fix: rename expat checker

Rename expat checker to libexpat to make it more clear that the checker extracts libexpat version Fix #1694 Signed-off-by: Fabrice Fontaine <[email protected]>
intel · Aug 16, 2023 · 19cd04f · 19cd04f
1 parent e0fe54a
commit 19cd04f
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 12 deletions.
diff --git a/cve_bin_tool/checkers/README.md b/cve_bin_tool/checkers/README.md
@@ -342,7 +342,7 @@ $ sqlite3 ~/.cache/cve-bin-tool/cve.db \
 VPkg: apple, mac_os_x
 VPkg: canonical, ubuntu_linux
 VPkg: debian, debian_linux
-VPkg: libexpat, expat
+VPkg: libexpat_project, libexpat
 VPkg: mozilla, firefox
 VPkg: opensuse, leap
 VPkg: suse, linux_enterprise_debuginfo
@@ -351,8 +351,8 @@ VPkg: suse, linux_enterprise_debuginfo
 `VENDOR_PRODUCT` attribute should have list of tuples of vendor product pair
 found in the listings. Some of the listings will be with regards to products
 that include this product. For our example all listings except
-`libexpat, expat` merely include the target product (`expat` for the
-example SQL query).
+`libexpat_project, libexpat` merely include the target product (`libexpat` for
+the example SQL query).
 
 ## Helper-Script
 

diff --git a/cve_bin_tool/checkers/__init__.py b/cve_bin_tool/checkers/__init__.py
@@ -72,7 +72,6 @@
     "emacs",
     "exim",
     "exiv2",
-    "expat",
     "f2fs_tools",
     "faad2",
     "fastd",
@@ -140,6 +139,7 @@
     "libcurl",
     "libdb",
     "libebml",
+    "libexpat",
     "libgcrypt",
     "libgd",
     "libgit2",

diff --git a/cve_bin_tool/checkers/expat.py → cve_bin_tool/checkers/libexpat.py b/cve_bin_tool/checkers/expat.py → cve_bin_tool/checkers/libexpat.py
@@ -29,13 +29,12 @@
 from cve_bin_tool.checkers import Checker
 
 
-class ExpatChecker(Checker):
-    # FIXME: fix contains pattern
+class LibexpatChecker(Checker):
     CONTAINS_PATTERNS = [
         r"reserved prefix (xml) must not be undeclared or bound to another namespace name",
         r"cannot change setting once parsing has begun",
         "requested feature requires XML_DTD support in Expat",
     ]
-    FILENAME_PATTERNS = [r"expat"]
+    FILENAME_PATTERNS = [r"libexpat.so"]
     VERSION_PATTERNS = [r"expat_([012]+\.[0-9]+\.[0-9]+)"]
     VENDOR_PRODUCT = [("libexpat_project", "libexpat")]
diff --git a/cve_bin_tool/cli.py b/cve_bin_tool/cli.py
@@ -12,7 +12,7 @@
 
 """
 This tool scans for a number of common, vulnerable open source components
-(openssl, libpng, libxml2, expat and a few others) to let you know if your
+(openssl, libpng, libxml2, libexpat and a few others) to let you know if your
 system includes common libraries with known vulnerabilities.  It emits a list
 of CVE numbers that may be relevant to your binary based on the versions.
 There is a flag to enable information about backported fixes for specific
@@ -103,7 +103,7 @@ def main(argv=None):
         description=textwrap.dedent(
             """
             The CVE Binary Tool scans for a number of common, vulnerable open source
-            components (openssl, libpng, libxml2, expat and a few others) to let you know
+            components (openssl, libpng, libxml2, libexpat and a few others) to let you know
             if a given directory or binary file includes common libraries with known
             vulnerabilities.
             """

diff --git a/test/test_checkers.py b/test/test_checkers.py
@@ -71,7 +71,6 @@ def setup_class(cls):
             ("emacs", "emacs", ["emacs"]),
             ("emacs", "emacs-nox", ["emacs"]),
             ("emacs", "emacs-gtk", ["emacs"]),
-            ("expat", "libexpat.so", ["expat"]),
             ("ffmpeg", "libffmpeg.so", ["ffmpeg"]),
             ("gnutls_cli", "libgnutls.so", ["gnutls-cli"]),
             ("gnutls_serv", "gnutls-serv", ["gnutls-serv"]),
@@ -85,6 +84,7 @@ def setup_class(cls):
             ("kerberos", "kerberos", ["kerberos_5"]),
             ("libcurl", "libcurl.so.2.0", ["libcurl"]),
             ("libdb", "libdb-2.0.so", ["libdb"]),
+            ("libexpat", "libexpat.so", ["libexpat"]),
             ("libgcrypt", "libgcrypt.so.1.0", ["libgcrypt"]),
             ("libjpeg", "libjpg.so.2.0", ["libjpeg-turbo"]),
             ("libnss", "libnss.so.1.0", ["nss"]),

diff --git a/test/test_cli.py b/test/test_cli.py
@@ -198,7 +198,7 @@ def test_skips(self, caplog):
         test_path = str(Path(__file__).parent.resolve() / "csv")
 
         skip_checkers = ["systemd", "xerces", "xml2", "kerberos"]
-        include_checkers = ["expat", "libgcrypt", "openssl", "sqlite"]
+        include_checkers = ["libexpat", "libgcrypt", "openssl", "sqlite"]
         with caplog.at_level(logging.INFO):
             main(["cve-bin-tool", test_path, "-s", ",".join(skip_checkers)])
         self.check_checkers_log(caplog, skip_checkers, include_checkers)
@@ -212,7 +212,7 @@ def test_skips(self, caplog):
     def test_runs(self, caplog):
         test_path = str(Path(__file__).parent.resolve() / "csv")
 
-        runs = ["expat", "libgcrypt", "openssl", "sqlite"]
+        runs = ["libexpat", "libgcrypt", "openssl", "sqlite"]
         skip_checkers = ["systemd", "xerces", "xml2", "kerberos"]
         with caplog.at_level(logging.INFO):
             main(["cve-bin-tool", test_path, "-r", ",".join(runs)])

diff --git a/test/test_data/expat.py → test/test_data/libexpat.py b/test/test_data/expat.py → test/test_data/libexpat.py