diff --git a/cve_bin_tool/parsers/__init__.py b/cve_bin_tool/parsers/__init__.py index 98365a1511..edb65f4e3a 100644 --- a/cve_bin_tool/parsers/__init__.py +++ b/cve_bin_tool/parsers/__init__.py @@ -101,6 +101,15 @@ def generate_purl(self, product, vendor="", version="", qualifier={}, subpath=No ) return purl + def get_vendor(self, purl, product, version): + """Returns the finalised vendor after utilising various mechanisms.""" + vendor, result = self.find_vendor_from_purl(purl, version) + + if not result: + vendor = self.find_vendor(product, version) + + return self.mismatch(purl, vendor) + def find_vendor_from_purl(self, purl, ver) -> tuple[list[ScanInfo], bool]: """ Finds the vendor information for a given PackageURL (purl) and version from the database. diff --git a/cve_bin_tool/parsers/dart.py b/cve_bin_tool/parsers/dart.py index 4500988f42..91f79075a7 100644 --- a/cve_bin_tool/parsers/dart.py +++ b/cve_bin_tool/parsers/dart.py @@ -54,11 +54,7 @@ def run_checker(self, filename): product = package_name version = package_detail.get("version").replace('"', "") purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) - if not result: - vendor = self.find_vendor(product, version) - - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) if vendor: yield from vendor self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/go.py b/cve_bin_tool/parsers/go.py index 99090c8cbb..e01727f3a0 100644 --- a/cve_bin_tool/parsers/go.py +++ b/cve_bin_tool/parsers/go.py @@ -75,11 +75,7 @@ def run_checker(self, filename): product = line.split(" ")[0].split("/")[-1] version = line.split(" ")[1][1:].split("-")[0].split("+")[0] purl = self.generate_purl(product) - vendors, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendors = self.find_vendor(product, version) - vendors = self.mismatch(purl, vendors) + vendors = self.get_vendor(purl, product, version) if vendors is not None: yield from vendors self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/javascript.py b/cve_bin_tool/parsers/javascript.py index cd66887ece..c6287f5c2e 100644 --- a/cve_bin_tool/parsers/javascript.py +++ b/cve_bin_tool/parsers/javascript.py @@ -48,11 +48,7 @@ def run_checker(self, filename): product = data["name"] version = data["version"] purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendor = self.find_vendor(product, version) - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) else: vendor = None if vendor is not None: @@ -102,11 +98,7 @@ def run_checker(self, filename): for product, version in product_version_mapping: purl = self.generate_purl(product, "") - vendor, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendor = self.find_vendor(product, version) - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) if vendor is not None: yield from vendor self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/perl.py b/cve_bin_tool/parsers/perl.py index 0354188745..b018871619 100644 --- a/cve_bin_tool/parsers/perl.py +++ b/cve_bin_tool/parsers/perl.py @@ -59,11 +59,7 @@ def run_checker(self, filename): product = dependency[0] version = dependency[1] purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendor = self.find_vendor(product, version) - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) if vendor is not None: yield from vendor self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/php.py b/cve_bin_tool/parsers/php.py index da92ef7bb3..37a4d4acb6 100644 --- a/cve_bin_tool/parsers/php.py +++ b/cve_bin_tool/parsers/php.py @@ -58,11 +58,7 @@ def run_checker(self, filename): if "dev" in version: continue purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendor = self.find_vendor(product, version) - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) if vendor is not None: yield from vendor self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/python.py b/cve_bin_tool/parsers/python.py index 2fe88d1f3e..827d717224 100644 --- a/cve_bin_tool/parsers/python.py +++ b/cve_bin_tool/parsers/python.py @@ -100,12 +100,8 @@ def run_checker(self, filename): product = line["metadata"]["name"] version = line["metadata"]["version"] purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) + vendor = self.get_vendor(purl, product, version) - if not result: - vendor = self.find_vendor(product, version) - - vendor = self.mismatch(purl, vendor) if vendor is not None: yield from vendor self.logger.debug(f"Done scanning file: {self.filename}") @@ -157,12 +153,7 @@ def run_checker(self, filename): product = search(compile(r"^Name: (.+)$", MULTILINE), lines).group(1) version = search(compile(r"^Version: (.+)$", MULTILINE), lines).group(1) purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendor = self.find_vendor(product, version) - - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) if vendor is not None: yield from vendor diff --git a/cve_bin_tool/parsers/r.py b/cve_bin_tool/parsers/r.py index 199f7064f5..4b08f3393a 100644 --- a/cve_bin_tool/parsers/r.py +++ b/cve_bin_tool/parsers/r.py @@ -61,12 +61,7 @@ def run_checker(self, filename): product = content["Packages"][package]["Package"] version = content["Packages"][package]["Version"] purl = self.generate_purl(product) - vendor, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendor = self.find_vendor(product, version) - - vendor = self.mismatch(purl, vendor) + vendor = self.get_vendor(purl, product, version) if vendor is not None: yield from vendor self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/ruby.py b/cve_bin_tool/parsers/ruby.py index 4285e7a507..0efa8c4046 100644 --- a/cve_bin_tool/parsers/ruby.py +++ b/cve_bin_tool/parsers/ruby.py @@ -73,11 +73,7 @@ def run_checker(self, filename): product = line.strip().split()[0] version = line.strip().split("(")[1][:-1] purl = self.generate_purl(product) - vendors, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendors = self.find_vendor(product, version) - vendors = self.mismatch(purl, vendors) + vendors = self.get_vendor(purl, product, version) if vendors is not None: yield from vendors self.logger.debug(f"Done scanning file: {self.filename}") diff --git a/cve_bin_tool/parsers/rust.py b/cve_bin_tool/parsers/rust.py index 633430c2d8..20f8b155b3 100644 --- a/cve_bin_tool/parsers/rust.py +++ b/cve_bin_tool/parsers/rust.py @@ -66,12 +66,7 @@ def run_checker(self, filename): continue purl = self.generate_purl(product) - vendors, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendors = self.find_vendor(product, version) - - vendors = self.mismatch(purl, vendors) + vendors = self.get_vendor(purl, product, version) if vendors is not None: yield from vendors product = "" diff --git a/cve_bin_tool/parsers/swift.py b/cve_bin_tool/parsers/swift.py index 64e400df67..bbe6d6b2e9 100644 --- a/cve_bin_tool/parsers/swift.py +++ b/cve_bin_tool/parsers/swift.py @@ -74,11 +74,7 @@ def run_checker(self, filename): self.logger.debug(domain) purl = self.generate_purl(product) - vendors, result = self.find_vendor_from_purl(purl, version) - - if not result: - vendors = self.find_vendor(product, version) - vendors = self.mismatch(purl, vendors) + vendors = self.get_vendor(purl, product, version) if vendors is not None: yield from vendors self.logger.debug(f"Done scanning file: {self.filename}")