From 53d55490af761f2d84265c7a57efc1726e44bfca Mon Sep 17 00:00:00 2001
From: Jack <72348727+Jack-GitHub12@users.noreply.github.com>
Date: Wed, 10 Dec 2025 16:54:00 -0600
Subject: [PATCH 1/2] fix: update pcre2 pattern for android (#5441)

Add pattern to detect libpcre2 version in Android libraries where the
version string format differs from standard Linux binaries.

- Add FILENAME_PATTERNS to match pcre2 library files
- Add VERSION_PATTERNS for Android format with version+date and
  "this version of PCRE2" error message as anchor
- Add test case for Android libpcre2 format

Signed-off-by: Jack <72348727+Jack-GitHub12@users.noreply.github.com>
---
 cve_bin_tool/checkers/pcre2.py |  8 ++++++--
 test/test_data/pcre2.py        | 12 +++++++++++-
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/cve_bin_tool/checkers/pcre2.py b/cve_bin_tool/checkers/pcre2.py
index 298d0bd131..5bc427e512 100644
--- a/cve_bin_tool/checkers/pcre2.py
+++ b/cve_bin_tool/checkers/pcre2.py
@@ -15,6 +15,10 @@
 
 class Pcre2Checker(Checker):
     CONTAINS_PATTERNS: list[str] = []
-    FILENAME_PATTERNS: list[str] = []
-    VERSION_PATTERNS = [r"BSR_UNICODE\)\r?\n([0-9]+\.[0-9]+)"]
+    FILENAME_PATTERNS: list[str] = [r"pcre2"]
+    VERSION_PATTERNS = [
+        r"BSR_UNICODE\)\r?\n([0-9]+\.[0-9]+)",
+        r"DEFINE\r?\n([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}",
+        r"([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}\r?\nBSR_ANYCRLF",
+    ]
     VENDOR_PRODUCT = [("pcre", "pcre2")]
diff --git a/test/test_data/pcre2.py b/test/test_data/pcre2.py
index 424b75f11c..0fe3f71e56 100644
--- a/test/test_data/pcre2.py
+++ b/test/test_data/pcre2.py
@@ -2,7 +2,17 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 mapping_test_data = [
-    {"product": "pcre2", "version": "10.22", "version_strings": ["BSR_UNICODE)\n10.22"]}
+    {"product": "pcre2", "version": "10.22", "version_strings": ["BSR_UNICODE)\n10.22"]},
+    {
+        "product": "pcre2",
+        "version": "10.33",
+        "version_strings": ["DEFINE\n10.33 2019-04-16"],
+    },
+    {
+        "product": "pcre2",
+        "version": "10.40",
+        "version_strings": ["10.40 2022-04-14\nBSR_ANYCRLF"],
+    },
 ]
 package_test_data = [
     {

From da69ef9021ec3b2afdc0a0bf85c3bbad0550a7e1 Mon Sep 17 00:00:00 2001
From: Jack <72348727+Jack-GitHub12@users.noreply.github.com>
Date: Thu, 11 Dec 2025 22:07:24 -0600
Subject: [PATCH 2/2] fix: update pcre2 pattern for android

Add support for detecting pcre2 versions in Android binaries which use
null byte separators instead of newlines. Each Android API version has
different string layouts requiring separate patterns.

Tested on Android APIs 28, 29, 30, and 34.

Signed-off-by: Jack <72348727+Jack-GitHub12@users.noreply.github.com>
---
 cve_bin_tool/checkers/pcre2.py |  9 ++++++---
 test/test_data/pcre2.py        | 26 +++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/cve_bin_tool/checkers/pcre2.py b/cve_bin_tool/checkers/pcre2.py
index 5bc427e512..ce6e7ccd86 100644
--- a/cve_bin_tool/checkers/pcre2.py
+++ b/cve_bin_tool/checkers/pcre2.py
@@ -17,8 +17,11 @@ class Pcre2Checker(Checker):
     CONTAINS_PATTERNS: list[str] = []
     FILENAME_PATTERNS: list[str] = [r"pcre2"]
     VERSION_PATTERNS = [
-        r"BSR_UNICODE\)\r?\n([0-9]+\.[0-9]+)",
-        r"DEFINE\r?\n([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}",
-        r"([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}\r?\nBSR_ANYCRLF",
+        r"BSR_UNICODE\)[\x00\r\n]+([0-9]+\.[0-9]+)",
+        r"DEFINE[\x00\r\n]+([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}",
+        r"([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}[\x00\r\n]+BSR_ANYCRLF",
+        r"Unicode not supported[\x00\r\n]+([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}",
+        r"BSR_ANYCRLF\)[\x00\r\n]+([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}",
+        r"NOTEMPTY_ATSTART\)[\x00\r\n]+([0-9]+\.[0-9]+) [0-9]{4}-[0-9]{2}-[0-9]{2}",
     ]
     VENDOR_PRODUCT = [("pcre", "pcre2")]
diff --git a/test/test_data/pcre2.py b/test/test_data/pcre2.py
index 0fe3f71e56..1cf753014f 100644
--- a/test/test_data/pcre2.py
+++ b/test/test_data/pcre2.py
@@ -2,7 +2,11 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 mapping_test_data = [
-    {"product": "pcre2", "version": "10.22", "version_strings": ["BSR_UNICODE)\n10.22"]},
+    {
+        "product": "pcre2",
+        "version": "10.22",
+        "version_strings": ["BSR_UNICODE)\n10.22"],
+    },
     {
         "product": "pcre2",
         "version": "10.33",
@@ -13,6 +17,26 @@
         "version": "10.40",
         "version_strings": ["10.40 2022-04-14\nBSR_ANYCRLF"],
     },
+    {
+        "product": "pcre2",
+        "version": "10.22",
+        "version_strings": ["Unicode not supported\x0010.22 2016-07-29"],
+    },
+    {
+        "product": "pcre2",
+        "version": "10.32",
+        "version_strings": ["BSR_ANYCRLF)\x0010.32 2018-09-10"],
+    },
+    {
+        "product": "pcre2",
+        "version": "10.33",
+        "version_strings": ["DEFINE\x0010.33 2019-04-16"],
+    },
+    {
+        "product": "pcre2",
+        "version": "10.40",
+        "version_strings": ["NOTEMPTY_ATSTART)\x0010.40 2022-04-14"],
+    },
 ]
 package_test_data = [
     {