github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/syft/pkg/cataloger/binary/default_classifiers.go (about) 1 package binary 2 3 import ( 4 "github.com/anchore/syft/syft/cpe" 5 "github.com/anchore/syft/syft/pkg" 6 ) 7 8 var defaultClassifiers = []classifier{ 9 { 10 Class: "python-binary", 11 FileGlob: "**/python*", 12 EvidenceMatcher: evidenceMatchers( 13 // try to find version information from libpython shared libraries 14 sharedLibraryLookup( 15 `^libpython[0-9]+(?:\.[0-9]+)+[a-z]?\.so.*$`, 16 libpythonMatcher), 17 // check for version information in the binary 18 fileNameTemplateVersionMatcher( 19 `(?:.*/|^)python(?P<version>[0-9]+(?:\.[0-9]+)+)$`, 20 pythonVersionTemplate), 21 ), 22 Package: "python", 23 PURL: mustPURL("pkg:generic/python@version"), 24 CPEs: []cpe.CPE{ 25 cpe.Must("cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*"), 26 cpe.Must("cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"), 27 }, 28 }, 29 { 30 Class: "python-binary-lib", 31 FileGlob: "**/libpython*.so*", 32 EvidenceMatcher: libpythonMatcher, 33 Package: "python", 34 PURL: mustPURL("pkg:generic/python@version"), 35 CPEs: []cpe.CPE{ 36 cpe.Must("cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*"), 37 cpe.Must("cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"), 38 }, 39 }, 40 { 41 Class: "go-binary", 42 FileGlob: "**/go", 43 EvidenceMatcher: fileContentsVersionMatcher( 44 `(?m)go(?P<version>[0-9]+\.[0-9]+(\.[0-9]+|beta[0-9]+|alpha[0-9]+|rc[0-9]+)?)\x00`), 45 Package: "go", 46 PURL: mustPURL("pkg:generic/go@version"), 47 CPEs: singleCPE("cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"), 48 }, 49 { 50 Class: "helm", 51 FileGlob: "**/helm", 52 EvidenceMatcher: fileContentsVersionMatcher( 53 `(?m)\x00v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`), 54 Package: "helm", 55 PURL: mustPURL("pkg:golang/helm.sh/helm@version"), 56 CPEs: singleCPE("cpe:2.3:a:helm:helm:*:*:*:*:*:*:*"), 57 }, 58 { 59 Class: "redis-binary", 60 FileGlob: "**/redis-server", 61 EvidenceMatcher: fileContentsVersionMatcher( 62 `(?s)payload %5.*(?P<version>\d.\d\.\d\d*?)[a-z0-9]{12}-[0-9]{19}`), 63 Package: "redis", 64 PURL: mustPURL("pkg:generic/redis@version"), 65 CPEs: singleCPE("cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*"), 66 }, 67 { 68 Class: "java-binary-openjdk", 69 FileGlob: "**/java", 70 EvidenceMatcher: fileContentsVersionMatcher( 71 // [NUL]openjdk[NUL]java[NUL]0.0[NUL]11.0.17+8-LTS[NUL] 72 // [NUL]openjdk[NUL]java[NUL]1.8[NUL]1.8.0_352-b08[NUL] 73 `(?m)\x00openjdk\x00java\x00(?P<release>[0-9]+[.0-9]*)\x00(?P<version>[0-9]+[^\x00]+)\x00`), 74 Package: "java", 75 PURL: mustPURL("pkg:generic/java@version"), 76 // TODO the updates might need to be part of the CPE, like: 1.8.0:update152 77 CPEs: singleCPE("cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*"), 78 }, 79 { 80 Class: "java-binary-ibm", 81 FileGlob: "**/java", 82 EvidenceMatcher: fileContentsVersionMatcher( 83 // [NUL]java[NUL]1.8[NUL][NUL][NUL][NUL]1.8.0-foreman_2022_09_22_15_30-b00[NUL] 84 `(?m)\x00java\x00(?P<release>[0-9]+[.0-9]+)\x00{4}(?P<version>[0-9]+[-._a-zA-Z0-9]+)\x00`), 85 Package: "java", 86 PURL: mustPURL("pkg:generic/java@version"), 87 CPEs: singleCPE("cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*"), 88 }, 89 { 90 Class: "java-binary-oracle", 91 FileGlob: "**/java", 92 EvidenceMatcher: fileContentsVersionMatcher( 93 // [NUL]19.0.1+10-21[NUL] 94 `(?m)\x00(?P<version>[0-9]+[.0-9]+[+][-0-9]+)\x00`), 95 Package: "java", 96 PURL: mustPURL("pkg:generic/java@version"), 97 CPEs: singleCPE("cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*"), 98 }, 99 { 100 Class: "nodejs-binary", 101 FileGlob: "**/node", 102 EvidenceMatcher: fileContentsVersionMatcher( 103 `(?m)node\.js\/v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`), 104 Package: "node", 105 Language: pkg.JavaScript, 106 PURL: mustPURL("pkg:generic/node@version"), 107 CPEs: singleCPE("cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*"), 108 }, 109 { 110 Class: "go-binary-hint", 111 FileGlob: "**/VERSION", 112 EvidenceMatcher: fileContentsVersionMatcher( 113 `(?m)go(?P<version>[0-9]+\.