diff --git a/analyzer/all/import.go b/analyzer/all/import.go index 5f9203ae3..879c1a233 100644 --- a/analyzer/all/import.go +++ b/analyzer/all/import.go @@ -21,6 +21,7 @@ import ( _ "github.com/aquasecurity/fanal/analyzer/language/rust/cargo" _ "github.com/aquasecurity/fanal/analyzer/os/alpine" _ "github.com/aquasecurity/fanal/analyzer/os/amazonlinux" + _ "github.com/aquasecurity/fanal/analyzer/os/archlinux" _ "github.com/aquasecurity/fanal/analyzer/os/debian" _ "github.com/aquasecurity/fanal/analyzer/os/mariner" _ "github.com/aquasecurity/fanal/analyzer/os/photon" @@ -29,5 +30,6 @@ import ( _ "github.com/aquasecurity/fanal/analyzer/os/ubuntu" _ "github.com/aquasecurity/fanal/analyzer/pkg/apk" _ "github.com/aquasecurity/fanal/analyzer/pkg/dpkg" + _ "github.com/aquasecurity/fanal/analyzer/pkg/pacman" _ "github.com/aquasecurity/fanal/analyzer/pkg/rpm" ) diff --git a/analyzer/const.go b/analyzer/const.go index 3d1bcdb67..abe379451 100644 --- a/analyzer/const.go +++ b/analyzer/const.go @@ -8,6 +8,7 @@ const ( // ====== TypeAlpine Type = "alpine" TypeAmazon Type = "amazon" + TypeArch Type = "arch" TypeCBLMariner Type = "cbl-mariner" TypeDebian Type = "debian" TypePhoton Type = "photon" @@ -21,9 +22,10 @@ const ( TypeUbuntu Type = "ubuntu" // OS Package - TypeApk Type = "apk" - TypeDpkg Type = "dpkg" - TypeRpm Type = "rpm" + TypeApk Type = "apk" + TypeDpkg Type = "dpkg" + TypePacman Type = "pacman" + TypeRpm Type = "rpm" // ============================ // Programming Language Package diff --git a/analyzer/os/archlinux/archlinux.go b/analyzer/os/archlinux/archlinux.go new file mode 100644 index 000000000..590e358a2 --- /dev/null +++ b/analyzer/os/archlinux/archlinux.go @@ -0,0 +1,55 @@ +package archlinux + +import ( + "bufio" + "context" + "os" + "strings" + + "github.com/aquasecurity/fanal/analyzer" + aos "github.com/aquasecurity/fanal/analyzer/os" + "github.com/aquasecurity/fanal/types" + "github.com/aquasecurity/fanal/utils" + "golang.org/x/xerrors" +) + +func init() { + analyzer.RegisterAnalyzer(&archlinuxOSAnalyzer{}) +} + +const version = 1 + +var requiredFiles = []string{ + "usr/lib/os-release", + "etc/os-release", +} + +type archlinuxOSAnalyzer struct{} + +func (a archlinuxOSAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) { + scanner := bufio.NewScanner(input.Content) + for scanner.Scan() { + line := scanner.Text() + if strings.HasPrefix(line, "NAME=\"Arch Linux") { + return &analyzer.AnalysisResult{ + OS: &types.OS{ + Family: aos.Arch, + Name: "Arch Linux", + }, + }, nil + } + } + return nil, xerrors.Errorf("arch: %w", aos.AnalyzeOSError) +} + +func (a archlinuxOSAnalyzer) Required(filePath string, _ os.FileInfo) bool { + return utils.StringInSlice(filePath, requiredFiles) +} + +func (a archlinuxOSAnalyzer) Type() analyzer.Type { + return analyzer.TypeArch +} + +func (a archlinuxOSAnalyzer) Version() int { + return version +} diff --git a/analyzer/os/archlinux/archlinux_test.go b/analyzer/os/archlinux/archlinux_test.go new file mode 100644 index 000000000..7cc8c9a7f --- /dev/null +++ b/analyzer/os/archlinux/archlinux_test.go @@ -0,0 +1,57 @@ +package archlinux + +import ( + "context" + "os" + "testing" + + "github.com/aquasecurity/fanal/analyzer" + aos "github.com/aquasecurity/fanal/analyzer/os" + "github.com/aquasecurity/fanal/types" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func