diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index c1bfbb322f0..22f59b1b39e 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -1082,6 +1082,94 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("wordpress-cli-binary"), }, }, + { + logicalFixture: "lighttpd/1.4.76/linux-amd64", + expected: pkg.Package{ + Name: "lighttpd", + Version: "1.4.76", + Type: "binary", + PURL: "pkg:generic/lighttpd@1.4.76", + Locations: locations("lighttpd"), + Metadata: metadata("lighttpd-binary"), + }, + }, + { + logicalFixture: "proftpd/1.3.8b/linux-amd64", + expected: pkg.Package{ + Name: "proftpd", + Version: "1.3.8b", + Type: "binary", + PURL: "pkg:generic/proftpd@1.3.8b", + Locations: locations("proftpd"), + Metadata: metadata("proftpd-binary"), + }, + }, + { + logicalFixture: "zstd/1.5.6/linux-amd64", + expected: pkg.Package{ + Name: "zstd", + Version: "1.5.6", + Type: "binary", + PURL: "pkg:generic/zstd@1.5.6", + Locations: locations("zstd"), + Metadata: metadata("zstd-binary"), + }, + }, + { + logicalFixture: "zstd/1.5.6/linux-amd64", + expected: pkg.Package{ + Name: "zstd", + Version: "1.5.6", + Type: "binary", + PURL: "pkg:generic/zstd@1.5.6", + Locations: locations("zstd"), + Metadata: metadata("zstd-binary"), + }, + }, + { + logicalFixture: "xz/5.6.2/linux-amd64", + expected: pkg.Package{ + Name: "xz", + Version: "5.6.2", + Type: "binary", + PURL: "pkg:generic/xz@5.6.2", + Locations: locations("xz"), + Metadata: metadata("xz-binary"), + }, + }, + { + logicalFixture: "gzip/1.12/linux-amd64", + expected: pkg.Package{ + Name: "gzip", + Version: "1.12", + Type: "binary", + PURL: "pkg:generic/gzip@1.12", + Locations: locations("gzip"), + Metadata: metadata("gzip-binary"), + }, + }, + { + logicalFixture: "sqlcipher/4.5.5/linux-amd64", + expected: pkg.Package{ + Name: "sqlcipher", + Version: "4.5.5", + Type: "binary", + PURL: "pkg:generic/sqlcipher@4.5.5", + Locations: locations("sqlcipher"), + Metadata: metadata("sqlcipher-binary"), + }, + }, + { + logicalFixture: "jq/1.7.1/linux-amd64", + expected: pkg.Package{ + Name: "jq", + Version: "1.7.1", + Type: "binary", + PURL: "pkg:generic/jq@1.7.1", + Locations: locations("jq"), + Metadata: metadata("jq-binary"), + }, + }, } for _, test := range tests { diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index 5290b4d984e..0a2a1a9b856 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -574,6 +574,76 @@ func DefaultClassifiers() []Classifier { PURL: mustPURL("pkg:generic/curl@version"), CPEs: singleCPE("cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), }, + { + Class: "lighttpd-binary", + FileGlob: "**/lighttpd", + EvidenceMatcher: FileContentsVersionMatcher( + `\x00lighttpd/(?P[0-9]+\.[0-9]+\.[0-9]+)\x00`, + ), + Package: "lighttpd", + PURL: mustPURL("pkg:generic/lighttpd@version"), + CPEs: singleCPE("cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "proftpd-binary", + FileGlob: "**/proftpd", + EvidenceMatcher: FileContentsVersionMatcher( + `\x00ProFTPD Version (?P[0-9]+\.[0-9]+\.[0-9]+[a-z]?)\x00`, + ), + Package: "proftpd", + PURL: mustPURL("pkg:generic/proftpd@version"), + CPEs: singleCPE("cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "zstd-binary", + FileGlob: "**/zstd", + EvidenceMatcher: FileContentsVersionMatcher( + `\x00v(?P[0-9]+\.[0-9]+\.[0-9]+)\x00`, + ), + Package: "zstd", + PURL: mustPURL("pkg:generic/zstd@version"), + CPEs: singleCPE("cpe:2.3:a:facebook:zstandard:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "xz-binary", + FileGlob: "**/xz", + EvidenceMatcher: FileContentsVersionMatcher( + `\x00xz \(XZ Utils\) (?P[0-9]+\.[0-9]+\.[0-9]+)\x00`, + ), + Package: "xz", + PURL: mustPURL("pkg:generic/xz@version"), + CPEs: singleCPE("cpe:2.3:a:tukaani:xz:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "gzip-binary", + FileGlob: "**/gzip", + EvidenceMatcher: FileContentsVersionMatcher( + `\x00(?P[0-9]+\.[0-9]+)\x00`, + ), + Package: "gzip", + PURL: mustPURL("pkg:generic/gzip@version"), + CPEs: singleCPE("cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "sqlcipher-binary", + FileGlob: "**/sqlcipher", + EvidenceMatcher: FileContentsVersionMatcher( + `[^0-9]\x00(?P[0-9]+\.[0-9]+\.