feat(checker): add libheif checker

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>

cve_bin_tool/checkers/__init__.py

@@ -154,6 +154,7 @@
     "libgcrypt",
     "libgd",
     "libgit2",
+    "libheif",
     "libical",
     "libidn2",
     "libinput",

cve_bin_tool/checkers/libheif.py

@@ -0,0 +1,20 @@
+# Copyright (C) 2023 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+
+"""
+CVE checker for libheif
+
+https://www.cvedetails.com/product/53699/Struktur-Libheif.html?vendor_id=19782
+
+"""
+from __future__ import annotations
+
+from cve_bin_tool.checkers import Checker
+
+
+class LibheifChecker(Checker):
+    CONTAINS_PATTERNS: list[str] = []
+    FILENAME_PATTERNS: list[str] = []
+    VERSION_PATTERNS = [r"([0-9]+\.[0-9]+\.[0-9]+)\r?\nheif"]
+    VENDOR_PRODUCT = [("struktur", "libheif")]

test/test_data/libheif.py

@@ -0,0 +1,26 @@
+# Copyright (C) 2023 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+mapping_test_data = [
+    {"product": "libheif", "version": "4.4.0", "version_strings": ["motion 4.4.0"]}
+]
+package_test_data = [
+    {
+        "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/l/",
+        "package_name": "libheif-1.17.5-1.fc40.aarch64.rpm",
+        "product": "libheif",
+        "version": "1.17.5",
+    },
+    {
+        "url": "http://ftp.fr.debian.org/debian/pool/main/libh/libheif/",
+        "package_name": "libheif1_1.3.2-2~deb10u1_amd64.deb",
+        "product": "libheif",
+        "version": "1.3.2",
+    },
+    {
+        "url": "https://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/",
+        "package_name": "libheif-1.6.0-r0.apk",
+        "product": "libheif",
+        "version": "1.6.0",
+    },
+]