forked from anchore/syft
/
parse_audit_binary.go
60 lines (48 loc) · 1.88 KB
/
parse_audit_binary.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package rust
import (
"errors"
rustaudit "github.com/microsoft/go-rustaudit"
"github.com/gsoc2/syft/internal/log"
"github.com/gsoc2/syft/syft/artifact"
"github.com/gsoc2/syft/syft/file"
"github.com/gsoc2/syft/syft/pkg"
"github.com/gsoc2/syft/syft/pkg/cataloger/generic"
"github.com/gsoc2/syft/syft/pkg/cataloger/internal/unionreader"
)
// Catalog identifies executables then attempts to read Rust dependency information from them
func parseAuditBinary(_ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
var pkgs []pkg.Package
unionReader, err := unionreader.GetUnionReader(reader.ReadCloser)
if err != nil {
return nil, nil, err
}
for _, versionInfo := range parseAuditBinaryEntry(unionReader, reader.RealPath) {
pkgs = append(pkgs, newPackagesFromAudit(reader.Location, versionInfo)...)
}
return pkgs, nil, nil
}
// scanFile scans file to try to report the Rust crate dependencies
func parseAuditBinaryEntry(reader unionreader.UnionReader, filename string) []rustaudit.VersionInfo {
// NOTE: multiple readers are returned to cover universal binaries, which are files
// with more than one binary
readers, err := unionreader.GetReaders(reader)
if err != nil {
log.Warnf("rust cataloger: failed to open a binary: %v", err)
return nil
}
var versionInfos []rustaudit.VersionInfo
for _, r := range readers {
versionInfo, err := rustaudit.GetDependencyInfo(r)
if err != nil {
if errors.Is(err, rustaudit.ErrNoRustDepInfo) {
// since the cataloger can only select executables and not distinguish if they are a Rust-compiled
// binary, we should not show warnings/logs in this case.
return nil
}
log.Tracef("rust cataloger: unable to read dependency information (file=%q): %v", filename, err)
return nil
}
versionInfos = append(versionInfos, versionInfo)
}
return versionInfos
}