Test_archlinuxOSAnalyzer_Analyze(t *testing.T) { + tests := []struct { + name string + inputFile string + want *analyzer.AnalysisResult + wantErr string + }{ + { + name: "happy path with ArchLinux", + inputFile: "testdata/archlinux/os-release", + want: &analyzer.AnalysisResult{ + OS: &types.OS{Family: aos.Arch, Name: "Arch Linux"}, + }, + }, + { + name: "sad path", + inputFile: "testdata/not_archlinux/os-release", + wantErr: "arch: unable to analyze OS information", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + a := archlinuxOSAnalyzer{} + f, err := os.Open(tt.inputFile) + require.NoError(t, err) + defer f.Close() + + ctx := context.Background() + + got, err := a.Analyze(ctx, analyzer.AnalysisInput{ + FilePath: "etc/os-release", + Content: f, + }) + if tt.wantErr != "" { + require.Error(t, err) + assert.Contains(t, err.Error(), tt.wantErr) + return + } + require.NoError(t, err) + assert.Equal(t, tt.want, got) + }) + } +} diff --git a/analyzer/os/archlinux/testdata/archlinux/os-release b/analyzer/os/archlinux/testdata/archlinux/os-release new file mode 100644 index 000000000..1ebbef58a --- /dev/null +++ b/analyzer/os/archlinux/testdata/archlinux/os-release @@ -0,0 +1,10 @@ +NAME="Arch Linux" +PRETTY_NAME="Arch Linux" +ID=arch +BUILD_ID=rolling +ANSI_COLOR="38;2;23;147;209" +HOME_URL="https://archlinux.org/" +DOCUMENTATION_URL="https://wiki.archlinux.org/" +SUPPORT_URL="https://bbs.archlinux.org/" +BUG_REPORT_URL="https://bugs.archlinux.org/" +LOGO=archlinux \ No newline at end of file diff --git a/analyzer/os/archlinux/testdata/not_archlinux/os-release b/analyzer/os/archlinux/testdata/not_archlinux/os-release new file mode 100644 index 000000000..574c7bd1e --- /dev/null +++ b/analyzer/os/archlinux/testdata/not_archlinux/os-release @@ -0,0 +1 @@ +Red Hat Linux release 6.2 (Zoot) diff --git a/analyzer/os/const.go b/analyzer/os/const.go index d1c0813b0..82d5a5654 100644 --- a/analyzer/os/const.go +++ b/analyzer/os/const.go @@ -57,6 +57,9 @@ const ( // Alpine is done Alpine = "alpine" + + // Arch is done + Arch = "arch" ) var AnalyzeOSError = xerrors.New("unable to analyze OS information") diff --git a/analyzer/pkg/pacman/pacman.go b/analyzer/pkg/pacman/pacman.go new file mode 100644 index 000000000..354c03af3 --- /dev/null +++ b/analyzer/pkg/pacman/pacman.go @@ -0,0 +1,163 @@ +package pacman + +import ( + "bufio" + "context" + "log" + "os" + "path/filepath" + "strconv" + "strings" + + pacmanVersion "github.com/MaineK00n/go-pacman-version" + + "github.com/aquasecurity/fanal/analyzer" + "github.com/aquasecurity/fanal/types" + "golang.org/x/xerrors" +) + +func init() { + analyzer.RegisterAnalyzer(&pacmanAnalyzer{}) +} + +const version = 1 + +const installDir = "var/lib/pacman/local/" + +type pacmanAnalyzer struct{} + +func (a pacmanAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) { + scanner := bufio.NewScanner(input.Content) + dir, fileName := filepath.Split(input.FilePath) + if !strings.HasPrefix(dir, installDir) { + return nil, nil + } + if fileName == "desc" { + pkg, err := a.parsePacmanPkgDesc(scanner) + if err != nil { + return nil, xerrors.Errorf("failed to parse desc: %w", err) + } + return &analyzer.AnalysisResult{ + PackageInfos: []types.PackageInfo{ + {FilePath: input.FilePath, Packages: []types.Package{pkg}}, + }, + }, nil + } + if fileName == "files" { + result, err := a.parsePacmanPkgFiles(scanner) + if err != nil { + return nil, xerrors.Errorf("failed to parse files: %w", err) + } + return result, nil + } + return nil, nil +} + +func (a pacmanAnalyzer) parsePacmanPkgDesc(scanner *bufio.Scanner) (types.Package, error) { + var pkg types.Package + for scanner.Scan() { + line := scanner.Text() + if strings.HasPrefix(line, "%NAME%") { + if scanner.Scan() { + pkg.Name = scanner.Text() + } + } else if strings.HasPrefix(line, "%VERSION%") { + if scanner.Scan() { + version := scanner.Text() + if !pacmanVersion.Valid(version) { + log.Printf("Invalid Version Found : OS %s, Package %s, Version %s", "arch", pkg.Name, version) + continue + } + splitted := strings.SplitN(version, ":", 2) + if len(splitted) == 1 { + pkg.Epoch = 0 + version = splitted[0] + } else { + var err error + pkg.Epoch, err = strconv.Atoi(splitted[0]) + if err != nil { + return types.Package{}, xerrors.Errorf("failed to convert epoch: %w", err) + } + + if pkg.Epoch < 0 { + return types.Package{}, xerrors.Errorf("epoch is negative") + } + version = splitted[1] + } + + index := strings.Index(version, "-") + if index >= 0 { + ver := version[:index] + rel := version[index+1:] + pkg.Version = ver + pkg.Release = rel + pkg.SrcVersion = ver + pkg.SrcRelease = rel + } else { + pkg.Version = version + pkg.SrcVersion = version + } + } + } else if strings.HasPrefix(line, "%BASE%") { + if scanner.Scan() { + pkg.SrcName = scanner.Text() + } + } else if strings.HasPrefix(line, "%ARCH%") { + if scanner.Scan() { + pkg.Arch = scanner.Text() + } + } else if strings.HasPrefix(line, "%LICENSE%") { + if scanner.Scan() { + pkg.License = scanner.Text() + } + } + } + + if err := scanner.Err(); err != nil { + return types.Package{}, xerrors.Errorf("scan error: %w", err) + } + + return pkg, nil +} + +// parsePacmanPkgFiles parses /var/lib/pacman/local/*/files +func (a pacmanAnalyzer) parsePacmanPkgFiles(scanner *bufio.Scanner) (*analyzer.AnalysisResult, error) { + var installedFiles []string + for scanner.Scan() { + line := scanner.Text() + if strings.HasPrefix(line, "%FILES%") { + continue + } + if strings.HasPrefix(line, "%BACKUP%") { + break + } + + if _, fileName := filepath.Split(line); fileName != "" { + installedFiles = append(installedFiles, line) + } + } + + if err := scanner.Err(); err != nil { + return nil, xerrors.Errorf("scan error: %w", err) + } + + return &analyzer.AnalysisResult{ + SystemInstalledFiles: installedFiles, + }, nil +} + +func (a pacmanAnalyzer) Required(filePath string, _ os.FileInfo) bool { + dir, fileName := filepath.Split(filePath) + if !strings.HasPrefix(dir, installDir) { + return false + } + return fileName == "desc" || fileName == "files" +} + +func (a pacmanAnalyzer) Type() analyzer.Type { + return analyzer.TypePacman +} + +func (a pacmanAnalyzer) Version() int { + return version +} diff --git a/analyzer/pkg/pacman/pacman_test.go b/analyzer/pkg/pacman/pacman_test.go new file mode 100644 index 000000000..920b622d1 --- /dev/null +++ b/analyzer/pkg/pacman/pacman_test.go @@ -0,0 +1,224 @@ +package pacman + +import ( + "context" + "os" + "testing" + + "github.com/aquasecurity/fanal/analyzer" + "github.com/aquasecurity/fanal/types" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func Test_pacmanAnalyzer_Analyze(t *testing.T) { + tests := []struct { + name string + testFile string + filepath string + want *analyzer.AnalysisResult + }{ + { + name: "valid desc", + testFile: "./testdata/bash-5.1.008-1/desc", + filepath: "var/lib/pacman/local/bash-5.1.008-1/desc", + want: &analyzer.AnalysisResult{ + PackageInfos: []types.PackageInfo{ + { + FilePath: "var/lib/pacman/local/bash-5.1.008-1/desc", + Packages: []types.Package{ + {Name: "bash", Version: "5.1.008", Release: "1", SrcName: "bash", SrcVersion: "5.1.008", SrcRelease: "1", Arch: "x86_64", License: "GPL"}, + }, + }, + }, + }, + }, + { + name: "valid files", + testFile: "./testdata/bash-5.1.008-1/files", + filepath: "var/lib/pacman/local/bash-5.1.008-1/files", + want: &analyzer.AnalysisResult{ + SystemInstalledFiles: []string{ + "etc/bash.bash_logout", + "etc/bash.bashrc", + "etc/skel/.bash_logout", + "etc/skel/.bash_profile", + "etc/skel/.bashrc", + "usr/bin/bash", + "usr/bin/bashbug", + "usr/bin/sh", + "usr/include/bash/alias.h", + "usr/include/bash/array.h", + "usr/include/bash/arrayfunc.h", + "usr/include/bash/assoc.h", + "usr/include/bash/bashansi.h", + "usr/include/bash/bashintl.h", + "usr/include/bash/bashjmp.h", + "usr/include/bash/bashtypes.h", + "usr/include/bash/builtins.h", + "usr/include/bash/builtins/bashgetopt.h", + "usr/include/bash/builtins/builtext.h", + "usr/include/bash/builtins/common.h", + "usr/include/bash/builtins/getopt.h", + "usr/include/bash/command.h", + "usr/include/bash/config-bot.h", + "usr/include/bash/config-top.h", + "usr/include/bash/config.h", + "usr/include/bash/conftypes.h", + "usr/include/bash/dispose_cmd.h", + "usr/include/bash/error.h", + "usr/include/bash/externs.h", + "usr/include/bash/general.h", + "usr/include/bash/hashlib.h", + "usr/include/bash/include/ansi_stdlib.h", + "usr/include/bash/include/chartypes.h", + "usr/include/bash/include/filecntl.h", + "usr/include/bash/include/gettext.h", + "usr/include/bash/include/maxpath.h", + "usr/include/bash/include/memalloc.h", + "usr/include/bash/include/ocache.h", + "usr/include/bash/include/posixdir.h", + "usr/include/bash/include/posixjmp.h", + "usr/include/bash/include/posixstat.h", + "usr/include/bash/include/posixtime.h", + "usr/include/bash/include/posixwait.h", + "usr/include/bash/include/shmbchar.h", + "usr/include/bash/include/shmbutil.h", + "usr/include/bash/include/shtty.h", + "usr/include/bash/include/stat-time.h", + "usr/include/bash/include/stdc.h", + "usr/include/bash/include/systimes.h", + "usr/include/bash/include/typemax.h", + "usr/include/bash/include/unionwait.h", + "usr/include/bash/jobs.h", + "usr/include/bash/make_cmd.h", + "usr/include/bash/pathnames.h", + "usr/include/bash/quit.h", + "usr/include/bash/shell.h", + "usr/include/bash/sig.h", + "usr/include/bash/siglist.h", + "usr/include/bash/signames.h", + "usr/include/bash/subst.h", + "usr/include/bash/syntax.h", + "usr/include/bash/unwind_prot.h", + "usr/include/bash/variables.h", + "usr/include/bash/version.h", + "usr/include/bash/xmalloc.h", + "usr/include/bash/y.tab.h", + "usr/lib/bash/Makefile.inc", + "usr/lib/bash/accept", + "usr/lib/bash/basename", + "usr/lib/bash/csv", + "usr/lib/bash/cut", + "usr/lib/bash/dirname", + "usr/lib/bash/fdflags", + "usr/lib/bash/finfo", + "usr/lib/bash/head", + "usr/lib/bash/id", + "usr/lib/bash/ln", + "usr/lib/bash/loadables.h", + "usr/lib/bash/logname", + "usr/lib/bash/mkdir", + "usr/lib/bash/mkfifo", + "usr/lib/bash/mktemp", + "usr/lib/bash/mypid", + "usr/lib/bash/pathchk", + "usr/lib/bash/print", + "usr/lib/bash/printenv", + "usr/lib/bash/push", + "usr/lib/bash/realpath", + "usr/lib/bash/rm", + "usr/lib/bash/rmdir", + "usr/lib/bash/seq", + "usr/lib/bash/setpgid", + "usr/lib/bash/sleep", + "usr/lib/bash/strftime", + "usr/lib/bash/sync", + "usr/lib/bash/tee", + "usr/lib/bash/truefalse", + "usr/lib/bash/tty", + "usr/lib/bash/uname", + "usr/lib/bash/unlink", + "usr/lib/bash/whoami", + "usr/lib/pkgconfig/bash.pc", + "usr/share/doc/bash/CHANGES", + "usr/share/doc/bash/COMPAT", + "usr/share/doc/bash/FAQ", + "usr/share/doc/bash/INTRO", + "usr/share/doc/bash/NEWS", + "usr/share/doc/bash/POSIX", + "usr/share/doc/bash/RBASH", + "usr/share/doc/bash/README", + "usr/share/doc/bash/bash.html", + "usr/share/doc/bash/bashref.html", + "usr/share/info/bash.info.gz", + "usr/share/locale/af/LC_MESSAGES/bash.mo", + "usr/share/locale/bg/LC_MESSAGES/bash.mo", + "usr/share/locale/ca/LC_MESSAGES/bash.mo", + "usr/share/locale/cs/LC_MESSAGES/bash.mo", + "usr/share/locale/da/LC_MESSAGES/bash.mo", + "usr/share/locale/de/LC_MESSAGES/bash.mo", + "usr/share/locale/el/LC_MESSAGES/bash.mo", + "usr/share/locale/en@boldquot/LC_MESSAGES/bash.mo", + "usr/share/locale/en@quot/LC_MESSAGES/bash.mo", + "usr/share/locale/eo/LC_MESSAGES/bash.mo", + "usr/share/locale/es/LC_MESSAGES/bash.mo", + "usr/share/locale/et/LC_MESSAGES/bash.mo", + "usr/share/locale/fi/LC_MESSAGES/bash.mo", + "usr/share/locale/fr/LC_MESSAGES/bash.mo", + "usr/share/locale/ga/LC_MESSAGES/bash.mo", + "usr/share/locale/gl/LC_MESSAGES/bash.mo", + "usr/share/locale/hr/LC_MESSAGES/bash.mo", + "usr/share/locale/hu/LC_MESSAGES/bash.mo", + "usr/share/locale/id/LC_MESSAGES/bash.mo", + "usr/share/locale/it/LC_MESSAGES/bash.mo", + "usr/share/locale/ja/LC_MESSAGES/bash.mo", + "usr/share/locale/ko/LC_MESSAGES/bash.mo", + "usr/share/locale/lt/LC_MESSAGES/bash.mo", + "usr/share/locale/nb/LC_MESSAGES/bash.mo", + "usr/share/locale/nl/LC_MESSAGES/bash.mo", + "usr/share/locale/pl/LC_MESSAGES/bash.mo", + "usr/share/locale/pt/LC_MESSAGES/bash.mo", + "usr/share/locale/pt_BR/LC_MESSAGES/bash.mo", + "usr/share/locale/ro/LC_MESSAGES/bash.mo", + "usr/share/locale/ru/LC_MESSAGES/bash.mo", + "usr/share/locale/sk/LC_MESSAGES/bash.mo", + "usr/share/locale/sl/LC_MESSAGES/bash.mo", + "usr/share/locale/sr/LC_MESSAGES/bash.mo", + "usr/share/locale/sv/LC_MESSAGES/bash.mo", + "usr/share/locale/tr/LC_MESSAGES/bash.mo", + "usr/share/locale/uk/LC_MESSAGES/bash.mo", + "usr/share/locale/vi/LC_MESSAGES/bash.mo", + "usr/share/locale/zh_CN/LC_MESSAGES/bash.mo", + "usr/share/locale/zh_TW/LC_MESSAGES/bash.mo", + "usr/share/man/man1/bash.1.gz", + "usr/share/man/man1/bashbug.1.gz", + }, + }, + }, + { + name: "valid mtree", + testFile: "./testdata/bash-5.1.008-1/mtree", + filepath: "var/lib/pacman/local/bash-5.1.008-1/mtree", + want: nil, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + f, err := os.Open(tt.testFile) + require.NoError(t, err) + defer f.Close() + + ctx := context.Background() + + a := pacmanAnalyzer{} + got, err := a.Analyze(ctx, analyzer.AnalysisInput{ + FilePath: tt.filepath, + Content: f, + }) + require.NoError(t, err) + + assert.Equal(t, tt.want, got) + }) + } +} diff --git a/analyzer/pkg/pacman/testdata/bash-5.1.008-1/desc b/analyzer/pkg/pacman/testdata/bash-5.1.008-1/desc