fix: improve fluent-bit binary detection regex pattern #3701
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This fixes issue #3133 by updating the regex pattern for fluent-bit binary detection to better handle ANSI escape sequences and multiple null bytes between the version string and "Fluent Bit" text. The change also makes the %s format specifier optional, supporting all variations in fluent-bit binary signatures. Signed-off-by: Alan Pope <[email protected]>
popey
force-pushed
the
fix-fluent-bit-detection
branch
from
832d6c1 to
aa2dcf5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR fixes an issue with the binary classifier for fluent-bit, which currently fails to detect certain versions (1.7.0-dev-3 through 1.7.0-dev-9 and 1.7.0-rc4 through 1.7.0-rc8). The problem was in the regex pattern that didn't account for ANSI escape sequences, multiple null bytes, and optional "%s" format specifiers that appear in these versions.
The fix updates the regex pattern to be more inclusive of all these variants, allowing Syft to correctly identify these previously undetectable fluent-bit binaries.
Fixes #3133
Type of change
Checklist: