From 81e18a339581becad5027645fa14853ecc0e3d20 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Thu, 10 Aug 2023 09:02:51 +0200 Subject: [PATCH] feat(checker): add dav1d checker Signed-off-by: Fabrice Fontaine --- cve_bin_tool/checkers/__init__.py | 1 + cve_bin_tool/checkers/dav1d.py | 20 ++++++++++++++++++++ test/test_data/dav1d.py | 27 +++++++++++++++++++++++++++ 3 files changed, 48 insertions(+) create mode 100644 cve_bin_tool/checkers/dav1d.py create mode 100644 test/test_data/dav1d.py diff --git a/cve_bin_tool/checkers/__init__.py b/cve_bin_tool/checkers/__init__.py index 4bb2b1bfb0..7795dd6f6c 100644 --- a/cve_bin_tool/checkers/__init__.py +++ b/cve_bin_tool/checkers/__init__.py @@ -52,6 +52,7 @@ "curl", "cvs", "darkhttpd", + "dav1d", "davfs2", "dbus", "dhclient", diff --git a/cve_bin_tool/checkers/dav1d.py b/cve_bin_tool/checkers/dav1d.py new file mode 100644 index 0000000000..fed416ce45 --- /dev/null +++ b/cve_bin_tool/checkers/dav1d.py @@ -0,0 +1,20 @@ +# Copyright (C) 2023 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + + +""" +CVE checker for dav1d: + +https://www.cvedetails.com/product/139658/Videolan-Dav1d.html?vendor_id=5842 + +""" +from __future__ import annotations + +from cve_bin_tool.checkers import Checker + + +class Dav1DChecker(Checker): + CONTAINS_PATTERNS: list[str] = [] + FILENAME_PATTERNS: list[str] = [] + VERSION_PATTERNS = [r"([0-9]+\.[0-9]+\.[0-9]+)[A-Za-z ()%,:\r\n]*dav1d"] + VENDOR_PRODUCT = [("videolan", "dav1d")] diff --git a/test/test_data/dav1d.py b/test/test_data/dav1d.py new file mode 100644 index 0000000000..da0d8bb29d --- /dev/null +++ b/test/test_data/dav1d.py @@ -0,0 +1,27 @@ +# Copyright (C) 2023 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + +mapping_test_data = [ + {"product": "dav1d", "version": "0.7.1", "version_strings": ["0.7.1\ndav1d"]} +] +package_test_data = [ + { + "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/d/", + "package_name": "dav1d-1.2.1-2.fc39.aarch64.rpm", + "product": "dav1d", + "version": "1.2.1", + }, + { + "url": "http://ftp.fr.debian.org/debian/pool/main/d/dav1d/", + "package_name": "dav1d_0.7.1-3_amd64.deb", + "product": "dav1d", + "version": "0.7.1", + }, + { + "url": "https://eu.mirror.archlinuxarm.org/aarch64/extra/", + "package_name": "dav1d-1.2.1-1-aarch64.pkg.tar.xz", + "product": "dav1d", + "version": "1.2.1", + "other_products": ["gcc"], + }, +]