From 483c8648b0a90c490b5940298cf1331f94a3421f Mon Sep 17 00:00:00 2001 From: Jack <72348727+Jack-GitHub12@users.noreply.github.com> Date: Wed, 10 Dec 2025 15:56:24 -0600 Subject: [PATCH 1/2] fix: update libevent pattern for android (#5441) Add pattern to detect libevent version in Android libraries where the version string format differs from standard Linux binaries. - Add FILENAME_PATTERNS to match libevent library files - Add VERSION_PATTERN with word boundary to match formats like "libevent-2.1.8-stable" while avoiding false positives - Add test case for Android libevent format --- cve_bin_tool/checkers/libevent.py | 4 +++- test/test_data/libevent.py | 10 ++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/cve_bin_tool/checkers/libevent.py b/cve_bin_tool/checkers/libevent.py index 98c7d872f1..90924486fe 100644 --- a/cve_bin_tool/checkers/libevent.py +++ b/cve_bin_tool/checkers/libevent.py @@ -16,9 +16,11 @@ class LibeventChecker(Checker): CONTAINS_PATTERNS: list[str] = [] - FILENAME_PATTERNS: list[str] = [] + FILENAME_PATTERNS: list[str] = [r"libevent"] VERSION_PATTERNS = [ r"libevent using: %s[a-zA-Z%:. \r\n]*([0-9]+\.[0-9]+\.[0-9]+)-stable", r"([0-9]+\.[0-9]+\.[0-9]+)-stable[0-9a-zA-Z|~,;!&+=*%_<>():'. \[\]\-\r\n]*libevent using:", + r"\blibevent[^0-9]*([0-9]+\.[0-9]+\.[0-9]+)-stable", + r"([0-9]+\.[0-9]+\.[0-9]+)-stable\r?\nActive events:", ] VENDOR_PRODUCT = [("libevent_project", "libevent"), ("niels_provos", "libevent")] diff --git a/test/test_data/libevent.py b/test/test_data/libevent.py index 57c14e7071..d4a044bed7 100644 --- a/test/test_data/libevent.py +++ b/test/test_data/libevent.py @@ -7,6 +7,16 @@ "version": "2.0.21", "version_strings": ["2.0.21-stable\nlibevent using:"], }, + { + "product": "libevent", + "version": "2.1.8", + "version_strings": ["libevent-2.1.8-stable"], + }, + { + "product": "libevent", + "version": "2.1.8", + "version_strings": ["2.1.8-stable\nActive events:"], + }, ] package_test_data = [ { From 8e810ac78516665b7080ca3dfabeb14e6691d036 Mon Sep 17 00:00:00 2001 From: Jack <72348727+Jack-GitHub12@users.noreply.github.com> Date: Thu, 11 Dec 2025 21:42:22 -0600 Subject: [PATCH 2/2] fix: update libevent pattern for android Update VERSION_PATTERN to handle null byte separators in Android libevent binaries. - Change pattern to match null byte (\x00) separators - Handle optional "Inserted events:" between version and "Active events:" - Add test cases for Android libevent formats Tested on Android API 28, 29, 30, 34 Partial fix for #5441 Signed-off-by: Jack <72348727+Jack-GitHub12@users.noreply.github.com> --- cve_bin_tool/checkers/libevent.py | 2 +- test/test_data/libevent.py | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/cve_bin_tool/checkers/libevent.py b/cve_bin_tool/checkers/libevent.py index 90924486fe..97778bd52c 100644 --- a/cve_bin_tool/checkers/libevent.py +++ b/cve_bin_tool/checkers/libevent.py @@ -21,6 +21,6 @@ class LibeventChecker(Checker): r"libevent using: %s[a-zA-Z%:. \r\n]*([0-9]+\.[0-9]+\.[0-9]+)-stable", r"([0-9]+\.[0-9]+\.[0-9]+)-stable[0-9a-zA-Z|~,;!&+=*%_<>():'. \[\]\-\r\n]*libevent using:", r"\blibevent[^0-9]*([0-9]+\.[0-9]+\.[0-9]+)-stable", - r"([0-9]+\.[0-9]+\.[0-9]+)-stable\r?\nActive events:", + r"([0-9]+\.[0-9]+\.[0-9]+)-stable[\x00\r\n]+(?:Inserted events:[\x00\r\n]+)?Active events:", ] VENDOR_PRODUCT = [("libevent_project", "libevent"), ("niels_provos", "libevent")] diff --git a/test/test_data/libevent.py b/test/test_data/libevent.py index d4a044bed7..e70a7a6d77 100644 --- a/test/test_data/libevent.py +++ b/test/test_data/libevent.py @@ -17,6 +17,16 @@ "version": "2.1.8", "version_strings": ["2.1.8-stable\nActive events:"], }, + { + "product": "libevent", + "version": "2.1.8", + "version_strings": ["2.1.8-stable\x00Inserted events:\n\x00Active events:\n"], + }, + { + "product": "libevent", + "version": "2.1.8", + "version_strings": ["2.1.8-stable\x00Active events:\n"], + }, ] package_test_data = [ {