Consider rewrite to use lief framework

intel / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

https://cve-bin-tool.readthedocs.io/en/latest/

GNU General Public License v3.0

1.18k stars 454 forks source link

Consider rewrite to use lief framework #3142

Open prabhu opened 1 year ago

prabhu commented 1 year ago

From my understanding, this project invokes the strings command with a native Python implementation as a fallback. Using strings is a rudimentary approach with high false negatives and false positives with even possibilities of CVE.

Consider rewriting this project to use a proper binary parser such as lief. https://lief-project.github.io//doc/latest/getting_started.html#python

anthonyharrison commented 1 year ago

@prabhu This looks an interesting approach but represents a very different technique to the current approach implemented by the tool (using string based checkers). Would be interested in seeing examples where lief identifies components which the checkers do not currently detect noting that the checkers report the product, version and vendor. Can lief do this?

UPDATE lief looks very similar to objdump or readelf utilities. I don't think the detail is sufficient to map the libraries to products/versions