feat(checker): add ghostscript checker (#4379)

Signed-off-by: Fabrice Fontaine <[email protected]>

Author: ffontaine

cve_bin_tool/checkers/__init__.py

@@ -107,6 +107,7 @@
     "gdal",
     "gdb",
     "gdk_pixbuf",
+    "ghostscript",
     "gimp",
     "git",
     "gmp",

cve_bin_tool/checkers/ghostscript.py

@@ -0,0 +1,24 @@
+# Copyright (C) 2024 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+
+"""
+CVE checker for ghostscript
+
+https://www.cvedetails.com/product/12939/Ghostscript-Ghostscript.html?vendor_id=7640
+https://www.cvedetails.com/product/36469/Artifex-Ghostscript.html?vendor_id=10846
+
+"""
+from __future__ import annotations
+
+from cve_bin_tool.checkers import Checker
+
+
+class GhostscriptChecker(Checker):
+    CONTAINS_PATTERNS: list[str] = []
+    FILENAME_PATTERNS: list[str] = []
+    VERSION_PATTERNS = [
+        r"ghostscript/([0-9]+\.[0-9]+)",
+        r"([0-9]+\.[0-9]+\.[0-9]+)\r?\n[a-z:/]*ghostscript",
+    ]
+    VENDOR_PRODUCT = [("artifex", "ghostscript"), ("ghostscript", "ghostscript")]

test/condensed-downloads/ghostscript-10.03.1-1-aarch64.pkg.tar.xz.tar.gz

@@ -0,0 +1,30 @@
+# Copyright (C) 2024 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+mapping_test_data = [
+    {
+        "product": "ghostscript",
+        "version": "9.27",
+        "version_strings": ["ghostscript/9.27"],
+    },
+    {
+        "product": "ghostscript",
+        "version": "10.03.1",
+        "version_strings": ["10.03.1\nghostscript"],
+    },
+]
+package_test_data = [
+    {
+        "url": "http://ftp.fr.debian.org/debian/pool/main/g/ghostscript/",
+        "package_name": "libgs9_9.27~dfsg-2+deb10u5_amd64.deb",
+        "product": "ghostscript",
+        "version": "9.27",
+    },
+    {
+        "url": "https://eu.mirror.archlinuxarm.org/aarch64/extra/",
+        "package_name": "ghostscript-10.03.1-1-aarch64.pkg.tar.xz",
+        "product": "ghostscript",
+        "version": "10.03.1",
+        "other_products": ["gcc"],
+    },
+]