From e9e7e20cc8ca75334403716e733ac953a5f514ec Mon Sep 17 00:00:00 2001 From: witchcraze <67056980+witchcraze@users.noreply.github.com> Date: Mon, 23 Feb 2026 23:38:02 +0900 Subject: [PATCH] fix: grafana classifier (#4635) Signed-off-by: witchcraze --- .../binary/classifier_cataloger_test.go | 121 ++++++++++++++++++ syft/pkg/cataloger/binary/classifiers.go | 30 ++++- .../grafana/10.3.12/linux-amd64/grafana | Bin 0 -> 352 bytes .../11.0.0-preview/linux-amd64/grafana | Bin 0 -> 352 bytes .../grafana/12.2.0-258092/linux-amd64/grafana | Bin 0 -> 352 bytes .../12.3.2-security-01/linux-amd64/grafana | Bin 0 -> 352 bytes .../12.4.0-22081664032/linux-amd64/grafana | Bin 0 -> 352 bytes .../6.0.0-beta1/linux-amd64/grafana-server | Bin 0 -> 859 bytes .../6.7.0-test/linux-amd64/grafana-server | Bin 0 -> 995 bytes .../grafana/9.2.13/linux-amd64/grafana | Bin 0 -> 352 bytes .../grafana/9.2.20/linux-amd64/grafana | Bin 0 -> 352 bytes .../9.3.0-beta1/linux-amd64/grafana-server | Bin 0 -> 359 bytes .../grafana/9.4.0-beta1/linux-amd64/grafana | Bin 0 -> 352 bytes .../binary/test-fixtures/config.yaml | 83 +++++++++++- 14 files changed, 227 insertions(+), 7 deletions(-) create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.3.12/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0-preview/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.2.0-258092/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.2-security-01/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.4.0-22081664032/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.0.0-beta1/linux-amd64/grafana-server create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.0-test/linux-amd64/grafana-server create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.13/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.20/linux-amd64/grafana create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.3.0-beta1/linux-amd64/grafana-server create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.4.0-beta1/linux-amd64/grafana diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index ba32f672a..3ff8f328f 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -1634,6 +1634,28 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("istio-binary"), }, }, + { + logicalFixture: "grafana/12.4.0-22081664032/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "12.4.0-22081664032", + Type: "binary", + PURL: "pkg:generic/grafana@12.4.0-22081664032", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/12.3.2-security-01/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "12.3.2", + Type: "binary", + PURL: "pkg:generic/grafana@12.3.2", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/12.3.1/linux-amd64", expected: pkg.Package{ @@ -1645,6 +1667,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/12.2.0-258092/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "12.2.0-258092", + Type: "binary", + PURL: "pkg:generic/grafana@12.2.0-258092", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/12.0.0/linux-amd64", expected: pkg.Package{ @@ -1656,6 +1689,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/11.0.0-preview/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "11.0.0-preview", + Type: "binary", + PURL: "pkg:generic/grafana@11.0.0-preview", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/11.0.0/linux-amd64", expected: