Find version numbers from jars with different naming conventions (#1174)

Signed-off-by: Christopher Phillips <[email protected]>
anchore · Oct 21, 2022 · 9acfbba · 9acfbba
1 parent 50dd085
commit 9acfbba
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 1 deletion.
diff --git a/syft/pkg/cataloger/java/archive_filename.go b/syft/pkg/cataloger/java/archive_filename.go
@@ -48,7 +48,8 @@ import (
 //	my-http2-server-5		-->	name="my-http2-server", version="5"
 //	jetpack-build235-rc5	-->	name="jetpack", version="build2.0-rc5"
 //	ironman-r4-2009			--> name="ironman", version="r4-2009"
-var nameAndVersionPattern = regexp.MustCompile(`(?Ui)^(?P<name>(?:[[:alpha:]][[:word:].]*(?:\.[[:alpha:]][[:word:].]*)*-?)+)(?:-(?P<version>(?:\d.*|(?:build\d*.*)|(?:rc?\d+(?:^[[:alpha:]].*)?))))?$`)
+var nameAndVersionPattern = regexp.MustCompile(`(?Ui)^(?P<name>(?:[[:alpha:]][[:word:].]*(?:\.[[:alpha:]][[:word:].]*)*-?)+)(?:-(?P<version>(\d.*|(build\d*.*)|(rc?\d+(?:^[[:alpha:]].*)?))))?$`)
+var secondaryVersionPattern = regexp.MustCompile(`(?:[._-](?P<version>(\d.*|(build\d*.*)|(rc?\d+(?:^[[:alpha:]].*)?))))?$`)
 
 type archiveFilename struct {
 	raw     string
@@ -86,6 +87,15 @@ func newJavaArchiveFilename(raw string) archiveFilename {
 	name := getSubexp(matches, "name", nameAndVersionPattern, raw)
 	version := getSubexp(matches, "version", nameAndVersionPattern, raw)
 
+	// some jars get named with different conventions, like `_<version>` or `.<version>`
+	if version == "" {
+		matches = secondaryVersionPattern.FindStringSubmatch(name)
+		version = getSubexp(matches, "version", secondaryVersionPattern, raw)
+		if version != "" {
+			name = name[0 : len(name)-len(version)-1]
+		}
+	}
+
 	return archiveFilename{
 		raw:     raw,
 		name:    name,

diff --git a/syft/pkg/cataloger/java/archive_filename_test.go b/syft/pkg/cataloger/java/archive_filename_test.go
@@ -22,6 +22,20 @@ func TestExtractInfoFromJavaArchiveFilename(t *testing.T) {
 			name:      "pkg-maven",
 			ty:        pkg.UnknownPkg,
 		},
+		{
+			filename:  "pkg-maven.4.3.2.blerg",
+			version:   "4.3.2",
+			extension: "blerg",
+			name:      "pkg-maven",
+			ty:        pkg.UnknownPkg,
+		},
+		{
+			filename:  "pkg-maven_4.3.2.blerg",
+			version:   "4.3.2",
+			extension: "blerg",
+			name:      "pkg-maven",
+			ty:        pkg.UnknownPkg,
+		},
 		{
 			filename:  "pkg-maven-4.3.2.jar",
 			version:   "4.3.2",