Skip to content

fix(scanner/redhatbase): don't return error when parse failure of source file #2092

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 18, 2024
Merged

fix(scanner/redhatbase): don't return error when parse failure of source file #2092

merged 1 commit into from
Dec 18, 2024

Conversation

shino
Copy link
Collaborator

@shino shino commented Dec 18, 2024
edited by MaineK00n
Loading

If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.

What did you implement:

Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context.

Before this PR, some rpms with not-very-good source file name format let vuls scan failed with errors like:

[Dec 18 18:11:36] ERROR [localhost] Error on vt-alma8, err: [Failed to scan installed packages:
    github.com/future-architect/vuls/scanner.(*redhatBase).scanPackages
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:421
  - Failed to parse installed packages. err:
    github.com/future-architect/vuls/scanner.(*redhatBase).scanInstalledPackages
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:499
  - Failed to parse sourcepkg. err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:605
  - Failed to parse source rpm file. err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine.func1
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:587
  - unexpected file name. expected: "<name>-<version>-<release>.<arch>.rpm", actual: "elasticsearch-8.17.0-1-src":
    github.com/future-architect/vuls/scanner.splitFileName
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:706]

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Preparation:
Install elasticsearch with the steps described in https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html

Package list output from rpm command is:

[root@788d5f4c7bb6 ~]# rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM} %{MODULARITYLABEL}\n" | grep elas
elasticsearch 0 8.17.0 1 x86_64 elasticsearch-8.17.0-1-src.rpm (none)

The filename column value is -src.rpm, not .src.rpm.

Before:

% ./bin.lo/vuls.v0.28.0 scan vt-alma8
[Dec 18 18:11:33]  INFO [localhost] vuls-0.28.0-703ba6616050cba7c67365a12e7d98eb06f459ba-2024-12-08T08:37:23Z
[Dec 18 18:11:33]  INFO [localhost] Start scanning
[Dec 18 18:11:33]  INFO [localhost] config: /home/shino/g/vuls/config.toml
[Dec 18 18:11:33]  INFO [localhost] Validating config...
[Dec 18 18:11:33]  INFO [localhost] Detecting Server/Container OS...
[Dec 18 18:11:33]  INFO [localhost] Detecting OS of servers...
[Dec 18 18:11:34]  INFO [localhost] (1/1) Detected: vt-alma8: alma 8.10
[Dec 18 18:11:34]  INFO [localhost] Detecting OS of containers...
[Dec 18 18:11:34]  INFO [localhost] Checking Scan Modes...
[Dec 18 18:11:34]  INFO [localhost] Detecting Platforms...
[Dec 18 18:11:36]  INFO [localhost] (1/1) vt-alma8 is running on other
[Dec 18 18:11:36]  INFO [vt-alma8] Scanning OS pkg in fast-root mode
[Dec 18 18:11:36] ERROR [localhost] Error on vt-alma8, err: [Failed to scan installed packages:
    github.com/future-architect/vuls/scanner.(*redhatBase).scanPackages
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:421
  - Failed to parse installed packages. err:
    github.com/future-architect/vuls/scanner.(*redhatBase).scanInstalledPackages
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:499
  - Failed to parse sourcepkg. err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:605
  - Failed to parse source rpm file. err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine.func1
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:587
  - unexpected file name. expected: "<name>-<version>-<release>.<arch>.rpm", actual: "elasticsearch-8.17.0-1-src":
    github.com/future-architect/vuls/scanner.splitFileName
        /home/runner/work/vuls/vuls/scanner/redhatbase.go:706]


Scan Summary
================
vt-alma8        Error           Use configtest subcommand or scan with --debug to view the details


[Dec 18 18:11:36] ERROR [localhost] Failed to scan: Failed to scan. err:
    github.com/future-architect/vuls/scanner.Scanner.Scan
        /home/runner/work/vuls/vuls/scanner/scanner.go:111
  - An error occurred on [vt-alma8]

After:

% go run cmd/vuls/main.go scan vt-alma8
[Dec 18 18:52:25]  INFO [localhost] vuls-`make build` or `make install` will show the version-
[Dec 18 18:52:25]  INFO [localhost] Start scanning
[Dec 18 18:52:25]  INFO [localhost] config: /home/shino/g/vuls/config.toml
[Dec 18 18:52:25]  INFO [localhost] Validating config...
[Dec 18 18:52:25]  INFO [localhost] Detecting Server/Container OS...
[Dec 18 18:52:25]  INFO [localhost] Detecting OS of servers...
[Dec 18 18:52:25]  INFO [localhost] (1/1) Detected: vt-alma8: alma 8.10
[Dec 18 18:52:25]  INFO [localhost] Detecting OS of containers...
[Dec 18 18:52:25]  INFO [localhost] Checking Scan Modes...
[Dec 18 18:52:25]  INFO [localhost] Detecting Platforms...
[Dec 18 18:52:26]  INFO [localhost] (1/1) vt-alma8 is running on other
[Dec 18 18:52:26]  INFO [vt-alma8] Scanning OS pkg in fast-root mode
[Dec 18 18:52:28]  WARN [vt-alma8] Failed to detect a init system: File: /proc/1/exe -> /usr/sbin/sshd
[Dec 18 18:52:28]  INFO [vt-alma8] Scanning listen port...
[Dec 18 18:52:28]  INFO [vt-alma8] Using Port Scanner: Vuls built-in Scanner
[Dec 18 18:52:28]  WARN [localhost] Some warnings occurred during scanning on vt-alma8. Please fix the warnings to get a useful information. Execute configtest subcommand before scanning to know the cause of the warnings. warnings: [Failed to parse source rpm file. value: "elasticsearch-8.17.0-1-src.rpm", err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine.func1
        /home/shino/g/vuls/scanner/redhatbase.go:587
  - unexpected file name. expected: "<name>-<version>-<release>.<arch>.rpm", actual: "elasticsearch-8.17.0-1-src.rpm":
    github.com/future-architect/vuls/scanner.splitFileName
        /home/shino/g/vuls/scanner/redhatbase.go:708]


Scan Summary
================
vt-alma8        alma8.10        176 installed, 0 updatable

Warning: [Failed to parse source rpm file. value: "elasticsearch-8.17.0-1-src.rpm", err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine.func1
        /home/shino/g/vuls/scanner/redhatbase.go:587
  - unexpected file name. expected: "<name>-<version>-<release>.<arch>.rpm", actual: "elasticsearch-8.17.0-1-src.rpm":
    github.com/future-architect/vuls/scanner.splitFileName
        /home/shino/g/vuls/scanner/redhatbase.go:708]



To view the detail, vuls tui is useful.
To send a report, run vuls report -h.

% cat results/2024-12-18T18-52-26+0900/vt-alma8.json | jq -Cr '.warnings | .[]'
Failed to parse source rpm file. value: "elasticsearch-8.17.0-1-src.rpm", err:
    github.com/future-architect/vuls/scanner.(*redhatBase).parseInstalledPackagesLine.func1
        /home/shino/g/vuls/scanner/redhatbase.go:587
  - unexpected file name. expected: "<name>-<version>-<release>.<arch>.rpm", actual: "elasticsearch-8.17.0-1-src.rpm":
    github.com/future-architect/vuls/scanner.splitFileName
        /home/shino/g/vuls/scanner/redhatbase.go:708

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Reference

@shino shino marked this pull request as ready for review December 18, 2024 10:03
@shino shino requested a review from MaineK00n December 18, 2024 10:03
@shino shino force-pushed the shino/fix-rpm-source-pkg branch from 3d8f471 to 04e158a Compare December 18, 2024 10:05
@MaineK00n
Copy link
Collaborator

I suggest that splitFileName follow the rpm implementation and also add a test case.

:100644 100644 05debc1 1b749f3 M	scanner/redhatbase.go
:100644 100644 28399d4 19e6d5c M	scanner/redhatbase_test.go

diff --git a/scanner/redhatbase.go b/scanner/redhatbase.go
index 05debc1..1b749f3 100644
--- a/scanner/redhatbase.go
+++ b/scanner/redhatbase.go
@@ -582,7 +582,7 @@ func (o *redhatBase) parseInstalledPackagesLine(line string) (*models.Package, *
 			case "(none)":
 				return nil, nil
 			default:
-				n, v, r, err := splitFileName(fields[5])
+				n, v, r, _, _, err := splitFileName(fields[5])
 				if err != nil {
 					o.warns = append(o.warns, xerrors.Errorf("Failed to parse source rpm file. err: %w", err))
 					return nil, nil
@@ -638,7 +638,7 @@ func (o *redhatBase) parseInstalledPackagesLineFromRepoquery(line string) (*mode
 			case "(none)":
 				return nil, nil
 			default:
-				n, v, r, err := splitFileName(fields[5])
+				n, v, r, _, _, err := splitFileName(fields[5])
 				if err != nil {
 					o.warns = append(o.warns, xerrors.Errorf("Failed to parse source rpm file. err: %w", err))
 					return nil, nil
@@ -688,29 +688,41 @@ func (o *redhatBase) parseInstalledPackagesLineFromRepoquery(line string) (*mode
 	}
 }
 
