cve-bin-tool icon indicating copy to clipboard operation
cve-bin-tool copied to clipboard
verified publisher icon intel

Consider rewrite to use lief framework

Open prabhu opened this issue 2 years ago • 1 comments

From my understanding, this project invokes the strings command with a native Python implementation as a fallback. Using strings is a rudimentary approach with high false negatives and false positives with even possibilities of CVE.

Consider rewriting this project to use a proper binary parser such as lief. https://lief-project.github.io//doc/latest/getting_started.html#python

prabhu avatar Jul 10 '23 17:07 prabhu

@prabhu This looks an interesting approach but represents a very different technique to the current approach implemented by the tool (using string based checkers). Would be interested in seeing examples where lief identifies components which the checkers do not currently detect noting that the checkers report the product, version and vendor. Can lief do this?

UPDATE lief looks very similar to objdump or readelf utilities. I don't think the detail is sufficient to map the libraries to products/versions

anthonyharrison avatar Jul 11 '23 08:07 anthonyharrison