pkg.Package{ @@ -1678,6 +1722,17 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/10.3.12/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "10.3.12", + Type: "binary", + PURL: "pkg:generic/grafana@10.3.12", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/9.5.21/linux-amd64", expected: pkg.Package{ @@ -1689,6 +1744,50 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/9.4.0-beta1/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.4.0-beta1", + Type: "binary", + PURL: "pkg:generic/grafana@9.4.0-beta1", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/9.3.0-beta1/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.3.0-beta1", + Type: "binary", + PURL: "pkg:generic/grafana@9.3.0-beta1", + Locations: locations("grafana-server"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/9.2.20/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.2.20", + Type: "binary", + PURL: "pkg:generic/grafana@9.2.20", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/9.2.13/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "9.2.13", + Type: "binary", + PURL: "pkg:generic/grafana@9.2.13", + Locations: locations("grafana"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "grafana/9.0.0/linux-amd64", expected: pkg.Package{ @@ -1722,6 +1821,28 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("grafana-binary"), }, }, + { + logicalFixture: "grafana/6.7.0-test/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "6.7.0-test", + Type: "binary", + PURL: "pkg:generic/grafana@6.7.0-test", + Locations: locations("grafana-server"), + Metadata: metadata("grafana-binary"), + }, + }, + { + logicalFixture: "grafana/6.0.0-beta1/linux-amd64", + expected: pkg.Package{ + Name: "grafana", + Version: "6.0.0-beta1", + Type: "binary", + PURL: "pkg:generic/grafana@6.0.0-beta1", + Locations: locations("grafana-server"), + Metadata: metadata("grafana-binary"), + }, + }, { logicalFixture: "envoy/1.36.4/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index 2a0982d96..ec2f9b62c 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -747,15 +747,27 @@ func DefaultClassifiers() []binutils.Classifier { Class: "grafana-binary", FileGlob: "**/grafana", EvidenceMatcher: binutils.MatchAny( + // [NUL][NUL][NUL][NUL]12.2.0-258092[NUL][NUL][NUL][NUL] + m.FileContentsVersionMatcher(`\x00+(?P[0-9]{2}\.[0-9]+\.[0-9]+\-[0-9]{6,})\x00+`), + // [NUL][NUL][NUL][NUL]release-12.3.2+security-01[NUL][NUL][NUL][NUL] // [NUL][NUL][NUL][NUL]release-12.3.1[NUL][NUL][NUL][NUL] - m.FileContentsVersionMatcher(`\x00+release-(?P[0-9]{2}\.[0-9]+\.[0-9]+)\x00+`), + m.FileContentsVersionMatcher(`\x00+release-(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+`), + // [NUL][NUL][NUL][NUL]go1.21.8[NUL][NUL][NUL][NUL][NUL][NUL][NUL][NUL]11.0.0-preview[NUL][NUL]...+DT + m.FileContentsVersionMatcher(`(?s)\x00+go1\.[0-9]+\.[0-9]+\x00+(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+.{1,500}\+DT`), // HEAD[NUL][NUL][NUL][NUL]12.0.0[NUL][NUL]$a // 11.0.0[NUL][NUL]$a - m.FileContentsVersionMatcher(`(?P[0-9]{2}\.[0-9]+\.[0-9]+)\x00+\$a`), + m.FileContentsVersionMatcher(`(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+\$a`), // [NUL]0xDC0xBF10.4.19[NUL] - m.FileContentsVersionMatcher(`\x00.(?P10\.[0-9]+\.