new file mode 100644 index 000000000..14a03c959 --- /dev/null +++ b/analyzer/pkg/pacman/testdata/bash-5.1.008-1/desc @@ -0,0 +1,51 @@ +%NAME% +bash + +%VERSION% +5.1.008-1 + +%BASE% +bash + +%DESC% +The GNU Bourne Again shell + +%URL% +https://www.gnu.org/software/bash/bash.html + +%ARCH% +x86_64 + +%BUILDDATE% +1620554015 + +%INSTALLDATE% +1631696657 + +%PACKAGER% +Levente Polyak + +%SIZE% +8596907 + +%REASON% +1 + +%LICENSE% +GPL + +%VALIDATION% +pgp + +%DEPENDS% +readline +libreadline.so=8-64 +glibc +ncurses + +%OPTDEPENDS% +bash-completion: for tab completion + +%PROVIDES% +sh + diff --git a/analyzer/pkg/pacman/testdata/bash-5.1.008-1/files b/analyzer/pkg/pacman/testdata/bash-5.1.008-1/files new file mode 100644 index 000000000..de6e8f09c --- /dev/null +++ b/analyzer/pkg/pacman/testdata/bash-5.1.008-1/files @@ -0,0 +1,259 @@ +%FILES% +etc/ +etc/bash.bash_logout +etc/bash.bashrc +etc/skel/ +etc/skel/.bash_logout +etc/skel/.bash_profile +etc/skel/.bashrc +usr/ +usr/bin/ +usr/bin/bash +usr/bin/bashbug +usr/bin/sh +usr/include/ +usr/include/bash/ +usr/include/bash/alias.h +usr/include/bash/array.h +usr/include/bash/arrayfunc.h +usr/include/bash/assoc.h +usr/include/bash/bashansi.h +usr/include/bash/bashintl.h +usr/include/bash/bashjmp.h +usr/include/bash/bashtypes.h +usr/include/bash/builtins.h +usr/include/bash/builtins/ +usr/include/bash/builtins/bashgetopt.h +usr/include/bash/builtins/builtext.h +usr/include/bash/builtins/common.h +usr/include/bash/builtins/getopt.h +usr/include/bash/command.h +usr/include/bash/config-bot.h +usr/include/bash/config-top.h +usr/include/bash/config.h +usr/include/bash/conftypes.h +usr/include/bash/dispose_cmd.h +usr/include/bash/error.h +usr/include/bash/externs.h +usr/include/bash/general.h +usr/include/bash/hashlib.h +usr/include/bash/include/ +usr/include/bash/include/ansi_stdlib.h +usr/include/bash/include/chartypes.h +usr/include/bash/include/filecntl.h +usr/include/bash/include/gettext.h +usr/include/bash/include/maxpath.h +usr/include/bash/include/memalloc.h +usr/include/bash/include/ocache.h +usr/include/bash/include/posixdir.h +usr/include/bash/include/posixjmp.h +usr/include/bash/include/posixstat.h +usr/include/bash/include/posixtime.h +usr/include/bash/include/posixwait.h +usr/include/bash/include/shmbchar.h +usr/include/bash/include/shmbutil.h +usr/include/bash/include/shtty.h +usr/include/bash/include/stat-time.h +usr/include/bash/include/stdc.h +usr/include/bash/include/systimes.h +usr/include/bash/include/typemax.h +usr/include/bash/include/unionwait.h +usr/include/bash/jobs.h +usr/include/bash/make_cmd.h +usr/include/bash/pathnames.h +usr/include/bash/quit.h +usr/include/bash/shell.h +usr/include/bash/sig.h +usr/include/bash/siglist.h +usr/include/bash/signames.h +usr/include/bash/subst.h +usr/include/bash/syntax.h +usr/include/bash/unwind_prot.h +usr/include/bash/variables.h +usr/include/bash/version.h +usr/include/bash/xmalloc.h +usr/include/bash/y.tab.h +usr/lib/ +usr/lib/bash/ +usr/lib/bash/Makefile.inc +usr/lib/bash/accept +usr/lib/bash/basename +usr/lib/bash/csv +usr/lib/bash/cut +usr/lib/bash/dirname +usr/lib/bash/fdflags +usr/lib/bash/finfo +usr/lib/bash/head +usr/lib/bash/id +usr/lib/bash/ln +usr/lib/bash/loadables.h +usr/lib/bash/logname +usr/lib/bash/mkdir +usr/lib/bash/mkfifo +usr/lib/bash/mktemp +usr/lib/bash/mypid +usr/lib/bash/pathchk +usr/lib/bash/print +usr/lib/bash/printenv +usr/lib/bash/push +usr/lib/bash/realpath +usr/lib/bash/rm +usr/lib/bash/rmdir +usr/lib/bash/seq +usr/lib/bash/setpgid +usr/lib/bash/sleep +usr/lib/bash/strftime +usr/lib/bash/sync +usr/lib/bash/tee +usr/lib/bash/truefalse +usr/lib/bash/tty +usr/lib/bash/uname +usr/lib/bash/unlink +usr/lib/bash/whoami +usr/lib/pkgconfig/ +usr/lib/pkgconfig/bash.pc +usr/share/ +usr/share/doc/ +usr/share/doc/bash/ +usr/share/doc/bash/CHANGES +usr/share/doc/bash/COMPAT +usr/share/doc/bash/FAQ +usr/share/doc/bash/INTRO +usr/share/doc/bash/NEWS +usr/share/doc/bash/POSIX +usr/share/doc/bash/RBASH +usr/share/doc/bash/README +usr/share/doc/bash/bash.html +usr/share/doc/bash/bashref.html +usr/share/info/ +usr/share/info/bash.info.gz +usr/share/locale/ +usr/share/locale/af/ +usr/share/locale/af/LC_MESSAGES/ +usr/share/locale/af/LC_MESSAGES/bash.mo +usr/share/locale/bg/ +usr/share/locale/bg/LC_MESSAGES/ +usr/share/locale/bg/LC_MESSAGES/bash.mo +usr/share/locale/ca/ +usr/share/locale/ca/LC_MESSAGES/ +usr/share/locale/ca/LC_MESSAGES/bash.mo +usr/share/locale/cs/ +usr/share/locale/cs/LC_MESSAGES/ +usr/share/locale/cs/LC_MESSAGES/bash.mo +usr/share/locale/da/ +usr/share/locale/da/LC_MESSAGES/ +usr/share/locale/da/LC_MESSAGES/bash.mo +usr/share/locale/de/ +usr/share/locale/de/LC_MESSAGES/ +usr/share/locale/de/LC_MESSAGES/bash.mo +usr/share/locale/el/ +usr/share/locale/el/LC_MESSAGES/ +usr/share/locale/el/LC_MESSAGES/bash.mo +usr/share/locale/en@boldquot/ +usr/share/locale/en@boldquot/LC_MESSAGES/ +usr/share/locale/en@boldquot/LC_MESSAGES/bash.mo +usr/share/locale/en@quot/ +usr/share/locale/en@quot/LC_MESSAGES/ +usr/share/locale/en@quot/LC_MESSAGES/bash.mo +usr/share/locale/eo/ +usr/share/locale/eo/LC_MESSAGES/ +usr/share/locale/eo/LC_MESSAGES/bash.mo +usr/share/locale/es/ +usr/share/locale/es/LC_MESSAGES/ +usr/share/locale/es/LC_MESSAGES/bash.mo +usr/share/locale/et/ +usr/share/locale/et/LC_MESSAGES/ +usr/share/locale/et/LC_MESSAGES/bash.mo +usr/share/locale/fi/ +usr/share/locale/fi/LC_MESSAGES/ +usr/share/locale/fi/LC_MESSAGES/bash.mo +usr/share/locale/fr/ +usr/share/locale/fr/LC_MESSAGES/ +usr/share/locale/fr/LC_MESSAGES/bash.mo +usr/share/locale/ga/ +usr/share/locale/ga/LC_MESSAGES/ +usr/share/locale/ga/LC_MESSAGES/bash.mo +usr/share/locale/gl/ +usr/share/locale/gl/LC_MESSAGES/ +usr/share/locale/gl/LC_MESSAGES/bash.mo +usr/share/locale/hr/ +usr/share/locale/hr/LC_MESSAGES/ +usr/share/locale/hr/LC_MESSAGES/bash.mo +usr/share/locale/hu/ +usr/share/locale/hu/LC_MESSAGES/ +usr/share/locale/hu/LC_MESSAGES/bash.mo +usr/share/locale/id/ +usr/share/locale/id/LC_MESSAGES/ +usr/share/locale/id/LC_MESSAGES/bash.mo +usr/share/locale/it/ +usr/share/locale/it/LC_MESSAGES/ +usr/share/locale/it/LC_MESSAGES/bash.mo +usr/share/locale/ja/ +usr/share/locale/ja/LC_MESSAGES/ +usr/share/locale/ja/LC_MESSAGES/bash.mo +usr/share/locale/ko/ +usr/share/locale/ko/LC_MESSAGES/ +usr/share/locale/ko/LC_MESSAGES/bash.mo +usr/share/locale/lt/ +usr/share/locale/lt/LC_MESSAGES/ +usr/share/locale/lt/LC_MESSAGES/bash.mo +usr/share/locale/nb/ +usr/share/locale/nb/LC_MESSAGES/ +usr/share/locale/nb/LC_MESSAGES/bash.mo +usr/share/locale/nl/ +usr/share/locale/nl/LC_MESSAGES/ +usr/share/locale/nl/LC_MESSAGES/bash.mo +usr/share/locale/pl/ +usr/share/locale/pl/LC_MESSAGES/ +usr/share/locale/pl/LC_MESSAGES/bash.mo +usr/share/locale/pt/ +usr/share/locale/pt/LC_MESSAGES/ +usr/share/locale/pt/LC_MESSAGES/bash.mo +usr/share/locale/pt_BR/ +usr/share/locale/pt_BR/LC_MESSAGES/ +usr/share/locale/pt_BR/LC_MESSAGES/bash.mo +usr/share/locale/ro/ +usr/share/locale/ro/LC_MESSAGES/ +usr/share/locale/ro/LC_MESSAGES/bash.mo +usr/share/locale/ru/ +usr/share/locale/ru/LC_MESSAGES/ +usr/share/locale/ru/LC_MESSAGES/bash.mo +usr/share/locale/sk/ +usr/share/locale/sk/LC_MESSAGES/ +usr/share/locale/sk/LC_MESSAGES/bash.mo +usr/share/locale/sl/ +usr/share/locale/sl/LC_MESSAGES/ +usr/share/locale/sl/LC_MESSAGES/bash.mo +usr/share/locale/sr/ +usr/share/locale/sr/LC_MESSAGES/ +usr/share/locale/sr/LC_MESSAGES/bash.mo +usr/share/locale/sv/ +usr/share/locale/sv/LC_MESSAGES/ +usr/share/locale/sv/LC_MESSAGES/bash.mo +usr/share/locale/tr/ +usr/share/locale/tr/LC_MESSAGES/ +usr/share/locale/tr/LC_MESSAGES/bash.mo +usr/share/locale/uk/ +usr/share/locale/uk/LC_MESSAGES/ +usr/share/locale/uk/LC_MESSAGES/bash.mo +usr/share/locale/vi/ +usr/share/locale/vi/LC_MESSAGES/ +usr/share/locale/vi/LC_MESSAGES/bash.mo +usr/share/locale/zh_CN/ +usr/share/locale/zh_CN/LC_MESSAGES/ +usr/share/locale/zh_CN/LC_MESSAGES/bash.mo +usr/share/locale/zh_TW/ +usr/share/locale/zh_TW/LC_MESSAGES/ +usr/share/locale/zh_TW/LC_MESSAGES/bash.mo +usr/share/man/ +usr/share/man/man1/ +usr/share/man/man1/bash.1.gz +usr/share/man/man1/bashbug.1.gz + +%BACKUP% +etc/bash.bashrc d8f3f334e72c0e30032eae1a1229aef1 +etc/bash.bash_logout 472f536d7c9e8250dc4568ec4cfaf294 +etc/skel/.bashrc 027d6bd8f5f6a06b75bb7698cb478089 +etc/skel/.bash_profile 2902e0fee7a9168f3a4fd2ccd60ff047 +etc/skel/.bash_logout 42f4400ed2314bd7519c020d0187edc5 + diff --git a/analyzer/pkg/pacman/testdata/bash-5.1.008-1/mtree b/analyzer/pkg/pacman/testdata/bash-5.1.008-1/mtree new file mode 100644 index 000000000..b173e9038 Binary files /dev/null and b/analyzer/pkg/pacman/testdata/bash-5.1.008-1/mtree differ diff --git a/go.mod b/go.mod index 58475b1b5..ecf2a4998 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 github.com/BurntSushi/toml v1.0.0 github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0 + github.com/MaineK00n/go-pacman-version v0.0.0-20210916231937-19e87b7d7184 github.com/alicebob/miniredis/v2 v2.18.0 github.com/aquasecurity/defsec v0.14.0 github.com/aquasecurity/go-dep-parser v0.0.0-20220302151315-ff6d77c26988 diff --git a/go.sum b/go.sum index c4d59a1cb..297da4825 100644 --- a/go.sum +++ b/go.sum @@ -143,6 +143,8 @@ github.com/GoogleCloudPlatform/cloudsql-proxy v0.0.0-20191009163259-e802c2cb94ae github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0 h1:wykTgKwhVr2t2qs+xI020s6W5dt614QqCHV+7W9dg64= github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs= github.com/GoogleCloudPlatform/k8s-cloud-provider v0.0.0-20190822182118-27a4ced34534/go.mod h1:iroGtC8B3tQiqtds1l+mgk/BBOrxbqjH+eUfFQYRc14= +github.com/MaineK00n/go-pacman-version v0.0.0-20210916231937-19e87b7d7184 h1:enu2psM1AcUsNx36T+X13lcy2kmFFV4kwCMmL7i4yiQ= +github.com/MaineK00n/go-pacman-version v0.0.0-20210916231937-19e87b7d7184/go.mod h1:iMNOZ59Aouwx++SN7zGEi8yB9JTd+ZwYufdnC02mjd4= github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver/v3 v3.0.3/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= github.com/Masterminds/semver/v3 v3.1.0/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=