[0-9]+(\.[0-9]+|beta[0-9]+|alpha[0-9]+|rc[0-9]+)?)`), 114 Package: "go", 115 PURL: mustPURL("pkg:generic/go@version"), 116 }, 117 { 118 Class: "busybox-binary", 119 FileGlob: "**/busybox", 120 EvidenceMatcher: fileContentsVersionMatcher( 121 `(?m)BusyBox\s+v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`), 122 Package: "busybox", 123 CPEs: singleCPE("cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*"), 124 }, 125 { 126 Class: "haproxy-binary", 127 FileGlob: "**/haproxy", 128 EvidenceMatcher: evidenceMatchers( 129 fileContentsVersionMatcher(`(?m)HA-Proxy version (?P<version>[0-9]+\.[0-9]+\.[0-9]+)`), 130 fileContentsVersionMatcher(`(?m)(?P<version>[0-9]+\.[0-9]+\.[0-9]+)-[0-9a-zA-Z]{7}.+HAProxy version`), 131 ), 132 Package: "haproxy", 133 PURL: mustPURL("pkg:generic/haproxy@version"), 134 CPEs: singleCPE("cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*"), 135 }, 136 { 137 Class: "perl-binary", 138 FileGlob: "**/perl", 139 EvidenceMatcher: fileContentsVersionMatcher( 140 `(?m)\/usr\/local\/lib\/perl\d\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`), 141 Package: "perl", 142 PURL: mustPURL("pkg:generic/perl@version"), 143 CPEs: singleCPE("cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*"), 144 }, 145 { 146 Class: "php-cli-binary", 147 FileGlob: "**/php*", 148 EvidenceMatcher: fileNameTemplateVersionMatcher( 149 `(.*/|^)php[0-9]*$`, 150 `(?m)X-Powered-By: PHP\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+(beta[0-9]+|alpha[0-9]+|RC[0-9]+)?)`), 151 Package: "php-cli", 152 PURL: mustPURL("pkg:generic/php-cli@version"), 153 CPEs: singleCPE("cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"), 154 }, 155 { 156 Class: "php-fpm-binary", 157 FileGlob: "**/php-fpm*", 158 EvidenceMatcher: fileContentsVersionMatcher( 159 `(?m)X-Powered-By: PHP\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+(beta[0-9]+|alpha[0-9]+|RC[0-9]+)?)`), 160 Package: "php-fpm", 161 PURL: mustPURL("pkg:generic/php-fpm@version"), 162 CPEs: singleCPE("cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"), 163 }, 164 { 165 Class: "php-apache-binary", 166 FileGlob: "**/libphp*.so", 167 EvidenceMatcher: fileContentsVersionMatcher( 168 `(?m)X-Powered-By: PHP\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+(beta[0-9]+|alpha[0-9]+|RC[0-9]+)?)`), 169 Package: "libphp", 170 PURL: mustPURL("pkg:generic/php@version"), 171 CPEs: singleCPE("cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"), 172 }, 173 { 174 Class: "httpd-binary", 175 FileGlob: "**/httpd", 176 EvidenceMatcher: fileContentsVersionMatcher( 177 `(?m)Apache\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`), 178 Package: "httpd", 179 PURL: mustPURL("pkg:generic/httpd@version"), 180 CPEs: singleCPE("cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"), 181 }, 182 { 183 Class: "memcached-binary", 184 FileGlob: "**/memcached", 185 EvidenceMatcher: fileContentsVersionMatcher( 186 `(?m)memcached\s(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`), 187 Package: "memcached", 188 PURL: mustPURL("pkg:generic/memcached@version"), 189 }, 190 { 191 Class: "traefik-binary", 192 FileGlob: "**/traefik", 193 EvidenceMatcher: fileContentsVersionMatcher( 194 // [NUL]v1.7.34[NUL] 195 // [NUL]2.9.6[NUL] 196 `(?m)\x00v?(?P<version>[0-9]+\.[0-9]+\.[0-9]+(-alpha[0-9]|-beta[0-9]|-rc[0-9])?)