Skip to content

Commit d2519c1

Browse files
ffontaineffontaine
authored
fix: update busybox checker (#4679)
Update busybox pattern to catch version 1.00 which has been released in 2004 but is still encountered on some embedded systems ... Signed-off-by: Fabrice Fontaine <[email protected]>
1 parent a72b30d commit d2519c1

File tree

2 files changed

+3
-2
lines changed

2 files changed

+3
-2
lines changed

cve_bin_tool/checkers/busybox.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,5 +20,5 @@ class BusyboxChecker(Checker):
2020
# r"BusyBox is copyrighted by many authors between 1998-2015.",
2121
]
2222
FILENAME_PATTERNS = [r"busybox"]
23-
VERSION_PATTERNS = [r"BusyBox v([0-9]+\.[0-9]+\.[0-9]+)"]
23+
VERSION_PATTERNS = [r"BusyBox v([0-9]+\.[0-9]+(\.[0-9]+)?)"]
2424
VENDOR_PRODUCT = [("busybox", "busybox")]

test/test_data/busybox.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,8 @@
22
# SPDX-License-Identifier: GPL-3.0-or-later
33

44
mapping_test_data = [
5-
{"product": "busybox", "version": "1.18.3", "version_strings": ["BusyBox v1.18.3"]}
5+
{"product": "busybox", "version": "1.18.3", "version_strings": ["BusyBox v1.18.3"]},
6+
{"product": "busybox", "version": "1.00", "version_strings": ["BusyBox v1.00"]},
67
]
78
package_test_data = [
89
{

0 commit comments

Comments
 (0)