fix: improve nghttp2 checker (#2991)

* fix: improve nghttp2 checker Improve nghttp2 checker to avoid false positives with node and wireshark binaries which link dynamically with nghttp2 library (and save the associated version number) Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com> * chore: merge conflict resolution --------- Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
intel · Jun 21, 2023 · 2bb8032 · 2bb8032
1 parent ff7f1cc
commit 2bb8032
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 4 deletions.
diff --git a/cve_bin_tool/checkers/nghttp2.py b/cve_bin_tool/checkers/nghttp2.py
@@ -18,6 +18,6 @@ class Nghttp2Checker(Checker):
     FILENAME_PATTERNS: list[str] = []
     VERSION_PATTERNS = [
         r"nghttp2/([0-9]+\.[0-9]+\.[0-9]+)",
-        r"([0-9]+\.[0-9]+\.[0-9]+)\r?\nnghttp2",
+        r"([0-9]+\.[0-9]+\.[0-9]+)\r?\nnghttp2[-_]",
     ]
     VENDOR_PRODUCT = [("nghttp2", "nghttp2")]
diff --git a/test/test_data/nghttp2.py b/test/test_data/nghttp2.py
@@ -3,7 +3,11 @@
 
 mapping_test_data = [
     {"product": "nghttp2", "version": "1.50.0", "version_strings": ["nghttp2/1.50.0"]},
-    {"product": "nghttp2", "version": "1.18.1", "version_strings": ["1.18.1\nnghttp2"]},
+    {
+        "product": "nghttp2",
+        "version": "1.18.1",
+        "version_strings": ["1.18.1\nnghttp2-"],
+    },
 ]
 package_test_data = [
     {

diff --git a/test/test_data/node.py b/test/test_data/node.py
@@ -27,6 +27,5 @@
         "package_name": "node_v8.16.1-1_x86_64.ipk",
         "product": "node.js",
         "version": "8.16.1",
-        "other_products": ["nghttp2"],
     },
 ]
diff --git a/test/test_data/wireshark.py b/test/test_data/wireshark.py
@@ -40,6 +40,6 @@
         "package_name": "libwireshark16_4.0.3-1_amd64.deb",
         "product": "wireshark",
         "version": "4.0.3",
-        "other_products": ["lua", "nghttp2"],
+        "other_products": ["lua"],
     },
 ]