openssh binary detection (incomplete)

Issue/question: anchore#3216
krysgor · Sep 19, 2024 · 778437f · 778437f
1 parent ff9bbc7
commit 778437f
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go
@@ -574,6 +574,17 @@ func DefaultClassifiers() []Classifier {
 			PURL:    mustPURL("pkg:generic/curl@version"),
 			CPEs:    singleCPE("cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
 		},
+		{
+			Class:    "openssh-binary",
+			FileGlob: "**/ssh",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				// NOTE: The portable OpenSSH releases are marked with a 'p' version postfix (e.g. 9.6p1)
+				`\x00OpenSSH_(?P<version>[0-9]+\.[0-9]+)(p[0-9])?\x00`,
+			),
+			Package: "openssh",
+			PURL:    mustPURL("pkg:generic/openssh@version"),
+			CPEs:    singleCPE("cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
 	}
 }
 

diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml
@@ -610,3 +610,10 @@ from-images:
     paths:
       - /usr/bin/curl
 
+  - name: openssh
+    version: 9.3p1
+    images:
+      - ref: finalgene/openssh:9.1@sha256:0272f8e6ef6344eafc71c2dfb53ba8397ff47d7cf2e46c5c46c5f269e41d19e8
+        platform: linux/amd64
+    paths:
+      - /usr/bin/ssh