Skip to content

Commit

Permalink
fix: split curl and libcurl checkers
Browse files Browse the repository at this point in the history
Fix intel#3173

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
  • Loading branch information
ffontaine committed Aug 11, 2023
1 parent 338e0cf commit 0cd7ff9
Show file tree
Hide file tree
Showing 8 changed files with 61 additions and 16 deletions.
1 change: 1 addition & 0 deletions cve_bin_tool/checkers/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@
"libass",
"libbpg",
"libconfuse",
"libcurl",
"libdb",
"libebml",
"libgcrypt",
Expand Down
4 changes: 2 additions & 2 deletions cve_bin_tool/checkers/curl.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,5 @@ class CurlChecker(Checker):
# r"ignoring --proxy-capath, not supported by libcurl",
]
FILENAME_PATTERNS = [r"curl"]
VERSION_PATTERNS = [r"curl[ -/]([678]+\.[0-9]+\.[0-9]+)"]
VENDOR_PRODUCT = [("haxx", "curl"), ("haxx", "libcurl")]
VERSION_PATTERNS = [r"\r?\ncurl[ -/]([678]+\.[0-9]+\.[0-9]+)"]
VENDOR_PRODUCT = [("haxx", "curl")]
20 changes: 20 additions & 0 deletions cve_bin_tool/checkers/libcurl.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Copyright (C) 2023 Orange
# SPDX-License-Identifier: GPL-3.0-or-later


"""
CVE checker for libcurl:
https://www.cvedetails.com/product/25085/Haxx-Libcurl.html?vendor_id=12682
"""
from __future__ import annotations

from cve_bin_tool.checkers import Checker


class LibcurlChecker(Checker):
CONTAINS_PATTERNS: list[str] = []
FILENAME_PATTERNS: list[str] = []
VERSION_PATTERNS = [r"libcurl[ -/]([678]+\.[0-9]+\.[0-9]+)"]
VENDOR_PRODUCT = [("haxx", "libcurl")]
Binary file not shown.
Binary file not shown.
Binary file not shown.
18 changes: 4 additions & 14 deletions test/test_data/curl.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@
"package_name": "curl-7.32.0-3.fc20.x86_64.rpm",
"product": "curl",
"version": "7.32.0",
"other_products": ["libcurl"],
},
{
"url": "https://ftp.netbsd.org/pub/pkgsrc/packages/NetBSD/aarch64/9.1/All/",
Expand All @@ -26,20 +25,11 @@
"package_name": "curl_7.52.1-5+deb9u10_amd64.deb",
"product": "curl",
"version": "7.52.1",
"other_products": ["libcurl"],
},
{
"url": "http://mirror.centos.org/centos/7/os/x86_64/Packages/",
"package_name": "libcurl-7.29.0-59.el7.x86_64.rpm",
"product": "libcurl",
"version": "7.29.0",
"other_products": ["curl"],
},
{
"url": "https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/30/Everything/x86_64/os/Packages/l/",
"package_name": "libcurl-7.64.0-6.fc30.x86_64.rpm",
"product": "libcurl",
"version": "7.64.0",
"other_products": ["curl"],
"url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/base/",
"package_name": "curl_7.66.0-3_x86_64.ipk",
"product": "curl",
"version": "7.66.0",
},
]
34 changes: 34 additions & 0 deletions test/test_data/libcurl.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Copyright (C) 2023 Orange
# SPDX-License-Identifier: GPL-3.0-or-later

mapping_test_data = [
{"product": "libcurl", "version": "7.34.0", "version_strings": ["libcurl 7.34.0"]},
{"product": "libcurl", "version": "7.34.0", "version_strings": ["libcurl-7.34.0"]},
{"product": "libcurl", "version": "7.34.0", "version_strings": ["libcurl/7.34.0"]},
]
package_test_data = [
{
"url": "http://ftp.br.debian.org/debian/pool/main/c/curl/",
"package_name": "libcurl3-gnutls_7.64.0-4+deb10u2_amd64.deb",
"product": "libcurl",
"version": "7.64.0",
},
{
"url": "http://mirror.centos.org/centos/7/os/x86_64/Packages/",
"package_name": "libcurl-7.29.0-59.el7.x86_64.rpm",
"product": "libcurl",
"version": "7.29.0",
},
{
"url": "https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/30/Everything/x86_64/os/Packages/l/",
"package_name": "libcurl-7.64.0-6.fc30.x86_64.rpm",
"product": "libcurl",
"version": "7.64.0",
},
{
"url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/base/",
"package_name": "libcurl4_7.66.0-3_x86_64.ipk",
"product": "libcurl",
"version": "7.66.0",
},
]

0 comments on commit 0cd7ff9

Please sign in to comment.