parseDpkgMd5sums parses `/var/lib/dpkg/*/*.md5sums` file. `*.md5sums` files don't contain links (see https://github.com/aquasecurity/trivy/pull/9131#discussion_r2182557288). But Trivy doesn't support links, so this will not cause problems. TODO use `*.list` files instead of `*.md5sums` files when T
(scanner *bufio.Scanner)
| 189 | // But Trivy doesn't support links, so this will not cause problems. |
| 190 | // TODO use `*.list` files instead of `*.md5sums` files when Trivy will support links. |
| 191 | func (a dpkgAnalyzer) parseDpkgMd5sums(scanner *bufio.Scanner) ([]string, error) { |
| 192 | var installedFiles []string |
| 193 | for scanner.Scan() { |
| 194 | current := scanner.Text() |
| 195 | |
| 196 | // md5sums file use the following format: |
| 197 | // <digest> <filepath> (2 spaces) |
| 198 | // cf. https://man7.org/linux/man-pages/man5/deb-md5sums.5.html |
| 199 | _, file, ok := strings.Cut(current, " ") |
| 200 | if !ok { |
| 201 | return nil, xerrors.Errorf("invalid md5sums line format: %s", current) |
| 202 | } |
| 203 | installedFiles = append(installedFiles, "/"+file) // md5sums files don't contain leading slash |
| 204 | } |
| 205 | |
| 206 | if err := scanner.Err(); err != nil { |
| 207 | return nil, xerrors.Errorf("scan error: %w", err) |
| 208 | } |
| 209 | |
| 210 | sort.Strings(installedFiles) |
| 211 | return installedFiles, nil |
| 212 | } |
| 213 | |
| 214 | // parseDpkgAvailable parses /var/lib/dpkg/available |
| 215 | func (a dpkgAnalyzer) parseDpkgAvailable(fsys fs.FS) (map[string]digest.Digest, error) { |
no test coverage detected