fix: check return on re.search in canonical_convert (#1643)

addresses #1639 re.search returns `None` on failure, updating to indicate the version is `UNKNOWN` when this occurs and generating a log message
intel · Apr 26, 2022 · ec69e35 · ec69e35
1 parent abffa0d
commit ec69e35
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/cve_bin_tool/cve_scanner.py b/cve_bin_tool/cve_scanner.py
@@ -272,7 +272,13 @@ def canonical_convert(
             else:
                 # Handle a.b.c<string> e.g. 1.20.9rel1
                 pv = re.search(r"\d[.\d]*", product_info.version)
-        parsed_version = parse_version(pv.group(0))
+        if pv is None:
+            parsed_version = "UNKNOWN"
+            self.logger.warn(
+                f"error parsing {product_info.vendor}.{product_info.product} v{product_info.version} - manual inspection required"
+            )
+        else:
+            parsed_version = parse_version(pv.group(0))
         return parsed_version, version_between
 
     def affected(self):