From fa826adf04c01c7948c488617a8450ac8a17faed Mon Sep 17 00:00:00 2001 From: Nils Hanke Date: Fri, 20 Jan 2023 15:03:30 +0100 Subject: [PATCH] fix: skip filling in empty fields in APK metadata (#1484) Signed-off-by: Nils Hanke Signed-off-by: Nils Hanke --- syft/pkg/cataloger/apkdb/parse_apk_db.go | 8 ++++ syft/pkg/cataloger/apkdb/parse_apk_db_test.go | 37 +++++++++++++++++++ .../test-fixtures/empty-deps-and-provides | 35 ++++++++++++++++++ 3 files changed, 80 insertions(+) create mode 100644 syft/pkg/cataloger/apkdb/test-fixtures/empty-deps-and-provides diff --git a/syft/pkg/cataloger/apkdb/parse_apk_db.go b/syft/pkg/cataloger/apkdb/parse_apk_db.go index bda118a693f..f814a2e32a3 100644 --- a/syft/pkg/cataloger/apkdb/parse_apk_db.go +++ b/syft/pkg/cataloger/apkdb/parse_apk_db.go @@ -71,6 +71,14 @@ func parseApkDB(_ source.FileResolver, env *generic.Environment, reader source.L log.Warnf("unable to parse field data from line %q", line) continue } + if len(field.name) == 0 { + log.Warnf("failed to parse field name from line %q", line) + continue + } + if len(field.value) == 0 { + log.Debugf("line %q: parsed field %q appears to have an empty value, skipping", line, field.name) + continue + } entryParsingInProgress = true diff --git a/syft/pkg/cataloger/apkdb/parse_apk_db_test.go b/syft/pkg/cataloger/apkdb/parse_apk_db_test.go index 94d6498f7cf..2e963b1c12a 100644 --- a/syft/pkg/cataloger/apkdb/parse_apk_db_test.go +++ b/syft/pkg/cataloger/apkdb/parse_apk_db_test.go @@ -160,6 +160,43 @@ func TestSinglePackageDetails(t *testing.T) { }, }, }, + { + fixture: "test-fixtures/empty-deps-and-provides", + expected: pkg.ApkMetadata{ + Package: "alpine-baselayout-data", + OriginPackage: "alpine-baselayout", + Version: "3.4.0-r0", + Description: "Alpine base dir structure and init scripts", + Maintainer: "Natanael Copa ", + License: "GPL-2.0-only", + Architecture: "x86_64", + URL: "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + Size: 11664, + InstalledSize: 77824, + Dependencies: []string{}, + Provides: []string{}, + Checksum: "Q15ffjKT28lB7iSXjzpI/eDdYRCwM=", + GitCommit: "bd965a7ebf7fd8f07d7a0cc0d7375bf3e4eb9b24", + Files: []pkg.ApkFileRecord{ + {Path: "/etc"}, + {Path: "/etc/fstab"}, + {Path: "/etc/group"}, + {Path: "/etc/hostname"}, + {Path: "/etc/hosts"}, + {Path: "/etc/inittab"}, + {Path: "/etc/modules"}, + {Path: "/etc/mtab", OwnerUID: "0", OwnerGID: "0", Permissions: "0777"}, + {Path: "/etc/nsswitch.conf"}, + {Path: "/etc/passwd"}, + {Path: "/etc/profile"}, + {Path: "/etc/protocols"}, + {Path: "/etc/services"}, + {Path: "/etc/shadow", OwnerUID: "0", OwnerGID: "148", Permissions: "0640"}, + {Path: "/etc/shells"}, + {Path: "/etc/sysctl.conf"}, + }, + }, + }, { fixture: "test-fixtures/base", expected: pkg.ApkMetadata{ diff --git a/syft/pkg/cataloger/apkdb/test-fixtures/empty-deps-and-provides b/syft/pkg/cataloger/apkdb/test-fixtures/empty-deps-and-provides new file mode 100644 index 00000000000..e1a1ebe7f2c --- /dev/null +++ b/syft/pkg/cataloger/apkdb/test-fixtures/empty-deps-and-provides @@ -0,0 +1,35 @@ +P:alpine-baselayout-data +V:3.4.0-r0 +A:x86_64 +L:GPL-2.0-only +T:Alpine base dir structure and init scripts +o:alpine-baselayout +m:Natanael Copa +U:https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout +D: +p: +c:bd965a7ebf7fd8f07d7a0cc0d7375bf3e4eb9b24 +i:[] +t:1667573027 +S:11664 +I:77824 +k:0 +C:Q15ffjKT28lB7iSXjzpI/eDdYRCwM= +F:etc +R:fstab +R:group +R:hostname +R:hosts +R:inittab +R:modules +R:mtab +a:0:0:0777 +R:nsswitch.conf +R:passwd +R:profile +R:protocols +R:services +R:shadow +a:0:148:0640 +R:shells +R:sysctl.conf