Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add PHP extensions binary classifiers #2585

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add PHP extensions binary classifiers #2585

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 91 additions & 1 deletion syft/pkg/cataloger/binary/default_classifiers.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
package binary

import (
"fmt"

"github.com/anchore/syft/syft/cpe"
)

//nolint:funlen
func DefaultClassifiers() []Classifier {
return []Classifier{
classifiers := []Classifier{
{
Class: "python-binary",
FileGlob: "**/python*",
Expand Down Expand Up @@ -415,6 +417,94 @@ func DefaultClassifiers() []Classifier {
CPEs: singleCPE("cpe:2.3:a:wp-cli:wp-cli:*:*:*:*:*:*:*:*"),
},
}

classifiers = append(classifiers, phpExtensionsClassifiers()...)

return classifiers
}

//nolint:funlen
func phpExtensionsClassifiers() []Classifier {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't quite understand the need for so many classifiers, can you help me understand what this is doing? (this should also probably be captured as a comment in the code)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are extensions for which the source exists in the PHP codebase but aren't compiled in the main PHP binary. They are optionally compiled when users need it. ex: https://github.com/nextcloud/docker/blob/master/28/fpm-alpine/Dockerfile#L41-L53

classifiers := make([]Classifier, 0)

extensions := []string{
"bcmath",
"bz2",
"calendar",
"ctype",
"curl",
"dba",
"dl_test",
// "dom",
"enchant",
"exif",
"ffi",
"fileinfo",
"filter",
"ftp",
"gd",
"gettext",
"gmp",
"iconv",
"intl",
"ldap",
"mbstring",
"mysqli",
"odbc",
"opcache",
"pcntl",
"pdo_dblib",
"pdo_firebird",
"pdo_mysql",
"pdo_odbc",
"pdo_pgsql",
"pgsql",
"phar",
"posix",
"session",
"shmop",
"simplexml",
"snmp",
"soap",
"sockets",
"sodium",
"sysvmsg",
"sysvsem",
"sysvshm",
"tidy",
"xml",
"xmlreader",
"xmlwriter",
"xsl",
"zip",
}

for _, ext := range extensions {
match := ""

switch ext {
// TODO: case "dom:"
case "mysqli":
match = `mysqlnd (?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00{2}`
case "opcache":
match = `overflow\x00+(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00{2}Zend`
case "zip":
match = `\x00+(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00{2}Zip`
default:
match = fmt.Sprintf(`(?m)(\x00+%s)?\x00+(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00{2}API`, ext)
}

classifiers = append(classifiers, Classifier{
Class: fmt.Sprintf("php-ext-%s-binary", ext),
FileGlob: fmt.Sprintf("**/%s.so", ext),
EvidenceMatcher: FileContentsVersionMatcher(match),
Package: ext,
PURL: mustPURL(fmt.Sprintf("pkg:generic/%s@version", ext)),
CPEs: singleCPE("cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"),
})
}

