mirror of
https://github.com/anchore/syft.git
synced 2026-07-05 02:28:25 +02:00
* fixed dotnet cataloger can't find packages from deps.json in linux elf, fixed #4514 Signed-off-by: Rez Moss <hi@rezmoss.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * split bundle and PE concerns Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * limit resource usage of readall call Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * removed duplicat Signed-off-by: Rez Moss <hi@rezmoss.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * make sure the first 4 bytes in elf arent lostt Signed-off-by: Rez Moss <hi@rezmoss.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * revert readelfbundle func, check size of readdeps json Signed-off-by: Rez Moss <hi@rezmoss.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * revert readelfbundle func, check size of readdeps json, fixed #4514 Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Rez Moss <hi@rezmoss.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * move dotnet net8 linux fixture to testdata convention Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address malformed elf size claims + add tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * dont key off of cataloger name in testing Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Rez Moss <hi@rezmoss.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
41 lines
1.3 KiB
Go
41 lines
1.3 KiB
Go
package binary
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/anchore/syft/internal/unknown"
|
|
"github.com/anchore/syft/syft/artifact"
|
|
"github.com/anchore/syft/syft/file"
|
|
"github.com/anchore/syft/syft/pkg"
|
|
"github.com/anchore/syft/syft/pkg/cataloger/generic"
|
|
"github.com/anchore/syft/syft/pkg/cataloger/internal/dotnet/pe"
|
|
)
|
|
|
|
// NewPEPackageCataloger returns a cataloger that interprets packages from DLL, EXE, and BPL files.
|
|
// BPL (Borland Package Library) files are PE-format binaries used by Delphi and C++Builder.
|
|
func NewPEPackageCataloger() pkg.Cataloger {
|
|
return generic.NewCataloger("pe-binary-package-cataloger").
|
|
WithParserByGlobs(parsePE, "**/*.dll", "**/*.exe", "**/*.bpl")
|
|
}
|
|
|
|
func parsePE(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
|
|
f, err := pe.Read(reader)
|
|
if err != nil {
|
|
return nil, nil, fmt.Errorf("failed to parse PE file %q: %w", reader.RealPath, err)
|
|
}
|
|
|
|
if f == nil {
|
|
return nil, nil, unknown.Newf(reader, "unable to determine packages")
|
|
}
|
|
|
|
if f.CLR.HasEvidenceOfCLR() {
|
|
// this is for a .NET application, which is covered by other catalogers already
|
|
return nil, nil, nil
|
|
}
|
|
|
|
p := newPEPackage(f.VersionResources, f.Location)
|
|
|
|
return []pkg.Package{p}, nil, nil
|
|
}
|