[0-9]+)\x00`, + ), + Package: "sqlcipher", + PURL: mustPURL("pkg:generic/sqlcipher@version"), + CPEs: singleCPE("cpe:2.3:a:zetetic:sqlcipher:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, + { + Class: "jq-binary", + FileGlob: "**/jq", + EvidenceMatcher: FileContentsVersionMatcher( + `\x00(?P[0-9]{1,3}\.[0-9]{1,3}(\.[0-9]+)?)\x00`, + ), + Package: "jq", + PURL: mustPURL("pkg:generic/jq@version"), + CPEs: singleCPE("cpe:2.3:a:jqlang:jq:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), + }, } } diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gzip/1.12/linux-amd64/gzip b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gzip/1.12/linux-amd64/gzip new file mode 100644 index 00000000000..64510d6c4de Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gzip/1.12/linux-amd64/gzip differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/jq/1.7.1/linux-amd64/jq b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/jq/1.7.1/linux-amd64/jq new file mode 100644 index 00000000000..4adbcf60024 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/jq/1.7.1/linux-amd64/jq differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/lighttpd/1.4.76/linux-amd64/lighttpd b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/lighttpd/1.4.76/linux-amd64/lighttpd new file mode 100644 index 00000000000..c6147b7a9bb Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/lighttpd/1.4.76/linux-amd64/lighttpd differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/proftpd/1.3.8b/linux-amd64/proftpd b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/proftpd/1.3.8b/linux-amd64/proftpd new file mode 100644 index 00000000000..f9bc1cae5a5 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/proftpd/1.3.8b/linux-amd64/proftpd differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/sqlcipher/4.5.5/linux-amd64/sqlcipher b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/sqlcipher/4.5.5/linux-amd64/sqlcipher new file mode 100644 index 00000000000..111cab34911 Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/sqlcipher/4.5.5/linux-amd64/sqlcipher differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/xz/5.6.2/linux-amd64/xz b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/xz/5.6.2/linux-amd64/xz new file mode 100644 index 00000000000..ed3dc45093f Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/xz/5.6.2/linux-amd64/xz differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/zstd/1.5.6/linux-amd64/zstd b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/zstd/1.5.6/linux-amd64/zstd new file mode 100644 index 00000000000..31944cb002b Binary files /dev/null and b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/zstd/1.5.6/linux-amd64/zstd differ diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml index 58408325be8..51607b51a96 100644 --- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml +++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml @@ -610,3 +610,58 @@ from-images: paths: - /usr/bin/curl + - name: lighttpd + version: 1.4.76 + images: + - ref: jitesoft/lighttpd:1.4.76-cgi@sha256:f5d4500bfb992a20ca39369ae1ca1d8a7a9463bb8c59ee8dd85ddb6d96fc9fc1 + platform: linux/amd64 + paths: + - /usr/local/sbin/lighttpd + + - name: proftpd + version: 1.3.8b + images: + - ref: mekayelanik/proftpd-server-alpine:1.3.8b-r2@sha256:a1ef73a2de04999e53bf728b548ef9922febab8f5709037e40e0141cedcd66db + platform: linux/amd64 + paths: + - /usr/sbin/proftpd + + - name: zstd + version: 1.5.6 + images: + - ref: danysk/zstd:1.5.6@sha256:5eceba085b3a399592755dd66a37b8adfb83538af3f56b51bec6e6cc955e3b5f + platform: linux/amd64 + paths: + - /usr/local/bin/zstd + + - name: xz + version: 5.6.2 + images: + - ref: docker:27.2.1@sha256:c51fa20028ff6590588d9ed97d3b16865d503a3d7228aa885871c5c292afa5ca + platform: linux/amd64 + paths: + - /usr/bin/xz + + - name: gzip + version: 1.12 + images: + - ref: ubuntu:24.04@sha256:d35dfc2fe3ef66bcc085ca00d3152b482e6cafb23cdda1864154caf3b19094ba + platform: linux/amd64 + paths: + - /usr/bin/gzip + + - name: sqlcipher + version: 4.5.5 + images: + - ref: yspreen/sqlcipher@sha256:93189cc465661f16ad23f3ace4206179bdd19967deaf08c54da5ac1e34bb6fb7 + platform: linux/amd64 + paths: + - /usr/local/bin/sqlcipher + + - name: jq + version: 1.7.1 + images: + - ref: efrecon/jq:1.7.1@sha256:0ad05e2e6d1dea5fe0852ecc23114eb768d60c4ce0985d729eb958809e7f31dd + platform: linux/amd64 + paths: + - /usr/local/bin/jq