fix: more python matching support (anchore#1667)

Makefile

@@ -252,6 +252,11 @@ install-test-ci-mac: $(SNAPSHOT_DIR)
 	cd test/install && \
 		make ci-test-mac
 
+.PHONY: generate-compare-file
+generate-compare-file:
+	$(call title,Generating compare test file)
+	go run ./cmd/syft $(COMPARE_TEST_IMAGE) -o json > $(COMPARE_DIR)/test-fixtures/acceptance-centos-8.2.2004.json
+
 # note: we cannot clean the snapshot directory since the pipeline builds the snapshot separately
 .PHONY: compare-mac
 compare-mac: $(TEMP_DIR) $(SNAPSHOT_DIR)  ## Run compare tests on build snapshot binaries and packages (Mac)

syft/pkg/cataloger/binary/cataloger_test.go

@@ -292,8 +292,8 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 			fixtureDir: "test-fixtures/classifiers/positive/python-binary-lib-3.7",
 			expected: pkg.Package{
 				Name:      "python",
-				Version:   "3.7.4a-vZ9",
-				PURL:      "pkg:generic/python@3.7.4a-vZ9",
+				Version:   "3.7.4",
+				PURL:      "pkg:generic/python@3.7.4",
 				Locations: locations("libpython3.7.so"),
 				Metadata:  metadata("python-binary-lib"),
 			},
@@ -347,6 +347,34 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				},
 			},
 		},
+		{
+			name:       "positive-python-binary-3.4-alpine",
+			fixtureDir: "test-fixtures/classifiers/dynamic/python-binary-3.4-alpine",
+			expected: pkg.Package{
+				Name:      "python",
+				Version:   "3.4.10",
+				PURL:      "pkg:generic/python@3.4.10",
+				Locations: locations("python3.4", "libpython3.4m.so.1.0"),
+				Metadata: pkg.BinaryMetadata{
+					Matches: []pkg.ClassifierMatch{
+						match("python-binary", "python3.4"),
+						match("python-binary", "libpython3.4m.so.1.0"),
+						match("python-binary-lib", "libpython3.4m.so.1.0"),
+					},
+				},
+			},
+		},
+		{
+			name:       "positive-python-3.5-with-incorrect-match",
+			fixtureDir: "test-fixtures/classifiers/positive/python-3.5-with-incorrect-match",
+			expected: pkg.Package{
+				Name:      "python",
+				Version:   "3.5.3",
+				PURL:      "pkg:generic/python@3.5.3",
+				Locations: locations("python3.5"),
+				Metadata:  metadata("python-binary"),
+			},
+		},
 		{
 			name:       "positive-python3.6",
 			fixtureDir: "test-fixtures/classifiers/positive/python-binary-3.6",
@@ -576,9 +604,9 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 			packages, _, err := c.Catalog(resolver)
 			require.NoError(t, err)
 
-			for _, p := range packages {
-				assertPackagesAreEqual(t, test.expected, p)
-			}
+			require.Len(t, packages, 1)
+
+			assertPackagesAreEqual(t, test.expected, packages[0])
 		})
 	}
 }

syft/pkg/cataloger/binary/classifier.go

@@ -9,6 +9,7 @@ import (
 	"io"
 	"reflect"
 	"regexp"
+	"strings"
 	"text/template"
 
 	"github.com/anchore/packageurl-go"
@@ -79,6 +80,11 @@ func fileNameTemplateVersionMatcher(fileNamePattern string, contentTemplate stri
 
 		filepathNamedGroupValues := internal.MatchNamedCaptureGroups(pat, location.RealPath)
 
+		// versions like 3.5 should not match any character, but explicit dot
+		for k, v := range filepathNamedGroupValues {
+			filepathNamedGroupValues[k] = strings.ReplaceAll(v, ".", "\\.")
+		}
+
 		tmpl, err := template.New("").Parse(contentTemplate)
 		if err != nil {
 			return nil, fmt.Errorf("unable to parse classifier template=%q : %w", contentTemplate, err)

syft/pkg/cataloger/binary/default_classifiers.go

@@ -12,7 +12,7 @@ var defaultClassifiers = []classifier{
 		EvidenceMatcher: evidenceMatchers(
 			// try to find version information from libpython shared libraries
 			sharedLibraryLookup(
-				`^libpython[0-9]+(?:\.[0-9]+)+\.so.*$`,
+				`^libpython[0-9]+(?:\.[0-9]+)+[a-z]?\.so.*$`,
 				libpythonMatcher),
 			// check for version information in the binary
 			fileNameTemplateVersionMatcher(
@@ -240,7 +240,7 @@ var defaultClassifiers = []classifier{
 var pythonVersionTemplate = `(?m)\x00(?P<version>{{ .version }}[-._a-zA-Z0-9]*)\x00`
 
 var libpythonMatcher = fileNameTemplateVersionMatcher(
-	`(?:.*/|^)libpython(?P<version>[0-9]+(?:\.[0-9]+)+)\.so.*$`,
+	`(?:.*/|^)libpython(?P<version>[0-9]+(?:\.[0-9]+)+)[a-z]?\.so.*$`,
 	pythonVersionTemplate,
 )
 

syft/pkg/cataloger/binary/test-fixtures/Makefile

@@ -3,6 +3,7 @@ all: \
 	classifiers/dynamic/python-binary-shared-lib-3.11 \
 	classifiers/dynamic/python-binary-shared-lib-redhat-3.9 \
 	classifiers/dynamic/python-binary-with-version-3.9 \
+	classifiers/dynamic/python-binary-3.4-alpine \
 	classifiers/dynamic/ruby-library-3.2.1 \
 	classifiers/dynamic/ruby-library-2.7.7
 
@@ -30,6 +31,15 @@ classifiers/dynamic/python-binary-with-version-3.9:
 		/usr/bin/python3.9 \
 		$@/python3.9
 
+classifiers/dynamic/python-binary-3.4-alpine:
+	$(eval $@_image := "python:3.4-alpine@sha256:c210b660e2ea553a7afa23b41a6ed112f85dbce25cbcb567c75dfe05342a4c4b")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/python3.4 \
+		$@/python3.4
+	./get-image-file.sh $($@_image) \
+		/usr/local/lib/libpython3.4m.so.1.0 \
+		$@/libpython3.4m.so.1.0
+
 classifiers/dynamic/ruby-library-3.2.1:
 	$(eval $@_image := "ruby:3.2.1-bullseye@sha256:b4a140656b0c5d26c0a80559b228b4d343f3fdbf56682fcbe88f6db1fa9afa6b")
 	./get-image-file.sh $($@_image) \