diff --git a/cve_bin_tool/checkers/__init__.py b/cve_bin_tool/checkers/__init__.py index 655f70e9e1..7d9ab843cc 100644 --- a/cve_bin_tool/checkers/__init__.py +++ b/cve_bin_tool/checkers/__init__.py @@ -310,6 +310,7 @@ "picocom", "pigz", "pixman", + "pjsip", "png", "polarssl_fedora", "poppler", diff --git a/cve_bin_tool/checkers/pjsip.py b/cve_bin_tool/checkers/pjsip.py new file mode 100644 index 0000000000..afb6362300 --- /dev/null +++ b/cve_bin_tool/checkers/pjsip.py @@ -0,0 +1,21 @@ +# Copyright (C) 2025 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + + +""" +CVE checker for pjsip + +https://www.cvedetails.com/product/44396/Teluu-Pjsip.html?vendor_id=17771 +https://www.cvedetails.com/product/65638/Pjsip-Pjsip.html?vendor_id=21360 + +""" +from __future__ import annotations + +from cve_bin_tool.checkers import Checker + + +class PjsipChecker(Checker): + CONTAINS_PATTERNS: list[str] = [] + FILENAME_PATTERNS: list[str] = [] + VERSION_PATTERNS = [r"PJ_[A-Za-z0-9_:%) ]*\r?\n([0-9]+\.[0-9]+(\.[0-9]+)?)"] + VENDOR_PRODUCT = [("pjsip", "pjsip"), ("teluu", "pjsip")] diff --git a/test/condensed-downloads/libpj_2.10-3_x86_64.ipk.tar.gz b/test/condensed-downloads/libpj_2.10-3_x86_64.ipk.tar.gz new file mode 100644 index 0000000000..c0cda98556 Binary files /dev/null and b/test/condensed-downloads/libpj_2.10-3_x86_64.ipk.tar.gz differ diff --git a/test/condensed-downloads/pjproject-2.13.1-6.fc42.aarch64.rpm.tar.gz b/test/condensed-downloads/pjproject-2.13.1-6.fc42.aarch64.rpm.tar.gz new file mode 100644 index 0000000000..42ddc445bc Binary files /dev/null and b/test/condensed-downloads/pjproject-2.13.1-6.fc42.aarch64.rpm.tar.gz differ diff --git a/test/condensed-downloads/pjproject-2.9-r0.apk.tar.gz b/test/condensed-downloads/pjproject-2.9-r0.apk.tar.gz new file mode 100644 index 0000000000..99fe76126e Binary files /dev/null and b/test/condensed-downloads/pjproject-2.9-r0.apk.tar.gz differ diff --git a/test/test_data/asterisk.py b/test/test_data/asterisk.py index a770f02515..36ab5d55d2 100644 --- a/test/test_data/asterisk.py +++ b/test/test_data/asterisk.py @@ -19,18 +19,21 @@ "package_name": "asterisk-18.12.1-1.fc37.1.aarch64.rpm", "product": "asterisk", "version": "18.12.1", + "other_products": ["pjsip"], }, { "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/a/", "package_name": "asterisk-18.12.1-1.fc37.1.i686.rpm", "product": "asterisk", "version": "18.12.1", + "other_products": ["pjsip"], }, { "url": "http://ftp.debian.org/debian/pool/main/a/asterisk/", "package_name": "asterisk_16.16.1~dfsg-1+deb11u1_arm64.deb", "product": "asterisk", "version": "16.16.1", + "other_products": ["pjsip"], }, { "url": "https://downloads.openwrt.org/releases/22.03.0/packages/aarch64_generic/telephony/", diff --git a/test/test_data/pjsip.py b/test/test_data/pjsip.py new file mode 100644 index 0000000000..6e5d9b4f48 --- /dev/null +++ b/test/test_data/pjsip.py @@ -0,0 +1,27 @@ +# Copyright (C) 2025 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + +mapping_test_data = [ + {"product": "pjsip", "version": "2.9", "version_strings": ["PJ_\n2.9"]} +] +package_test_data = [ + { + "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/p/", + "package_name": "pjproject-2.13.1-6.fc42.aarch64.rpm", + "product": "pjsip", + "version": "2.13.1", + "other_products": ["libsrtp"], + }, + { + "url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/telephony/", + "package_name": "libpj_2.10-3_x86_64.ipk", + "product": "pjsip", + "version": "2.10", + }, + { + "url": "https://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/", + "package_name": "pjproject-2.9-r0.apk", + "product": "pjsip", + "version": "2.9", + }, +]