fix(rpm): do not ignore installed files via third-party rpm (aquasecu…

…rity#367) Co-authored-by: Teppei Fukuda <[email protected]>
project-zot · Jan 12, 2022 · c64a1bb · c64a1bb
1 parent ca3bf96
commit c64a1bb
Showing 1 changed file with 31 additions and 3 deletions.
diff --git a/analyzer/pkg/rpm/rpm.go b/analyzer/pkg/rpm/rpm.go
@@ -30,6 +30,20 @@ var requiredFiles = []string{
 }
 var errUnexpectedNameFormat = xerrors.New("unexpected name format")
 
+var osVendors = []string{
+	"Amazon Linux",   // Amazon Linux 1
+	"Amazon.com",     // Amazon Linux 2
+	"CentOS",         // CentOS
+	"Fedora Project", // Fedora
+	"Oracle America", // Oracle Linux
+	"Red Hat",        // Red Hat
+	"AlmaLinux",      // AlmaLinux
+	"CloudLinux",     // AlmaLinux
+	"VMware",         // Photon OS
+	"SUSE",           // SUSE Linux Enterprise
+	"openSUSE",       // openSUSE
+}
+
 type rpmPkgAnalyzer struct{}
 
 func (a rpmPkgAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) {
@@ -104,9 +118,14 @@ func (a rpmPkgAnalyzer) parsePkgInfo(rc io.Reader) ([]types.Package, []string, e
 			}
 		}
 
-		files, err := pkg.InstalledFiles()
-		if err != nil {
-			return nil, nil, xerrors.Errorf("unable to get installed files: %w", err)
+		// Check if the package is vendor-provided.
+		// If the package is not provided by vendor, the installed files should not be skipped.
+		var files []string
+		if packageProvidedByVendor(pkg.Vendor) {
+			files, err = pkg.InstalledFiles()
+			if err != nil {
+				return nil, nil, xerrors.Errorf("unable to get installed files: %w", err)
+			}
 		}
 
 		p := types.Package{
@@ -171,3 +190,12 @@ func (a rpmPkgAnalyzer) Type() analyzer.Type {
 func (a rpmPkgAnalyzer) Version() int {
 	return version
 }
+
+func packageProvidedByVendor(pkgVendor string) bool {
+	for _, vendor := range osVendors {
+		if strings.HasPrefix(pkgVendor, vendor) {
+			return true
+		}
+	}
+	return false
+}