diff --git a/cve_bin_tool/checkers/__init__.py b/cve_bin_tool/checkers/__init__.py index 2030d3906c..3690285afe 100644 --- a/cve_bin_tool/checkers/__init__.py +++ b/cve_bin_tool/checkers/__init__.py @@ -109,6 +109,7 @@ "file", "firefox", "firejail", + "fish", "flac", "fluidsynth", "freeradius", diff --git a/cve_bin_tool/checkers/fish.py b/cve_bin_tool/checkers/fish.py new file mode 100644 index 0000000000..77e8967fda --- /dev/null +++ b/cve_bin_tool/checkers/fish.py @@ -0,0 +1,20 @@ +# Copyright (C) 2025 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + + +""" +CVE checker for fish + +https://www.cvedetails.com/product/43564/Fishshell-Fish.html?vendor_id=17623 + +""" +from __future__ import annotations + +from cve_bin_tool.checkers import Checker + + +class FishChecker(Checker): + CONTAINS_PATTERNS: list[str] = [] + FILENAME_PATTERNS: list[str] = [] + VERSION_PATTERNS = [r"fish-([0-9]+\.[0-9]+\.[0-9]+)"] + VENDOR_PRODUCT = [("fishshell", "fish")] diff --git a/test/condensed-downloads/fish-3.1.2-r4.apk.tar.gz b/test/condensed-downloads/fish-3.1.2-r4.apk.tar.gz new file mode 100644 index 0000000000..1571911934 Binary files /dev/null and b/test/condensed-downloads/fish-3.1.2-r4.apk.tar.gz differ diff --git a/test/condensed-downloads/fish-4.0.2-1.fc43.aarch64.rpm.tar.gz b/test/condensed-downloads/fish-4.0.2-1.fc43.aarch64.rpm.tar.gz new file mode 100644 index 0000000000..13c3ae27c8 Binary files /dev/null and b/test/condensed-downloads/fish-4.0.2-1.fc43.aarch64.rpm.tar.gz differ diff --git a/test/condensed-downloads/fish_3.1.0-1_x86_64.ipk.tar.gz b/test/condensed-downloads/fish_3.1.0-1_x86_64.ipk.tar.gz new file mode 100644 index 0000000000..42bf2c34d4 Binary files /dev/null and b/test/condensed-downloads/fish_3.1.0-1_x86_64.ipk.tar.gz differ diff --git a/test/condensed-downloads/fish_3.1.2-3+deb11u1_amd64.deb.tar.gz b/test/condensed-downloads/fish_3.1.2-3+deb11u1_amd64.deb.tar.gz new file mode 100644 index 0000000000..7ae4b0747c Binary files /dev/null and b/test/condensed-downloads/fish_3.1.2-3+deb11u1_amd64.deb.tar.gz differ diff --git a/test/test_data/fish.py b/test/test_data/fish.py new file mode 100644 index 0000000000..9333b1e593 --- /dev/null +++ b/test/test_data/fish.py @@ -0,0 +1,34 @@ +# Copyright (C) 2025 Orange +# SPDX-License-Identifier: GPL-3.0-or-later + +mapping_test_data = [ + {"product": "fish", "version": "3.1.0", "version_strings": ["fish-3.1.0"]} +] +package_test_data = [ + { + "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/f/", + "package_name": "fish-4.0.2-1.fc43.aarch64.rpm", + "product": "fish", + "version": "4.0.2", + "other_products": ["rust"], + }, + { + "url": "http://ftp.debian.org/debian/pool/main/f/fish/", + "package_name": "fish_3.1.2-3+deb11u1_amd64.deb", + "product": "fish", + "version": "3.1.2", + }, + { + "url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/packages/", + "package_name": "fish_3.1.0-1_x86_64.ipk", + "product": "fish", + "version": "3.1.0", + }, + { + "url": "https://dl-cdn.alpinelinux.org/alpine/v3.13/main/x86_64/", + "package_name": "fish-3.1.2-r4.apk", + "product": "fish", + "version": "3.1.2", + "other_products": ["gcc"], + }, +]