fix: improve gimp checker (#2992)

Improve gimp checker to avoid a false positive with stellarium which embeds images created with GIMP 2.9.9 Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
intel · Jun 20, 2023 · 6395149 · 6395149
1 parent 68527d5
commit 6395149
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 3 deletions.
diff --git a/cve_bin_tool/checkers/gimp.py b/cve_bin_tool/checkers/gimp.py
@@ -16,5 +16,5 @@
 class GimpChecker(Checker):
     CONTAINS_PATTERNS: list[str] = []
     FILENAME_PATTERNS = [r"gimp"]
-    VERSION_PATTERNS = [r"GIMP ([0-9]+\.[0-9]+\.[0-9]+)"]
+    VERSION_PATTERNS = [r"image-uri\r?\nGIMP ([0-9]+\.[0-9]+\.[0-9]+)"]
     VENDOR_PRODUCT = [("gimp", "gimp")]
diff --git a/test/test_data/gimp.py b/test/test_data/gimp.py
@@ -2,7 +2,11 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 mapping_test_data = [
-    {"product": "gimp", "version": "2.6.10", "version_strings": ["GIMP 2.6.10"]}
+    {
+        "product": "gimp",
+        "version": "2.6.10",
+        "version_strings": ["image-uri\nGIMP 2.6.10"],
+    }
 ]
 package_test_data = [
     {

diff --git a/test/test_data/stellarium.py b/test/test_data/stellarium.py
@@ -10,7 +10,6 @@
         "package_name": "stellarium-1.2-9.fc39.aarch64.rpm",
         "product": "stellarium",
         "version": "1.2",
-        "other_products": ["gimp"],
     },
     {
         "url": "http://ftp.fr.debian.org/debian/pool/main/s/stellarium/",