diff --git a/cve_bin_tool/checkers/avahi.py b/cve_bin_tool/checkers/avahi.py index 36c7ff2d65..47ec887556 100644 --- a/cve_bin_tool/checkers/avahi.py +++ b/cve_bin_tool/checkers/avahi.py @@ -15,6 +15,8 @@ class AvahiChecker(Checker): CONTAINS_PATTERNS = [ r"avahi_free", r"avahi_strerror", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"avahi_string_list_free", # r"libavahi-common.so.3", ] diff --git a/cve_bin_tool/checkers/bash.py b/cve_bin_tool/checkers/bash.py index d365fab08d..ea0e094115 100644 --- a/cve_bin_tool/checkers/bash.py +++ b/cve_bin_tool/checkers/bash.py @@ -15,6 +15,8 @@ class BashChecker(Checker): CONTAINS_PATTERNS = [ r"save_bash_input: buffer already exists for new fd %d", r"cannot allocate new file descriptor for bash input from fd %d", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"bash manual page for the complete specification.", # r"bash_execute_unix_command: cannot find keymap for command", ] diff --git a/cve_bin_tool/checkers/bind.py b/cve_bin_tool/checkers/bind.py index 856aac33ca..403b4e1337 100644 --- a/cve_bin_tool/checkers/bind.py +++ b/cve_bin_tool/checkers/bind.py @@ -15,6 +15,8 @@ class BindChecker(Checker): CONTAINS_PATTERNS = [ r"bind9_check_key", r"bind9_check_namedconf", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"/bind9.xsl", ] FILENAME_PATTERNS = [r"named"] diff --git a/cve_bin_tool/checkers/busybox.py b/cve_bin_tool/checkers/busybox.py index f5c3236af9..b4ffca9b7e 100644 --- a/cve_bin_tool/checkers/busybox.py +++ b/cve_bin_tool/checkers/busybox.py @@ -15,6 +15,8 @@ class BusyboxChecker(Checker): CONTAINS_PATTERNS = [ r"BusyBox is a multi-call binary that combines many common Unix", r"link to busybox for each function they wish to use and BusyBox", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"BusyBox is copyrighted by many authors between 1998-2015.", ] FILENAME_PATTERNS = [r"busybox"] diff --git a/cve_bin_tool/checkers/bzip2.py b/cve_bin_tool/checkers/bzip2.py index 3d648e0244..bed48fba3a 100644 --- a/cve_bin_tool/checkers/bzip2.py +++ b/cve_bin_tool/checkers/bzip2.py @@ -15,6 +15,8 @@ class Bzip2Checker(Checker): CONTAINS_PATTERNS = [ r"bzip2recover ([0-9]+\.[0-9]+\.[0-9]+): extracts blocks from damaged .bz2 files.", r"%s: BZ_MAX_HANDLED_BLOCKS in bzip2recover.c, and recompile.", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"in the bzip2-1.0.6 source distribution.", # present only .rpm ] FILENAME_PATTERNS = [r"bzip2"] diff --git a/cve_bin_tool/checkers/cups.py b/cve_bin_tool/checkers/cups.py index 07599c1ada..9ca0396e20 100644 --- a/cve_bin_tool/checkers/cups.py +++ b/cve_bin_tool/checkers/cups.py @@ -16,6 +16,8 @@ class CupsChecker(Checker): CONTAINS_PATTERNS = [ r"No limit for CUPS-Get-Document defined in policy %s and no suitable template found.", r"\*%%%%%%%% Created by the CUPS PPD Compiler CUPS v([0-9]+\.[0-9]+\.[0-9]+)" + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"Unable to edit cupsd.conf files larger than 1MB", # r"The web interface is currently disabled. Run \"cupsctl WebInterface=yes\" to enable it.", # r"cupsdAddSubscription: Reached MaxSubscriptions %d \(count=%d\)", diff --git a/cve_bin_tool/checkers/curl.py b/cve_bin_tool/checkers/curl.py index e9bb9b80f8..f6b7ac65a6 100644 --- a/cve_bin_tool/checkers/curl.py +++ b/cve_bin_tool/checkers/curl.py @@ -20,6 +20,8 @@ class CurlChecker(Checker): CONTAINS_PATTERNS = [ r"Dump libcurl equivalent code of this command line", r"a specified protocol is unsupported by libcurl", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"curl failed to verify the legitimacy of the server and therefore could not", # r"error retrieving curl library information", # r"ignoring --proxy-capath, not supported by libcurl", diff --git