Add link to helper script doc when commented contains patterns in checkers

Author: Salar Nosrati-Ershad

cve_bin_tool/checkers/avahi.py

@@ -15,6 +15,8 @@ class AvahiChecker(Checker):
     CONTAINS_PATTERNS = [
         r"avahi_free",
         r"avahi_strerror",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"avahi_string_list_free",
         # r"libavahi-common.so.3",
     ]

cve_bin_tool/checkers/bash.py

@@ -15,6 +15,8 @@ class BashChecker(Checker):
     CONTAINS_PATTERNS = [
         r"save_bash_input: buffer already exists for new fd %d",
         r"cannot allocate new file descriptor for bash input from fd %d",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"bash manual page for the complete specification.",
         # r"bash_execute_unix_command: cannot find keymap for command",
     ]

cve_bin_tool/checkers/bind.py

@@ -15,6 +15,8 @@ class BindChecker(Checker):
     CONTAINS_PATTERNS = [
         r"bind9_check_key",
         r"bind9_check_namedconf",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"/bind9.xsl",
     ]
     FILENAME_PATTERNS = [r"named"]

cve_bin_tool/checkers/busybox.py

@@ -15,6 +15,8 @@ class BusyboxChecker(Checker):
     CONTAINS_PATTERNS = [
         r"BusyBox is a multi-call binary that combines many common Unix",
         r"link to busybox for each function they wish to use and BusyBox",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"BusyBox is copyrighted by many authors between 1998-2015.",
     ]
     FILENAME_PATTERNS = [r"busybox"]

cve_bin_tool/checkers/bzip2.py

@@ -15,6 +15,8 @@ class Bzip2Checker(Checker):
     CONTAINS_PATTERNS = [
         r"bzip2recover ([0-9]+\.[0-9]+\.[0-9]+): extracts blocks from damaged .bz2 files.",
         r"%s: BZ_MAX_HANDLED_BLOCKS in bzip2recover.c, and recompile.",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"in the bzip2-1.0.6 source distribution.", # present only .rpm
     ]
     FILENAME_PATTERNS = [r"bzip2"]

cve_bin_tool/checkers/cups.py

@@ -16,6 +16,8 @@ class CupsChecker(Checker):
     CONTAINS_PATTERNS = [
         r"No limit for CUPS-Get-Document defined in policy %s and no suitable template found.",
         r"\*%%%%%%%% Created by the CUPS PPD Compiler CUPS v([0-9]+\.[0-9]+\.[0-9]+)"
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"Unable to edit cupsd.conf files larger than 1MB",
         # r"The web interface is currently disabled. Run \"cupsctl WebInterface=yes\" to enable it.",
         # r"cupsdAddSubscription: Reached MaxSubscriptions %d \(count=%d\)",

cve_bin_tool/checkers/curl.py

@@ -20,6 +20,8 @@ class CurlChecker(Checker):
     CONTAINS_PATTERNS = [
         r"Dump libcurl equivalent code of this command line",
         r"a specified protocol is unsupported by libcurl",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"curl failed to verify the legitimacy of the server and therefore could not",
         # r"error retrieving curl library information",
         # r"ignoring --proxy-capath, not supported by libcurl",

cve_bin_tool/checkers/dbus.py

@@ -16,6 +16,8 @@ class DbusChecker(Checker):
     CONTAINS_PATTERNS = [
         r"dbus_connection_get_adt_audit_session_data",
         r"dbus_connection_set_dispatch_status_function",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"dbus_connection_set_max_received_unix_fds",
         # r"dbus_connection_set_windows_user_function",
         # r"_dbus_connection_get_linux_security_label",

cve_bin_tool/checkers/dnsmasq.py

@@ -13,6 +13,8 @@
 class DnsmasqChecker(Checker):
     CONTAINS_PATTERNS = [
         r"Dnsmasq is free software, and you are welcome to redistribute it",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"Allow access only to files owned by the user running dnsmasq\.",
         # r"Display dnsmasq version and copyright information\.",
     ]

cve_bin_tool/checkers/dovecot.py

@@ -15,6 +15,8 @@ class DovecotChecker(Checker):
     CONTAINS_PATTERNS = [
         r"BUG: Authentication client %u requested invalid authentication mechanism %s \(DOVECOT-TOKEN required\)",
         r"DOVECOT_SRAND is not available in non-debug builds",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"Dovecot is already running with PID %s \(read from %s\)",
         # r"Dovecot is already running\? Socket already exists: %s",
         # r"Must be started by dovecot master process",