[0-9]+)\x00`), + m.FileContentsVersionMatcher(`\x00.(?P10\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00`), + // 10.3.12[NUL]...[NUL]go1.22.7[NUL][NUL][NUL][NUL]...+DT + m.FileContentsVersionMatcher(`(?s)(?P[0-9]{2}\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+.{1,100}\x00go1\.[0-9]+\.[0-9]+\x00.{1,100}\+DT`), // 9.5.21[NUL][NUL]v9.5.x[NUL][NUL][NUL][NUL][NUL][NUL]$a - m.FileContentsVersionMatcher(`(?P9\.[0-9]+\.[0-9]+)\x00\x00v`), + m.FileContentsVersionMatcher(`(?P[0-9]+\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+v[0-9]+\.[0-9]+\.x\x00+`), + // HEAD[NUL][NUL][NUL][NUL]9.2.20[NUL][NUL][NUL][NUL] + // HEAD[NUL][NUL]:[NUL][NUL][NUL][NUL][NUL][NUL][NUL][NUL][NUL]9.2.13[NUL][NUL][NUL][NUL] + m.FileContentsVersionMatcher(`HEAD\x00+.*\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+`), + // 1b0f5f0a81[NUL][NUL][NUL][NUL][NUL][NUL]9.4.0-beta1[NUL][NUL][NUL][NUL][NUL]/usr/local/go + m.FileContentsVersionMatcher(`[a-z0-9]+\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test|-preview)?)(\+security-[0-9]+)?\x00+\/usr\/local\/go`), ), Package: "grafana", PURL: mustPURL("pkg:generic/grafana@version"), @@ -764,11 +776,17 @@ func DefaultClassifiers() []binutils.Classifier { { Class: "grafana-binary", FileGlob: "**/grafana-server", - EvidenceMatcher: m.FileContentsVersionMatcher( + EvidenceMatcher: binutils.MatchAny( + // 78f0340031[NUL][NUL][NUL][NUL][NUL][NUL]9.3.0-beta1[NUL][NUL][NUL][NUL][NUL]/usr/local/go + m.FileContentsVersionMatcher(`[a-z0-9]+\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test)?)\x00+\/usr\/local\/go`), // HEAD[NUL][NUL][NUL][NUL]9.0.0[NUL]:[NUL] // HEAD[NUL][NUL][NUL][NUL]:[NUL][NUL][NUL][NUL][NUL][NUL][NUL]7.5.17[NUL][NUL][NUL][NUL] // HEAD[NUL][NUL][NUL][NUL]m[NUL]...[NUL][NUL]6.7.6[NUL][NUL][NUL].[NUL][NUL][NUL][NUL][NUL][NUL][NUL]: - `HEAD\x00+.*\x00+(?P[0-9]\.[0-9]+\.[0-9]+)\x00+`), + m.FileContentsVersionMatcher(`HEAD\x00+.*\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test)?)\x00+`), + // [NUL][NUL][NUL][NUL][NUL]6.7.0-test[NUL][NUL][NUL]...[NUL][NUL][NUL][NUL]/usr/local/go + // [NUL][NUL][NUL][NUL][NUL]6.0.0-beta1[NUL][NUL][NUL]...[NUL][NUL][NUL][NUL]/usr/local/go + m.FileContentsVersionMatcher(`(?s)\x00+(?P[0-9]\.[0-9]+\.[0-9]+(-beta[0-9]|-test)?)\x00+.*\x00+.{1,1000}\x00+\/u`), + ), Package: "grafana", PURL: mustPURL("pkg:generic/grafana@version"), CPEs: singleCPE("cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.3.12/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.3.12/linux-amd64/grafana new file mode 100644 index 0000000000000000000000000000000000000000..b1bf137238c03bc83a3669c98eb9011162d46951 GIT binary patch literal 352 zcmZ9GOG*Pl5QZnd(;8j5Z^%*@rmG*-J%TH5pcm*@C4q4!m;v!3ZoNuy;R!r~2gxKv z2-c$hs``F@s`W3q=CfB%zV)mlTIIgx5-g$v#hTpC`gzR-RBY8Qmdo5f%{^#S^JsO7 zHfm!DR20ggMi0WG%)xkY$p;uTk~7*0M2S9aS)_Xp{5O z5Ge~HjX_umh4&v_=1#igUHHEfy$J2hEhN;JhD(Xv_58`OiLG14Gs%o zQsoO!+Mvv|*H$|vokiz^v$6ymL_mosRG~vi2VY<;j$`g0dg6a?^1kDtYnpDwhZTzk zR2?P)6Fce=hzTTcK3~v%O{*w6J~}+uXM4Ll)9tOzjY%~5wXN&xzdrgrySyG}k0;-6 UBY!