return classifiers
}

// in both binaries and shared libraries, the version pattern is [NUL]3.11.2[NUL]
Expand Down
Binary file added ...ataloger/binary/test-fixtures/classifiers/snippets/bcmath.so/8.2.15/linux-amd64/bcmath.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/bz2.so/8.2.15/linux-amd64/bz2.so
View file
Open in desktop
Binary file not shown.
Binary file added ...oger/binary/test-fixtures/classifiers/snippets/calendar.so/8.2.15/linux-amd64/calendar.so
View file
Open in desktop
Binary file not shown.
Binary file added .../cataloger/binary/test-fixtures/classifiers/snippets/ctype.so/8.2.15/linux-amd64/ctype.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/curl.so/8.2.15/linux-amd64/curl.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/dba.so/8.2.15/linux-amd64/dba.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/dl_test.so/8.2.15/linux-amd64/dl_test.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/enchant.so/8.2.15/linux-amd64/enchant.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/exif.so/8.2.15/linux-amd64/exif.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/ffi.so/8.2.15/linux-amd64/ffi.so
View file
Open in desktop
Binary file not shown.
Binary file added ...oger/binary/test-fixtures/classifiers/snippets/fileinfo.so/8.2.15/linux-amd64/fileinfo.so
View file
Open in desktop
Binary file not shown.
Binary file added ...ataloger/binary/test-fixtures/classifiers/snippets/filter.so/8.2.15/linux-amd64/filter.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/ftp.so/8.2.15/linux-amd64/ftp.so
View file
Open in desktop
Binary file not shown.
Binary file added syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gd.so/8.2.15/linux-amd64/gd.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/gettext.so/8.2.15/linux-amd64/gettext.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/gmp.so/8.2.15/linux-amd64/gmp.so
View file
Open in desktop
Binary file not shown.
Binary file added .../cataloger/binary/test-fixtures/classifiers/snippets/iconv.so/8.2.15/linux-amd64/iconv.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/intl.so/8.2.15/linux-amd64/intl.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/ldap.so/8.2.15/linux-amd64/ldap.so
View file
Open in desktop
Binary file not shown.
Binary file added ...oger/binary/test-fixtures/classifiers/snippets/mbstring.so/8.2.15/linux-amd64/mbstring.so
View file
Open in desktop
Binary file not shown.
Binary file added ...ataloger/binary/test-fixtures/classifiers/snippets/mysqli.so/8.2.15/linux-amd64/mysqli.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/odbc.so/8.2.15/linux-amd64/odbc.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/opcache.so/8.2.15/linux-amd64/opcache.so
View file
Open in desktop
Binary file not shown.
Binary file added .../cataloger/binary/test-fixtures/classifiers/snippets/pcntl.so/8.2.15/linux-amd64/pcntl.so
View file
Open in desktop
Binary file not shown.
Binary file added ...er/binary/test-fixtures/classifiers/snippets/pdo_dblib.so/8.2.15/linux-amd64/pdo_dblib.so
View file
Open in desktop
Binary file not shown.
Binary file added ...ary/test-fixtures/classifiers/snippets/pdo_firebird.so/8.2.15/linux-amd64/pdo_firebird.so
View file
Open in desktop
Binary file not shown.
Binary file added ...er/binary/test-fixtures/classifiers/snippets/pdo_mysql.so/8.2.15/linux-amd64/pdo_mysql.so
View file
Open in desktop
Binary file not shown.
Binary file added ...oger/binary/test-fixtures/classifiers/snippets/pdo_odbc.so/8.2.15/linux-amd64/pdo_odbc.so
View file
Open in desktop
Binary file not shown.
Binary file added ...er/binary/test-fixtures/classifiers/snippets/pdo_pgsql.so/8.2.15/linux-amd64/pdo_pgsql.so
View file
Open in desktop
Binary file not shown.
Binary file added .../cataloger/binary/test-fixtures/classifiers/snippets/pgsql.so/8.2.15/linux-amd64/pgsql.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/phar.so/8.2.15/linux-amd64/phar.so
View file
Open in desktop
Binary file not shown.
Binary file added .../cataloger/binary/test-fixtures/classifiers/snippets/posix.so/8.2.15/linux-amd64/posix.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/session.so/8.2.15/linux-amd64/session.so
View file
Open in desktop
Binary file not shown.
Binary file added .../cataloger/binary/test-fixtures/classifiers/snippets/shmop.so/8.2.15/linux-amd64/shmop.so
View file
Open in desktop
Binary file not shown.
Binary file added ...er/binary/test-fixtures/classifiers/snippets/simplexml.so/8.2.15/linux-amd64/simplexml.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/snmp.so/8.2.15/linux-amd64/snmp.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/soap.so/8.2.15/linux-amd64/soap.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/sockets.so/8.2.15/linux-amd64/sockets.so
View file
Open in desktop
Binary file not shown.
Binary file added ...ataloger/binary/test-fixtures/classifiers/snippets/sodium.so/8.2.15/linux-amd64/sodium.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/sysvmsg.so/8.2.15/linux-amd64/sysvmsg.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/sysvsem.so/8.2.15/linux-amd64/sysvsem.so
View file
Open in desktop
Binary file not shown.
Binary file added ...aloger/binary/test-fixtures/classifiers/snippets/sysvshm.so/8.2.15/linux-amd64/sysvshm.so
View file
Open in desktop
Binary file not shown.
Binary file added ...kg/cataloger/binary/test-fixtures/classifiers/snippets/tidy.so/8.2.15/linux-amd64/tidy.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/xml.so/8.2.15/linux-amd64/xml.so
View file
Open in desktop
Binary file not shown.
Binary file added ...er/binary/test-fixtures/classifiers/snippets/xmlreader.so/8.2.15/linux-amd64/xmlreader.so
View file
Open in desktop
Binary file not shown.
Binary file added ...er/binary/test-fixtures/classifiers/snippets/xmlwriter.so/8.2.15/linux-amd64/xmlwriter.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/xsl.so/8.2.15/linux-amd64/xsl.so
View file
Open in desktop
Binary file not shown.
Binary file added .../pkg/cataloger/binary/test-fixtures/classifiers/snippets/zip.so/1.21.1/linux-amd64/zip.so
View file
Open in desktop
Binary file not shown.
Loading
Loading