), Package: "grafana", PURL: mustPURL("pkg:generic/grafana@version"), CPEs: singleCPE("cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.3.12/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.3.12/linux-amd64/grafana new file mode 100644 index 000000000..b1bf13723 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.3.12/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0-preview/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0-preview/linux-amd64/grafana new file mode 100644 index 000000000..a9ffd59df Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0-preview/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.2.0-258092/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.2.0-258092/linux-amd64/grafana new file mode 100644 index 000000000..d9b7556ea Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.2.0-258092/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.2-security-01/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.2-security-01/linux-amd64/grafana new file mode 100644 index 000000000..40d77fc88 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.2-security-01/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.4.0-22081664032/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.4.0-22081664032/linux-amd64/grafana new file mode 100644 index 000000000..6c6a4b7a5 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.4.0-22081664032/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.0.0-beta1/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.0.0-beta1/linux-amd64/grafana-server new file mode 100644 index 000000000..05c49f617 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.0.0-beta1/linux-amd64/grafana-server differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.0-test/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.0-test/linux-amd64/grafana-server new file mode 100644 index 000000000..3dde1f49d Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.0-test/linux-amd64/grafana-server differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.13/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.13/linux-amd64/grafana new file mode 100644 index 000000000..3f24177d0 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.13/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.20/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.20/linux-amd64/grafana new file mode 100644 index 000000000..a8a1856e3 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.20/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.3.0-beta1/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.3.0-beta1/linux-amd64/grafana-server new file mode 100644 index 000000000..9fe306e8b Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.3.0-beta1/linux-amd64/grafana-server differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.4.0-beta1/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.4.0-beta1/linux-amd64/grafana new file mode 100644 index 000000000..4ec2cbfee Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.4.0-beta1/linux-amd64/grafana differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml index ba81571c3..db2e67014 100644 --- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml +++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml @@ -948,6 +948,7 @@ from-images: platform: linux/amd64 paths: - /usr/local/bin/pilot-agent + - name: grafana version: 12.3.1 images: @@ -956,6 +957,30 @@ from-images: paths: - /usr/share/grafana/bin/grafana + - name: grafana + version: 12.4.0-22081664032 + images: + - ref: grafana/grafana:12.4.0-22081664032@sha256:8650c85610349a76072bc861bf2b5d2afba81c5f8e79e549b97698a3f6d088c3 + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + + - name: grafana + version: 12.3.2-security-01 + images: + - ref: grafana/grafana:12.3.2-security-01@sha256:5683be4319a6da1d6ab28c3443b3739683e367f8d72d800638390a04a2680c1c + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + + - name: grafana + version: 12.2.0-258092 + images: + - ref: grafana/grafana-oss-dev:12.2.0-258092@sha256:b76f1efbd96da374567c6ee65b3d0de11351bca4cf84afce2e28ee44ac99ea47 + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + - name: grafana version: 12.0.0 images: @@ -964,6 +989,14 @@ from-images: paths: - /usr/share/grafana/bin/grafana + - name: grafana + version: 11.0.0-preview + images: + - ref: grafana/grafana:11.0.0-preview@sha256:efb8bf67a99ac9afc2aaca58a01ec0dff82ac0b1499de1ecf714fcdeab83c23e + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + - name: grafana version: 11.0.0 images: @@ -980,6 +1013,14 @@ from-images: paths: - /usr/share/grafana/bin/grafana + - name: grafana + version: 10.3.12 + images: + - ref: grafana/grafana:10.3.12@sha256:0b9a007bcf831c0d9840b28588f6bcfa12d79fbf4defa8412f9f78329abe211c + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + - name: grafana version: 9.5.21 images: @@ -989,13 +1030,37 @@ from-images: - /usr/share/grafana/bin/grafana - name: grafana - version: 9.4.0 + version: 9.4.0-beta1 images: - ref: grafana/grafana:9.4.0-beta1@sha256:d0060bcf84f0a0897e7c6c7e1b8740d89d10bf55b2dd45ba45942d36e40cdcc7 platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + + - name: grafana + version: 9.3.0-beta1 + images: + - ref: grafana/grafana:9.3.0-beta1@sha256:a70d516522f4a379f3fdd906417086c173f1d123f5ca43e27c382ab30d84da90 + platform: linux/amd64 paths: - /usr/share/grafana/bin/grafana-server + - name: grafana + version: 9.2.20 + images: + - ref: grafana/grafana:9.2.20@sha256:7ac4a4edbd1f4664ab3451a575ee39b2af26b3d6528feecf99b47052e37a1094 + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + + - name: grafana + version: 9.2.13 + images: + - ref: grafana/grafana:9.2.13@sha256:4f218199a2431783a87f35e0ffa631e070f2302935c19f856b7efae8cc117e9e + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana + - name: grafana version: 9.0.0 images: @@ -1020,6 +1085,22 @@ from-images: paths: - /usr/share/grafana/bin/grafana-server + - name: grafana + version: 6.7.0-test + images: + - ref: grafana/grafana:6.7.0-test@sha256:04f5417aadbb4998ad919fc991856030418be02bc660a7b35909f13903a67caf + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana-server + + - name: grafana + version: 6.0.0-beta1 + images: + - ref: grafana/grafana:6.0.0-beta1@sha256:375e736fded8e07d696a2aa446cc0aecced9963dbd77e40be1a8dd820575a17a + platform: linux/amd64 + paths: + - /usr/share/grafana/bin/grafana-server + - name: qt version: 6.5.0 images: