Skip to content

Commit e7306a8

Browse files
ffontaineffontaine
authored
feat(checker): add redis checker (#4762)
Signed-off-by: Fabrice Fontaine <[email protected]>
1 parent 56010c4 commit e7306a8

File tree

7 files changed

+63
-0
lines changed

7 files changed

+63
-0
lines changed

cve_bin_tool/checkers/__init__.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -316,6 +316,7 @@
316316
"rauc",
317317
"rdesktop",
318318
"readline",
319+
"redis",
319320
"rpm",
320321
"rtl_433",
321322
"rtmpdump",

cve_bin_tool/checkers/redis.py

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# Copyright (C) 2025 Orange
2+
# SPDX-License-Identifier: GPL-3.0-or-later
3+
4+
5+
"""
6+
CVE checker for redis
7+
8+
https://www.cvedetails.com/product/101460/Redis-Redis.html?vendor_id=25596
9+
https://www.cvedetails.com/product/47087/Redislabs-Redis.html?vendor_id=18560
10+
11+
"""
12+
from __future__ import annotations
13+
14+
from cve_bin_tool.checkers import Checker
15+
16+
17+
class RedisChecker(Checker):
18+
CONTAINS_PATTERNS: list[str] = []
19+
FILENAME_PATTERNS: list[str] = []
20+
VERSION_PATTERNS = [
21+
r"([0-9]+\.[0-9]+\.[0-9]+)[A-Za-z0-9%#:_/ \.\-\r\n]*redis(?:_version|\.pid)"
22+
]
23+
VENDOR_PRODUCT = [("redis", "redis"), ("redislabs", "redis")]

test/condensed-downloads/redis-5.0.14-r0.apk.tar.gz

110 KB
Binary file not shown.

test/condensed-downloads/redis-7.2.7-1.fc40.aarch64.rpm.tar.gz

269 KB
Binary file not shown.

test/condensed-downloads/redis-server_6.2.6-1_x86_64.ipk.tar.gz

208 KB
Binary file not shown.

test/condensed-downloads/redis-tools_5.0.14-1+deb10u2_amd64.deb.tar.gz

360 KB
Binary file not shown.

test/test_data/redis.py

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
# Copyright (C) 2025 Orange
2+
# SPDX-License-Identifier: GPL-3.0-or-later
3+
4+
mapping_test_data = [
5+
{
6+
"product": "redis",
7+
"version": "5.0.14",
8+
"version_strings": ["5.0.14\nredis_version"],
9+
}
10+
]
11+
package_test_data = [
12+
{
13+
"url": "http://rpmfind.net/linux/fedora/linux/updates/40/Everything/aarch64/Packages/r/",
14+
"package_name": "redis-7.2.7-1.fc40.aarch64.rpm",
15+
"product": "redis",
16+
"version": "7.2.7",
17+
"other_products": ["lua"],
18+
},
19+
{
20+
"url": "http://ftp.debian.org/debian/pool/main/r/redis/",
21+
"package_name": "redis-tools_5.0.14-1+deb10u2_amd64.deb",
22+
"product": "redis",
23+
"version": "5.0.14",
24+
},
25+
{
26+
"url": "https://downloads.openwrt.org/releases/packages-21.02/x86_64/packages/",
27+
"package_name": "redis-server_6.2.6-1_x86_64.ipk",
28+
"product": "redis",
29+
"version": "6.2.6",
30+
"other_products": ["lua"],
31+
},
32+
{
33+
"url": "https://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/",
34+
"package_name": "redis-5.0.14-r0.apk",
35+
"product": "redis",
36+
"version": "5.0.14",
37+
"other_products": ["lua"],
38+
},
39+
]

0 commit comments

Comments
 (0)