a/cve_bin_tool/checkers/dbus.py b/cve_bin_tool/checkers/dbus.py index 86782c1884..023032ade5 100644 --- a/cve_bin_tool/checkers/dbus.py +++ b/cve_bin_tool/checkers/dbus.py @@ -16,6 +16,8 @@ class DbusChecker(Checker): CONTAINS_PATTERNS = [ r"dbus_connection_get_adt_audit_session_data", r"dbus_connection_set_dispatch_status_function", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"dbus_connection_set_max_received_unix_fds", # r"dbus_connection_set_windows_user_function", # r"_dbus_connection_get_linux_security_label", diff --git a/cve_bin_tool/checkers/dnsmasq.py b/cve_bin_tool/checkers/dnsmasq.py index b971ed4439..632787cb57 100644 --- a/cve_bin_tool/checkers/dnsmasq.py +++ b/cve_bin_tool/checkers/dnsmasq.py @@ -13,6 +13,8 @@ class DnsmasqChecker(Checker): CONTAINS_PATTERNS = [ r"Dnsmasq is free software, and you are welcome to redistribute it", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"Allow access only to files owned by the user running dnsmasq\.", # r"Display dnsmasq version and copyright information\.", ] diff --git a/cve_bin_tool/checkers/dovecot.py b/cve_bin_tool/checkers/dovecot.py index 74c5e73574..91e78f9380 100644 --- a/cve_bin_tool/checkers/dovecot.py +++ b/cve_bin_tool/checkers/dovecot.py @@ -15,6 +15,8 @@ class DovecotChecker(Checker): CONTAINS_PATTERNS = [ r"BUG: Authentication client %u requested invalid authentication mechanism %s \(DOVECOT-TOKEN required\)", r"DOVECOT_SRAND is not available in non-debug builds", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"Dovecot is already running with PID %s \(read from %s\)", # r"Dovecot is already running\? Socket already exists: %s", # r"Must be started by dovecot master process", diff --git a/cve_bin_tool/checkers/freeradius.py b/cve_bin_tool/checkers/freeradius.py index 35ba5e85dc..b9a9f11d36 100644 --- a/cve_bin_tool/checkers/freeradius.py +++ b/cve_bin_tool/checkers/freeradius.py @@ -15,6 +15,8 @@ class FreeradiusChecker(Checker): CONTAINS_PATTERNS = [ r"Application and libfreeradius-server magic number (commit) mismatch. application: %lx library: %lx", r"Application and libfreeradius-server magic number (prefix) mismatch. application: %x library: %x", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"Application and libfreeradius-server magic number (version) mismatch. application: %lx library: %lx", # r"FreeRADIUS Version ([0-9]+\.[0-9]+\.[0-9]+), for host aarch64-redhat-linux-gnu", ] diff --git a/cve_bin_tool/checkers/gcc.py b/cve_bin_tool/checkers/gcc.py index 22a2903a0f..9eb3c69958 100644 --- a/cve_bin_tool/checkers/gcc.py +++ b/cve_bin_tool/checkers/gcc.py @@ -16,6 +16,8 @@ class GccChecker(Checker): CONTAINS_PATTERNS = [ r"Do not predefine system-specific and GCC-specific macros\.", r"Dump detailed information on GCC's internal representation of source code locations\.", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"GCC is not configured to support %s as offload target", # r"IPA lattices after constant propagation, before gcc_unreachable:", # r"Record gcc command line switches in DWARF DW_AT_producer\.", diff --git a/cve_bin_tool/checkers/gnupg.py b/cve_bin_tool/checkers/gnupg.py index 964a2f596b..e0e7b74507 100644 --- a/cve_bin_tool/checkers/gnupg.py +++ b/cve_bin_tool/checkers/gnupg.py @@ -14,6 +14,8 @@ class GnupgChecker(Checker): CONTAINS_PATTERNS = [ r"# \(Use \"gpg --import-ownertrust\" to restore them\)", r"Comment: Use \"gpg --dearmor\" for unpacking", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"standalone revocation - use \"gpg --import\" to apply", # r"you can update your preferences with: gpg --edit-key %s updpref save", ] diff --git a/cve_bin_tool/checkers/hdf5.py b/cve_bin_tool/checkers/hdf5.py index 0624df870d..5eb07497b3 100644 --- a/cve_bin_tool/checkers/hdf5.py +++ b/cve_bin_tool/checkers/hdf5.py @@ -15,6 +15,8 @@ class Hdf5Checker(Checker): CONTAINS_PATTERNS = [ r"### HDF5 metadata cache trace file version 1 ###", r"%s'HDF5_DISABLE_VERSION_CHECK' environment variable is set to %d, application will", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"The HDF5 header files used to compile this application do not match", # r"The HDF5 library version information are not consistent in its source code.", # r"This can happen when an application was compiled by one version of HDF5 but", diff --git a/cve_bin_tool/checkers/irssi.py b/cve_bin_tool/checkers/irssi.py index b0f7ed4777..75e9816dd6 100644 --- a/cve_bin_tool/checkers/irssi.py +++ b/cve_bin_tool/checkers/irssi.py @@ -15,6 +15,8 @@ class IrssiChecker(Checker): CONTAINS_PATTERNS = [ r"Configuration file was modified since irssi was last started - do you want to overwrite the possible changes\?", r"# The real text formats that irssi uses are the ones you can find with", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"# %%s : must be second - use Irssi; use Irssi::Irc; etc\.\.", # r"# When irssi expands the templates in \"format\", the final string would be:", # r"# When irssi sees this kind of text, it goes to find \"name\" from abstracts", diff --git a/cve_bin_tool/checkers/liblas.py b/cve_bin_tool/checkers/liblas.py index 4081e64329..3a04121047 100644 --- a/cve_bin_tool/checkers/liblas.py +++ b/cve_bin_tool/checkers/liblas.py @@ -14,6 +14,8 @@ class LiblasChecker(Checker): CONTAINS_PATTERNS = [ r"N5boost6detail17sp_counted_impl_pIN6liblas5PointEEE", r"detail::liblas::read_n input stream is not readable", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"N5boost6detail17sp_counted_impl_pIN6liblas6detail10ReaderImplEEE", # r"liblas::detail::ReadeVLRData_str: array index out of range", ] diff --git a/cve_bin_tool/checkers/libsndfile.py b/cve_bin_tool/checkers/libsndfile.py index 6d737ac024..13777c49ff 100644 --- a/cve_bin_tool/checkers/libsndfile.py +++ b/cve_bin_tool/checkers/libsndfile.py @@ -15,6 +15,8 @@ class LibsndfileChecker(Checker): CONTAINS_PATTERNS = [ r"No error defined for this error number. This is a bug in libsndfile.", r"NULL SF_INFO pointer passed to libsndfile.", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"MATLAB 5.0 MAT-file, written by libsndfile-(\d+\.\d+\.\d+),", ] FILENAME_PATTERNS = [r"libsndfile.so"] diff --git a/cve_bin_tool/checkers/varnish.py b/cve_bin_tool/checkers/varnish.py index c055755648..3f5a6a1328 100644 --- a/cve_bin_tool/checkers/varnish.py +++ b/cve_bin_tool/checkers/varnish.py @@ -13,6 +13,8 @@ class VarnishChecker(Checker): CONTAINS_PATTERNS = [ r"\(pthread_create\(&v->tp, \(\(void \*\)0\), varnish_thread, v\)\) == 0", r"\(pthread_create\(&v->tp_vsl, \(\(void \*\)0\), varnishlog_thread, v\)\) == 0", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"Clients that do not support gzip will have their Accept-Encoding header removed\. For more information on how gzip is implemented please see the chapter on gzip in the Varnish reference\.", ] FILENAME_PATTERNS = [r"varnish"] diff --git a/cve_bin_tool/checkers/zsh.py b/cve_bin_tool/checkers/zsh.py index de5761f851..f55cf0bf29 100644 --- a/cve_bin_tool/checkers/zsh.py +++ b/cve_bin_tool/checkers/zsh.py @@ -18,6 +18,8 @@ class ZshChecker(Checker): CONTAINS_PATTERNS = [ r"zsh: sure you want to delete all %d files in", r"zsh: sure you want to delete all the files in", + # Alternate optional contains patterns, + # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details # r"--version show zsh version number, then exit", # r"zsh: sure you want to delete more than %d files in", # r"zsh: sure you want to delete the only file in",