-// https://github.com/aquasecurity/trivy/blob/51f2123c5ccc4f7a37d1068830b6670b4ccf9ac8/pkg/fanal/analyzer/pkg/rpm/rpm.go#L212-L241
-func splitFileName(filename string) (name, ver, rel string, err error) {
+// splitFileName returns a name, version, release, epoch, arch:
+//
+//	e.g.
+//		foo-1.0-1.i386.rpm => foo, 1.0, 1, i386
+//		1:bar-9-123a.ia64.rpm => bar, 9, 123a, 1, ia64
+//
+// https://github.com/rpm-software-management/yum/blob/043e869b08126c1b24e392f809c9f6871344c60d/rpmUtils/miscutils.py#L301
+func splitFileName(filename string) (name, ver, rel, epoch, arch string, err error) {
 	basename := strings.TrimSuffix(filename, ".rpm")
 
 	archIndex := strings.LastIndex(basename, ".")
 	if archIndex == -1 {
-		return "", "", "", xerrors.Errorf("unexpected file name. expected: %q, actual: %q", "<name>-<version>-<release>.<arch>.rpm", filename)
+		return "", "", "", "", "", xerrors.Errorf("unexpected file name. expected: %q, actual: %q", "<name>-<version>-<release>.<arch>.rpm", fmt.Sprintf("%s.rpm", filename))
 	}
+	arch = basename[archIndex+1:]
 
 	relIndex := strings.LastIndex(basename[:archIndex], "-")
 	if relIndex == -1 {
-		return "", "", "", xerrors.Errorf("unexpected file name. expected: %q, actual: %q", "<name>-<version>-<release>.<arch>.rpm", filename)
+		return "", "", "", "", "", xerrors.Errorf("unexpected file name. expected: %q, actual: %q", "<name>-<version>-<release>.<arch>.rpm", fmt.Sprintf("%s.rpm", filename))
 	}
 	rel = basename[relIndex+1 : archIndex]
 
 	verIndex := strings.LastIndex(basename[:relIndex], "-")
 	if verIndex == -1 {
-		return "", "", "", xerrors.Errorf("unexpected file name. expected: %q, actual: %q", "<name>-<version>-<release>.<arch>.rpm", filename)
+		return "", "", "", "", "", xerrors.Errorf("unexpected file name. expected: %q, actual: %q", "<name>-<version>-<release>.<arch>.rpm", fmt.Sprintf("%s.rpm", filename))
 	}
 	ver = basename[verIndex+1 : relIndex]
 
-	name = basename[:verIndex]
-	return name, ver, rel, nil
+	epochIndex := strings.Index(basename, ":")
+	if epochIndex != -1 {
+		epoch = basename[:epochIndex]
+	}
+
+	name = basename[epochIndex+1 : verIndex]
+	return name, ver, rel, epoch, arch, nil
 }
 
 func (o *redhatBase) parseRpmQfLine(line string) (pkg *models.Package, ignored bool, err error) {
diff --git a/scanner/redhatbase_test.go b/scanner/redhatbase_test.go
index 28399d4..19e6d5c 100644
--- a/scanner/redhatbase_test.go
+++ b/scanner/redhatbase_test.go
@@ -342,6 +342,22 @@ func Test_redhatBase_parseInstalledPackagesLine(t *testing.T) {
 			},
 			wantsp: nil,
 		},
+		{
+			name: "epoch in source package",
+			args: args{line: "bar 1 9 123a ia64 1:bar-9-123a.src.rpm"},
+			wantbp: &models.Package{
+				Name:    "bar",
+				Version: "1:9",
+				Release: "123a",
+				Arch:    "ia64",
+			},
+			wantsp: &models.SrcPackage{
+				Name:        "bar",
+				Version:     "1:9-123a",
+				Arch:        "src",
+				BinaryNames: []string{"bar"},
+			},
+		},
 		{
 			name: "new: package 1",
 			args: args{line: "gpg-pubkey 0 f5282ee4 58ac92a3 (none) (none)"},
@@ -402,6 +418,17 @@ func Test_redhatBase_parseInstalledPackagesLine(t *testing.T) {
 				BinaryNames: []string{"community-mysql"},
 			},
 		},
+		{
+			name: "invalid source package",
+			args: args{line: "elasticsearch 0 8.17.0 1 x86_64 elasticsearch-8.17.0-1-src.rpm (none)"},
+			wantbp: &models.Package{
+				Name:    "elasticsearch",
+				Version: "8.17.0",
+				Release: "1",
+				Arch:    "x86_64",
+			},
+			wantsp: nil,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {

MaineK00n
MaineK00n reviewed Dec 18, 2024
View reviewed changes
Copy link
Collaborator

@MaineK00n MaineK00n left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see #2092 (comment)

@shino shino force-pushed the shino/fix-rpm-source-pkg branch from 04e158a to f0ae212 Compare December 18, 2024 11:09
@shino
Copy link
Collaborator Author

shino commented Dec 18, 2024

see #2092 (comment)

Applied!

@shino shino merged commit 2c84be8 into master Dec 18, 2024
7 checks passed
@shino shino deleted the shino/fix-rpm-source-pkg branch December 18, 2024 12:15
@shino shino self-assigned this Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MaineK00n MaineK00n MaineK00n approved these changes

Assignees

@shino shino

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shino @MaineK00n