-d-i`bmy}Xa1i|Osx4;}qdGynhq literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.2.0-258092/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.2.0-258092/linux-amd64/grafana new file mode 100644 index 0000000000000000000000000000000000000000..d9b7556ead0f60cafd10ed7a784bf864dec4897a GIT binary patch literal 352 zcmYLDIZgvX5VQ>#7_JB;vXLAjRz3I3W|sH?d|*!7(z0vtBE&}^;{iOx5di@iDSsek z27#!cs;jzH>egPz8qaQRvaLm3N~_q{SV%^M(SVxR&iZ+c2?exj7t3YrFXxsDS!0%j zcMgI#pb|GqJCY1|L4h+NlXlKA;NZDaF$y6y@!kolxl6#gG$<{a_*X_v?r~HZA!78B zOJ+2So&!^$ybF<&5E2WC=I)S51gk9d;F#oES%fB&33d;C#J_LizQd_&n(iLw6&hsB zI#N+y$ubuZTG0y5snB3(_QRj_pWe?du1fZJ{JAdr_H=qz^m*{|TCS$!n~&nBC&RCz W8=G6>?ZI%gw|{VWw6lvwIrs*mfl@gD literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.2-security-01/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.2-security-01/linux-amd64/grafana new file mode 100644 index 0000000000000000000000000000000000000000..40d77fc889ca4c320d729ba2781caecbd9e78ea4 GIT binary patch literal 352 zcmZXOS#H8W5JXM(Oct&%5}%Qgr<>V)4NlNA?glH4jj*GH(-VY}AM*Z6RjR6{JWY8@k1A{OGx=TjV!*=K5y8^{zh zigV7O;l{bDlGvocfH7xcsS+ipr0w{x%(8bDF?l2i-kQ8J7%dZJF=pk1u|YyiF6EFt z7zaXzToWny(-|*HEfx!%4ioF&n|d0w3|%*T>64{q|0s$*cT6Lf29~&lw~_PbzMT$b nWr{P`SF_^&?)K(MJwD7|U!E^DfA6SoG(veEe!tYm<8l52Dxz8P literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.4.0-22081664032/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.4.0-22081664032/linux-amd64/grafana new file mode 100644 index 0000000000000000000000000000000000000000..6c6a4b7a57fda14240d25911f2559519d00a23d8 GIT binary patch literal 352 zcmXv~%Sr=55EPH|6(hL`hMu0D*ZziIFpus;7?PS3^6Hr>%5hDF+~D5so(^bHuT6IV#I{r1?xDJW}Bs& zOaiDxt`UK8B`0SBD7D+|borWD-)HK1(lYfved;Ar4+}nio*!3zT4{m7J?-HI5u)*) lz~ar{xaQuqoR<$RWs~mteBdox^?Jki&HKIU-*vlL<9{OpUC96d literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.0.0-beta1/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.0.0-beta1/linux-amd64/grafana-server new file mode 100644 index 0000000000000000000000000000000000000000..05c49f6174800e7ef5b58e542c09c42bef4bb1e3 GIT binary patch literal 859 zcmdr}OHRWu5Dk<@G(r_1R;-M=K|*akj=#A9YffN0c3UYVRT4m)k}F{cDpe5@3wF%R zv*!8PqZzx_&#pk5R(oCRW#`&g*Jh3Po$Ct(N?}PT%_>)K`fY(Y!C6=D_IuYqZ8c%M zK;D3MT9=lAD1}l0xsb+FqqqzXR5>WA1pvc9I?QY-Fd>d&O-t%s=697l6tf=ZChU49 zjF7}?>6zh{8tkRyxdg^6mY_f@nsbdYWx$Nc%bXKK1j(|+Vu8$i@6dOfsBe&Os;YTI zLCTU~rvWjU29L&9c!ih7^%@2q^~-=+@MwSKLy>>HoQ!6R?=?T#`-xv1>A$7%{!PH+ z5J`d&K2Ov8k93m2SrEp0c_ zFQx@UjM*$k4P0l6X^k=17C>ynzXD9R^lDH6a$PT07{st#J~+4;)GyuZWKhBY_MZS(T>`sOlj^*M)K8L=_2?#$sc z8^_kaGpFA*SAW_`c)fnB^rgR#d%;f0@Av2V{axPmcWB+22kE?Z4m2 zFYd$L|D}z2JA!~wb~GGbzYhliKd^-7y`;y!-r)-y=k3_lJ8XYn`vLdsrw`Q!SoU4! literal 0 HcmV?d00001 diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.13/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.2.13/linux-amd64/grafana new file mode 100644 index 0000000000000000000000000000000000000000..3f24177d0bd433ceba862ae9083519b485230406 GIT binary patch literal 352 zcmXwz&1%Ci41fc>`P3&E9=R9GvHX+EHrQat!d_sqEw_a%DQjTtmPgs6E+eiGeEK9I zG}0&c^7uuCMiNsgSDt%mHCXgYiGj!CeCj1=C9dQ7a^d;?L>g@`gJ;N|6-1|PRNj+~ z05)_!8tBk4BI{T>M>%GfFcDe<>nb5>fdCef`ZEdFJO14YGxoNgA)*UIf@q*?KqjY`5v#T z9yP>wYUTbTavY)mj0btuz`bgLB4col}Yi z&}yb=lLcix22G4e4VY}1G-&ICwq*$@GO!bT?CDyT$oUSEN@#Nf;6fL5DfieIqAqll zb7JNYlJTelt4gH11kfW<8PY>Bz2Z%v|j<(89 zJCU@(DbAsZsWM=blp;vytBRtN+2z1kS(ZF}j>Jzj`PlK?HBGnY(}@++SeHRn07@KG zQTU}=!XnU!M`QIq^sAta?yy8jU zd!wi6@Hsbpu|dKPSx>ahL&Kf3N=vU;@rH@itjT%+VgaHj;Qb67X5Cr5jnQT&opct*%{5NI-cxxh%qPemv+YoRrg4WqP z8A$1n0}3lr&R(iy6O>U9${7O?EHGBrHIHvY=D%<9q36`MZU4$k#i}Av_6-4gv7@RA zQ$2;-m