From 101baa001019c95590141a421e6ce788072fc385 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fabrice.fontaine@orange.com>
Date: Thu, 12 Sep 2024 14:52:09 +0200
Subject: [PATCH] fix: fix glibc patterns

Drop wrong patterns to avoid the following false positive with a
METADATA python file containing the following line:

pmmap_grouped(path='/lib/x8664-linux-gnu/libc-2.15.so', rss=3821568, size=3842048, pss=3821568, shared_clean=0, shared_dirty=0, private_clean=0, private_dirty=3821568, referenced=3575808, anonymous=3821568, swap=0),

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
---
 cve_bin_tool/checkers/glibc.py | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/cve_bin_tool/checkers/glibc.py b/cve_bin_tool/checkers/glibc.py
index ddf96a9215..44be79eff8 100644
--- a/cve_bin_tool/checkers/glibc.py
+++ b/cve_bin_tool/checkers/glibc.py
@@ -34,16 +34,5 @@ class GlibcChecker(Checker):
     VERSION_PATTERNS = [
         r"GNU C Library \([a-zA-Z0-9 \+\-\.]*\) (?:release|stable) release version ([012](\.[0-9]+){1,2})",
         r"GLIBC ([012](\.[0-9]+){1,2})[a-z0-9+\-]*\) \r?\n",
-        r"libc-([012](\.[0-9]+){1,2})\.so",  # patterns like this aren't ideal (check the end of the file)
-        r"ld-([012]\.[0-9]+)\.so",  # patterns like this aren't ideal
-        r"libanl-([012](\.[0-9]+){1,2})\.so",  # patterns like this aren't ideal
-        r"ld-([012](\.[0-9]+){1,2})\.so",  # patterns like this aren't ideal
     ]
     VENDOR_PRODUCT = [("gnu", "glibc")]
-
-
-"""
-Using filenames (containing patterns like '.so' etc.) in the binaries as VERSION_PATTERNS aren't ideal.
-The reason behind this is that these might depend on who packages the file (like it
-might work on fedora but not on ubuntu)
-"""