cve_bin_tool/checkers/freeradius.py

@@ -15,6 +15,8 @@ class FreeradiusChecker(Checker):
     CONTAINS_PATTERNS = [
         r"Application and libfreeradius-server magic number (commit) mismatch.  application: %lx library: %lx",
         r"Application and libfreeradius-server magic number (prefix) mismatch.  application: %x library: %x",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"Application and libfreeradius-server magic number (version) mismatch.  application: %lx library: %lx",
         # r"FreeRADIUS Version ([0-9]+\.[0-9]+\.[0-9]+), for host aarch64-redhat-linux-gnu",
     ]

cve_bin_tool/checkers/gcc.py

@@ -16,6 +16,8 @@ class GccChecker(Checker):
     CONTAINS_PATTERNS = [
         r"Do not predefine system-specific and GCC-specific macros\.",
         r"Dump detailed information on GCC's internal representation of source code locations\.",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"GCC is not configured to support %s as offload target",
         # r"IPA lattices after constant propagation, before gcc_unreachable:",
         # r"Record gcc command line switches in DWARF DW_AT_producer\.",

cve_bin_tool/checkers/gnupg.py

@@ -14,6 +14,8 @@ class GnupgChecker(Checker):
     CONTAINS_PATTERNS = [
         r"# \(Use \"gpg --import-ownertrust\" to restore them\)",
         r"Comment: Use \"gpg --dearmor\" for unpacking",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"standalone revocation - use \"gpg --import\" to apply",
         # r"you can update your preferences with: gpg --edit-key %s updpref save",
     ]

cve_bin_tool/checkers/hdf5.py

@@ -15,6 +15,8 @@ class Hdf5Checker(Checker):
     CONTAINS_PATTERNS = [
         r"### HDF5 metadata cache trace file version 1 ###",
         r"%s'HDF5_DISABLE_VERSION_CHECK' environment variable is set to %d, application will",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"The HDF5 header files used to compile this application do not match",
         # r"The HDF5 library version information are not consistent in its source code.",
         # r"This can happen when an application was compiled by one version of HDF5 but",

cve_bin_tool/checkers/irssi.py

@@ -15,6 +15,8 @@ class IrssiChecker(Checker):
     CONTAINS_PATTERNS = [
         r"Configuration file was modified since irssi was last started - do you want to overwrite the possible changes\?",
         r"# The real text formats that irssi uses are the ones you can find with",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"# %%s : must be second - use Irssi; use Irssi::Irc; etc\.\.",
         # r"# When irssi expands the templates in \"format\", the final string would be:",
         # r"# When irssi sees this kind of text, it goes to find \"name\" from abstracts",

cve_bin_tool/checkers/liblas.py

@@ -14,6 +14,8 @@ class LiblasChecker(Checker):
     CONTAINS_PATTERNS = [
         r"N5boost6detail17sp_counted_impl_pIN6liblas5PointEEE",
         r"detail::liblas::read_n<T> input stream is not readable",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"N5boost6detail17sp_counted_impl_pIN6liblas6detail10ReaderImplEEE",
         # r"liblas::detail::ReadeVLRData_str: array index out of range",
     ]

cve_bin_tool/checkers/libsndfile.py

@@ -15,6 +15,8 @@ class LibsndfileChecker(Checker):
     CONTAINS_PATTERNS = [
         r"No error defined for this error number. This is a bug in libsndfile.",
         r"NULL SF_INFO pointer passed to libsndfile.",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"MATLAB 5.0 MAT-file, written by libsndfile-(\d+\.\d+\.\d+),",
     ]
     FILENAME_PATTERNS = [r"libsndfile.so"]

cve_bin_tool/checkers/varnish.py

@@ -13,6 +13,8 @@ class VarnishChecker(Checker):
     CONTAINS_PATTERNS = [
         r"\(pthread_create\(&v->tp, \(\(void \*\)0\), varnish_thread, v\)\) == 0",
         r"\(pthread_create\(&v->tp_vsl, \(\(void \*\)0\), varnishlog_thread, v\)\) == 0",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"Clients that do not support gzip will have their Accept-Encoding header removed\. For more information on how gzip is implemented please see the chapter on gzip in the Varnish reference\.",
     ]
     FILENAME_PATTERNS = [r"varnish"]

cve_bin_tool/checkers/zsh.py

@@ -18,6 +18,8 @@ class ZshChecker(Checker):
     CONTAINS_PATTERNS = [
         r"zsh: sure you want to delete all %d files in",
         r"zsh: sure you want to delete all the files in",
+        # Alternate optional contains patterns,
+        # see <https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script> for more details
         # r"--version  show zsh version number, then exit",
         # r"zsh: sure you want to delete more than %d files in",
         # r"zsh: sure you want to delete the only file in",