Skip to content

Commit 819fef5

Browse files
ffontaineinosmeet
ffontaine
authored and
inosmeet
committed
feat(checker): add socat checker (intel#3597)
Signed-off-by: Fabrice Fontaine <[email protected]>
1 parent e9f2fe4 commit 819fef5

File tree

8 files changed

+62
-0
lines changed

8 files changed

+62
-0
lines changed

cve_bin_tool/checkers/__init__.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -292,6 +292,7 @@
292292
"shadowsocks_libev",
293293
"sngrep",
294294
"snort",
295+
"socat",
295296
"sofia_sip",
296297
"speex",
297298
"spice",

cve_bin_tool/checkers/socat.py

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# Copyright (C) 2023 Orange
2+
# SPDX-License-Identifier: GPL-3.0-or-later
3+
4+
5+
"""
6+
CVE checker for socat
7+
8+
https://www.cvedetails.com/product/4156/Socat-Socat.html?vendor_id=2377
9+
https://www.cvedetails.com/product/19994/Dest-unreach-Socat.html?vendor_id=11111
10+
11+
"""
12+
from __future__ import annotations
13+
14+
from cve_bin_tool.checkers import Checker
15+
16+
17+
class SocatChecker(Checker):
18+
CONTAINS_PATTERNS: list[str] = []
19+
FILENAME_PATTERNS: list[str] = []
20+
VERSION_PATTERNS = [
21+
r"socat[a-zA-Z0-9:. \-\r\n]*\r?\n([0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+)?)"
22+
]
23+
VENDOR_PRODUCT = [("dest-unreach", "socat"), ("socat", "socat")]

test/condensed-downloads/socat-2.0.0-0.b9.11.mga9.aarch64.rpm.tar.gz

25.3 KB
Binary file not shown.

test/condensed-downloads/socat-2.0.0-0.b9.11.mga9.armv7hl.rpm.tar.gz

19.9 KB
Binary file not shown.

test/condensed-downloads/socat_1.7.2.4-2_amd64.deb.tar.gz

49 KB
Binary file not shown.

test/condensed-downloads/socat_1.7.2.4-2_armel.deb.tar.gz

32.9 KB
Binary file not shown.

test/condensed-downloads/socat_1.7.3.3-1_x86_64.ipk.tar.gz

37.5 KB
Binary file not shown.

test/test_data/socat.py

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
# Copyright (C) 2023 Orange
2+
# SPDX-License-Identifier: GPL-3.0-or-later
3+
4+
mapping_test_data = [
5+
{"product": "socat", "version": "1.7.3.3", "version_strings": ["socat\n1.7.3.3"]}
6+
]
7+
package_test_data = [
8+
{
9+
"url": "http://rpmfind.net/linux/mageia/distrib/cauldron/aarch64/media/core/release/",
10+
"package_name": "socat-2.0.0-0.b9.11.mga9.aarch64.rpm",
11+
"product": "socat",
12+
"version": "2.0.0",
13+
},
14+
{
15+
"url": "http://rpmfind.net/linux/mageia/distrib/cauldron/armv7hl/media/core/release/",
16+
"package_name": "socat-2.0.0-0.b9.11.mga9.armv7hl.rpm",
17+
"product": "socat",
18+
"version": "2.0.0",
19+
},
20+
{
21+
"url": "http://ftp.fr.debian.org/debian/pool/main/s/socat/",
22+
"package_name": "socat_1.7.2.4-2_amd64.deb",
23+
"product": "socat",
24+
"version": "1.7.2.4",
25+
},
26+
{
27+
"url": "http://ftp.fr.debian.org/debian/pool/main/s/socat/",
28+
"package_name": "socat_1.7.2.4-2_armel.deb",
29+
"product": "socat",
30+
"version": "1.7.2.4",
31+
},
32+
{
33+
"url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/packages/",
34+
"package_name": "socat_1.7.3.3-1_x86_64.ipk",
35+
"product": "socat",
36+
"version": "1.7.3.3",
37+
},
38+
]

0 commit comments

Comments
 (0)