Add test for alpine and android apk formats #1267
Comments
terriko
added
good first issue
|
Not sure this is going to happen in time for the 3.0 release. |
|
A bunch of the tests now use Alpine apks so these are well covered. I don't see any with android .apk files yet, so we could still use a small test added to https://github.com/intel/cve-bin-tool/tree/main/test/assets for this purpose. |
|
Basically, I need someone to make a valid Android package that has something we can scan in it. Wikipedia has a reasonable description of what should be in the file: https://en.wikipedia.org/wiki/Apk_(file_format) You could include a new library file into it with strings that will trigger a checker, or you could re-use a smaller existing file like https://github.com/intel/cve-bin-tool/blob/main/test/assets/test-curl-7.34.0.out and put it in an appropriate place in the apk then check for it in the scans. |
|
Taking the good first issue off this flag because there's already a PR in progress so I don't want any other new folk to stumble over this. |
* fixes #1267 It was created by adding the content of existing file from assets (test-curl-7.34.0.out) to apk file.
#1258 added support for both the android and the alpine formats which both use .apk extensions. It would be nice if we had a couple of very tiny files in each format to use with the tests, and tests to actually execute the code.
The text was updated successfully, but these errors were encountered: