-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add test for alpine and android apk formats #1267
Comments
Not sure this is going to happen in time for the 3.0 release. |
A bunch of the tests now use Alpine apks so these are well covered. I don't see any with android .apk files yet, so we could still use a small test added to https://github.com/intel/cve-bin-tool/tree/main/test/assets for this purpose. |
Basically, I need someone to make a valid Android package that has something we can scan in it. Wikipedia has a reasonable description of what should be in the file: https://en.wikipedia.org/wiki/Apk_(file_format) You could include a new library file into it with strings that will trigger a checker, or you could re-use a smaller existing file like https://github.com/intel/cve-bin-tool/blob/main/test/assets/test-curl-7.34.0.out and put it in an appropriate place in the apk then check for it in the scans. |
Taking the good first issue off this flag because there's already a PR in progress so I don't want any other new folk to stumble over this. |
* fixes #1267 It was created by adding the content of existing file from assets (test-curl-7.34.0.out) to apk file.
#1258 added support for both the android and the alpine formats which both use .apk extensions. It would be nice if we had a couple of very tiny files in each format to use with the tests, and tests to actually execute the code.
The text was updated successfully, but these errors were encountered: