anchore · kzantow · Dec 8, 2022 · Dec 8, 2022 · spiffcs · Dec 8, 2022
diff --git a/syft/pkg/cataloger/binary/cataloger_test.go b/syft/pkg/cataloger/binary/cataloger_test.go
@@ -102,6 +102,62 @@ func TestClassifierCataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				},
 			},
 		},
+		{
+			name:       "positive-java-openjdk",
+			fixtureDir: "test-fixtures/classifiers/positive/openjdk",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "1.8.0_352-b08",
+				Type:      "binary",
+				Locations: singleLocation("java"),
+				Metadata: pkg.BinaryMetadata{
+					Classifier:  "java-binary-openjdk",
+					VirtualPath: "java",
+				},
+			},
+		},
+		{
+			name:       "positive-java-oracle",
+			fixtureDir: "test-fixtures/classifiers/positive/oracle",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "19.0.1+10-21",
+				Type:      "binary",
+				Locations: singleLocation("java"),
+				Metadata: pkg.BinaryMetadata{
+					Classifier:  "java-binary-oracle",
+					VirtualPath: "java",
+				},
+			},
+		},
+		{
+			name:       "positive-java-oracle-macos",
+			fixtureDir: "test-fixtures/classifiers/positive/oracle-macos",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "19.0.1+10-21",
+				Type:      "binary",
+				Locations: singleLocation("java"),
+				Metadata: pkg.BinaryMetadata{
+					Classifier:  "java-binary-oracle",
+					VirtualPath: "java",
+				},
+			},
+		},
+		{
+			name:       "positive-java-ibm",
+			fixtureDir: "test-fixtures/classifiers/positive/ibm",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "1.8.0-foreman_2022_09_22_15_30-b00",
+				Type:      "binary",
+				Locations: singleLocation("java"),
+				Metadata: pkg.BinaryMetadata{
+					Classifier:  "java-binary-ibm",
+					VirtualPath: "java",
+				},
+			},
+		},
 	}
 
 	for _, test := range tests {

diff --git a/syft/pkg/cataloger/binary/classifier.go b/syft/pkg/cataloger/binary/classifier.go
@@ -81,22 +81,10 @@ func fileNameTemplateVersionMatcher(fileNamePattern string, contentTemplate stri
 		}
 
 		matchMetadata := internal.MatchNamedCaptureGroups(tmplPattern, string(contents))
-
-		version, ok := matchMetadata["version"]
-		if ok {
-			return singlePackage(classifier, reader, version), nil
-		}
-
-		return nil, nil
+		return singlePackage(classifier, reader, matchMetadata), nil
 	}
 }
 
-func patternEndingWithNull(pattern string) string {
-	bytes := []byte(pattern)
-	bytes = append(bytes, 0)
-	return string(bytes)
-}
-
 func fileContentsVersionMatcher(pattern string) evidenceMatcher {
 	pat := regexp.MustCompile(pattern)
 	return func(classifier classifier, reader source.LocationReadCloser) ([]pkg.Package, error) {
@@ -106,11 +94,7 @@ func fileContentsVersionMatcher(pattern string) evidenceMatcher {
 		}
 
 		matchMetadata := internal.MatchNamedCaptureGroups(pat, string(contents))
-		version, ok := matchMetadata["version"]
-		if ok {
-			return singlePackage(classifier, reader, version), nil
-		}
-		return nil, nil
+		return singlePackage(classifier, reader, matchMetadata), nil
 	}
 }
 
@@ -122,10 +106,18 @@ func mustPURL(purl string) packageurl.PackageURL {
 	return p
 }
 
-func singlePackage(classifier classifier, reader source.LocationReadCloser, version string) []pkg.Package {
+func singlePackage(classifier classifier, reader source.LocationReadCloser, matchMetadata map[string]string) []pkg.Package {
+	version, ok := matchMetadata["version"]
+	if !ok {
+		return nil
+	}
+
+	update := matchMetadata["update"]
+
 	var cpes []pkg.CPE
 	for _, cpe := range classifier.CPEs {
 		cpe.Version = version
+		cpe.Update = update
 		cpes = append(cpes, cpe)
 	}
 

diff --git a/syft/pkg/cataloger/binary/default_classifiers.go b/syft/pkg/cataloger/binary/default_classifiers.go
@@ -29,11 +29,39 @@ var defaultClassifiers = []classifier{
 	{
 		Class:    "go-binary",
 		FileGlob: "**/go",
-		EvidenceMatcher: fileContentsVersionMatcher(patternEndingWithNull(
-			`(?m)go(?P<version>[0-9]+\.[0-9]+(\.[0-9]+|beta[0-9]+|alpha[0-9]+|rc[0-9]+)?)`)),
+		EvidenceMatcher: fileContentsVersionMatcher(
+			`(?m)go(?P<version>[0-9]+\.[0-9]+(\.[0-9]+|beta[0-9]+|alpha[0-9]+|rc[0-9]+)?)\x00`),
 		Package: "go",
 		CPEs:    singleCPE("cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"),
 	},
+	{
+		Class:    "java-binary-openjdk",
+		FileGlob: "**/java",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			// [NUL]openjdk[NUL]java[NUL]1.8[NUL]1.8.0_352-b08[NUL]
+			`(?m)\x00openjdk\x00java\x00(?P<release>[0-9]+[.0-9]+)\x00(?P<version>[0-9]+[-._a-zA-Z0-9]+)\x00`),
+		Package: "java",
+		// TODO the updates might need to be part of the CPE, like: 1.8.0:update152
+		CPEs: singleCPE("cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*"),
+	},
+	{
+		Class:    "java-binary-ibm",
+		FileGlob: "**/java",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			// [NUL]java[NUL]1.8[NUL][NUL][NUL][NUL]1.8.0-foreman_2022_09_22_15_30-b00[NUL]
+			`(?m)\x00java\x00(?P<release>[0-9]+[.0-9]+)\x00{4}(?P<version>[0-9]+[-._a-zA-Z0-9]+)\x00`),
+		Package: "java",
+		CPEs:    singleCPE("cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*"),
+	},
+	{
+		Class:    "java-binary-oracle",
+		FileGlob: "**/java",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			// [NUL]19.0.1+10-21[NUL]
+			`(?m)\x00(?P<version>[0-9]+[.0-9]+[+][-0-9]+)\x00`),
+		Package: "java",
+		CPEs:    singleCPE("cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*"),
+	},
 	{
 		Class:    "nodejs-binary",
 		FileGlob: "**/node",

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/ibm/java b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/ibm/java
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/openjdk/java b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/openjdk/java
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/oracle-macos/java b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/oracle-macos/java
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/oracle/java b/syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/oracle/java