Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chrome extensions support #534

Open
wants to merge 28 commits into
base: main
Choose a base branch
from
Open

Chrome extensions support #534

wants to merge 28 commits into from

Conversation

alessandro-Doyensec
Copy link
Contributor

Extraction of chrome extensions support for scalibr

Resources:

Notes:

I used runtime.GOOS to detect the operating system where scalibr is running. This approach works when the scan target is the host machine, but it doesn't function as expected when scanning a remote image.

Do scalibr plugins have a way to detect if the scan target is running a different operating system than the host?

@alessandro-Doyensec
add: first chrome extension implementation
0c1a8b9
@alessandro-Doyensec
improve support for locale
b37be80 
add: better id constraints
@alessandro-Doyensec
edit: move extension id format check in filerequired
d4f1544
@alessandro-Doyensec
improove manifest validation
0d29f67
@alessandro-Doyensec
remove: too many locales
33586b5
@alessandro-Doyensec
edit: improve error messages
4a9eaa3
@alessandro-Doyensec
add: chrome extensions to supported inventory types
31d0369
@alessandro-Doyensec
fix: escape dot in regex
da9e721
@alessandro-Doyensec
add: PURL function
0237557
@alessandro-Doyensec
fix: set metadata as pointer
f39687d
@alessandro-Doyensec
edit: remove duplicate info from metadata
2c483ca
@alessandro-Doyensec
add: chrome extensions metadata in protobuf
1d81e96
@alessandro-Doyensec
Merge remote-tracking branch 'origin/main' into chrome-extensions-sup…
f6079e0 
…port
@alessandro-Doyensec
edit: alias extensions package
ed16112
@alessandro-Doyensec
Merge remote-tracking branch 'origin/main' into chrome-extensions-sup…
2f19b1e 
…port
@alessandro-Doyensec
edit: remove unused fields in manifest
f9787db
@alessandro-Doyensec
Copy link
Contributor Author

Hey @erikvarga I still have a test failing in windows

=== RUN   TestExtractor_Extract
=== RUN   TestExtractor_Extract/no_locale_specified
=== RUN   TestExtractor_Extract/default_locale_specified_but_no_message_file_provided
=== RUN   TestExtractor_Extract/locale_specified
    extensions_test.go:149: chrome/extensions.Extract("testdata/ghbmnnjooekpmoecnnnilnnbdlolhkhi/1.89.1/manifest.json") error diff (-want +got):
          any(
        + 	e`could not extract locale info from testdata/ghbmnnjooekpmoecnnnilnnbdlolhkhi/1.89.1/manifest.json: open testdata\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1\_locales\en_US\message.json: invalid argument`,
          )
--- FAIL: TestExtractor_Extract (0.02s)
    --- PASS: TestExtractor_Extract/no_locale_specified (0.01s)
    --- PASS: TestExtractor_Extract/default_locale_specified_but_no_message_file_provided (0.00s)
    --- FAIL: TestExtractor_Extract/locale_specified (0.00s)
FAIL
FAIL	github.com/google/osv-scalibr/extractor/filesystem/misc/chrome/extensions	0.561s
FAIL

this is the patch that fixes it

diff --git a/extractor/filesystem/misc/chrome/extensions/extensions.go b/extractor/filesystem/misc/chrome/extensions/extensions.go
index a910b29..7aa0ac7 100644
--- a/extractor/filesystem/misc/chrome/extensions/extensions.go
+++ b/extractor/filesystem/misc/chrome/extensions/extensions.go
@@ -180,6 +180,7 @@ func extractExtensionsIDFromPath(input *filesystem.ScanInput) (string, error) {
 // following manifest.json v3 specification
 func extractLocaleInfo(m *manifest, input *filesystem.ScanInput) error {
 	messagePath := filepath.Join(filepath.Dir(input.Path), "_locales", m.DefaultLocale, "message.json")
+	messagePath = filepath.ToSlash(messagePath)
 
 	f, err := input.FS.Open(messagePath)
 	if err != nil {

which to me seems kinda odd, do you have any idea why using filepath.ToSlash is required before calling input.FS.Open?

@erikvarga
Copy link
Collaborator

I think the issue is that the fs.FS interface expects all paths to be normalized to use forward slashes. On Windows iflepath.Join would add backwards slashes which is not what fs.FS expects. So you can either concatenate the paths with "/" directly or call filepth.ToSlash as you do there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tooryx tooryx tooryx left review comments

@erikvarga erikvarga erikvarga left review comments

@vpasdf vpasdf vpasdf left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@alessandro-Doyensec @erikvarga @tooryx @vpasdf