\x00`), 197 Package: "traefik", 198 PURL: mustPURL("pkg:generic/traefik@version"), 199 }, 200 { 201 Class: "postgresql-binary", 202 FileGlob: "**/postgres", 203 EvidenceMatcher: fileContentsVersionMatcher( 204 // [NUL]PostgreSQL 15beta4 205 // [NUL]PostgreSQL 15.1 206 // [NUL]PostgreSQL 9.6.24 207 // ?PostgreSQL 9.5alpha1 208 `(?m)(\x00|\?)PostgreSQL (?P<version>[0-9]+(\.[0-9]+)?(\.[0-9]+)?(alpha[0-9]|beta[0-9]|rc[0-9])?)`), 209 Package: "postgresql", 210 PURL: mustPURL("pkg:generic/postgresql@version"), 211 }, 212 { 213 Class: "rust-standard-library-linux", 214 FileGlob: "**/libstd-????????????????.so", 215 EvidenceMatcher: fileContentsVersionMatcher( 216 // clang LLVM (rustc version 1.48.0 (7eac88abb 2020-11-16)) 217 `(?m)(\x00)clang LLVM \(rustc version (?P<version>[0-9]+(\.[0-9]+)?(\.[0-9]+)) \(\w+ \d{4}\-\d{2}\-\d{2}\)`), 218 Package: "rust", 219 PURL: mustPURL("pkg:generic/rust@version"), 220 CPEs: singleCPE("cpe:2.3:a:rust-lang:rust:*:*:*:*:*:*:*:*"), 221 }, 222 { 223 Class: "rust-standard-library-macos", 224 FileGlob: "**/libstd-????????????????.dylib", 225 EvidenceMatcher: fileContentsVersionMatcher( 226 // c 1.48.0 (7eac88abb 2020-11-16) 227 `(?m)c (?P<version>[0-9]+(\.[0-9]+)?(\.[0-9]+)) \(\w+ \d{4}\-\d{2}\-\d{2}\)`), 228 Package: "rust", 229 PURL: mustPURL("pkg:generic/rust@version"), 230 CPEs: singleCPE("cpe:2.3:a:rust-lang:rust:*:*:*:*:*:*:*:*"), 231 }, 232 { 233 Class: "ruby-binary", 234 FileGlob: "**/ruby", 235 EvidenceMatcher: evidenceMatchers( 236 rubyMatcher, 237 sharedLibraryLookup( 238 // try to find version information from libruby shared libraries 239 `^libruby\.so.*$`, 240 rubyMatcher), 241 ), 242 Package: "ruby", 243 PURL: mustPURL("pkg:generic/ruby@version"), 244 CPEs: singleCPE("cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*"), 245 }, 246 { 247 Class: "consul-binary", 248 FileGlob: "**/consul", 249 EvidenceMatcher: fileContentsVersionMatcher( 250 // NOTE: This is brittle and may not work for past or future versions 251 `CONSUL_VERSION: (?P<version>\d+\.\d+\.\d+)`, 252 ), 253 Package: "consul", 254 PURL: mustPURL("pkg:golang/github.com/hashicorp/consul@version"), 255 CPEs: singleCPE("cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*"), 256 }, 257 { 258 Class: "nginx-binary", 259 FileGlob: "**/nginx", 260 EvidenceMatcher: fileContentsVersionMatcher( 261 // [NUL]nginx version: nginx/1.25.1 - fetches '1.25.1' 262 // [NUL]nginx version: openresty/1.21.4.1 - fetches '1.21.4' as this is the nginx version part 263 `(?m)(\x00|\?)nginx version: [^\/]+\/(?P<version>[0-9]+\.[0-9]+\.[0-9]+(?:\+\d+)?(?:-\d+)?)`, 264 ), 265 Package: "nginx", 266 PURL: mustPURL("pkg:generic/nginx@version"), 267 CPEs: []cpe.CPE{ 268 cpe.Must("cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*"), 269 cpe.Must("cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*"), 270 }, 271 }, 272 { 273 Class: "bash-binary", 274 FileGlob: "**/bash", 275 EvidenceMatcher: fileContentsVersionMatcher( 276 // @(#)Bash version 5.2.15(1) release GNU 277 // @(#)Bash version 5.2.0(1) alpha GNU 278 // @(#)Bash version 5.2.0(1) beta GNU 279 // @(#)Bash version 5.2.0(1) rc4 GNU 280 `(?m)@\(#\)Bash version (?P<version>[0-9]+\.[0-9]+\.[0-9]+)\([0-9]\) [a-z0-9]+ GNU`, 281 ), 282 Package: "bash", 283 PURL: mustPURL("pkg:generic/bash@version"), 284 CPEs: singleCPE("cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*"), 285 }, 286 } 287 288 // in both binaries and shared libraries, the version pattern is [NUL]3.11.2[NUL] 289 var pythonVersionTemplate = `(?m)\x00(?P<version>{{ .version }}[-._a-zA-Z0-9]*)\x00` 290 291 var libpythonMatcher = fileNameTemplateVersionMatcher( 292 `(?:.*/|^)libpython(?P<version>[0-9]+(?:\.[0-9]+)+)[a-z]?\.so.*$`, 293 pythonVersionTemplate, 294 ) 295 296 var rubyMatcher = fileContentsVersionMatcher( 297 // ruby 3.2.1 (2023-02-08 revision 31819e82c8) [x86_64-linux] 298 // ruby 2.7.7p221 (2022-11-24 revision 168ec2b1e5) [x86_64-linux] 299 `(?m)ruby (?P<version>[0-9]+\.[0-9]+\.[0-9]+(p[0-9]+)?) `)