fix: improve openssl checker (#3569)

ffontaine · web-flow · commit a25514068251 · 2023-12-12T11:15:38.000-08:00
Update openssl pattern to catch version on 'exotic' library

Signed-off-by: Fabrice Fontaine &lt;fabrice.fontaine@orange.com&gt;
diff --git a/cve_bin_tool/checkers/openssl.py b/cve_bin_tool/checkers/openssl.py
@@ -18,7 +18,7 @@ class OpensslChecker(Checker):
     CONTAINS_PATTERNS = [r"part of OpenSSL", r"openssl.cnf", r"-DOPENSSL_"]
     FILENAME_PATTERNS = [r"libssl.so.", r"libcrypto.so"]
     VERSION_PATTERNS = [
-        r"OpenSSL ([0-9]+\.[0-9]+\.[0-9]+[a-z]*) [a-zA-Z0-9 ]+\r?\n(?:%s \(Library: %s\)|[a-zA-Z0-9: \-\r\n]*OPENSSLDIR|ssl)",
+        r"OpenSSL ([0-9]+\.[0-9]+\.[0-9]+[a-z]*) [a-zA-Z0-9 ]+\r?\n(?:%s \(Library: %s\)|[a-zA-Z0-9:, \-\r\n]*OPENSSLDIR|ssl)",
         r"%s \(Library: %s\)\r?\nOpenSSL ([0-9]+\.[0-9]+\.[0-9]+[a-z]*) [a-zA-Z0-9 ]+",
     ]
     VENDOR_PRODUCT = [("openssl", "openssl")]

Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ class OpensslChecker(Checker):`
`18`	`18`	`CONTAINS_PATTERNS = [r"part of OpenSSL", r"openssl.cnf", r"-DOPENSSL_"]`
`19`	`19`	`FILENAME_PATTERNS = [r"libssl.so.", r"libcrypto.so"]`
`20`	`20`	`VERSION_PATTERNS = [`
`21`		`- r"OpenSSL ([0-9]+\.[0-9]+\.[0-9]+[a-z]) [a-zA-Z0-9 ]+\r?\n(?:%s \(Library: %s\)\|[a-zA-Z0-9: \-\r\n]OPENSSLDIR\|ssl)",`
	`21`	`+ r"OpenSSL ([0-9]+\.[0-9]+\.[0-9]+[a-z]) [a-zA-Z0-9 ]+\r?\n(?:%s \(Library: %s\)\|[a-zA-Z0-9:, \-\r\n]OPENSSLDIR\|ssl)",`
`22`	`22`	`r"%s \(Library: %s\)\r?\nOpenSSL ([0-9]+\.[0-9]+\.[0-9]+[a-z]*) [a-zA-Z0-9 ]+",`
`23`	`23`	`]`
`24`	`24`	`VENDOR_PRODUCT = [("openssl", "openssl")]`