feat: add multiline string finder in helper script

cve_bin_tool/helper_script.py

@@ -75,7 +75,9 @@ def extract_and_parse_file(self, filename: str) -> list[str] | None:
                         LOGGER.debug(f"{clean_path} <--- this is an ELF binary")
                         file_content = self.version_scanner.parse_strings(filepath)
 
-                        matches = self.search_pattern(file_content, self.product_name)
+                        matches = self.search_pattern(
+                            file_content, self.product_name, self.version_number
+                        )
 
                         # searching for version strings in the found matches
                         version_string = self.search_version_string(matches)
@@ -106,13 +108,28 @@ def extract_and_parse_file(self, filename: str) -> list[str] | None:
                     return self.contains_patterns
                 return binary_string_list
 
-    def search_pattern(self, file_content: str, pattern: str) -> list[str]:
+    def search_pattern(
+        self, file_content: str, pattern: str, version_pattern: str
+    ) -> list[str]:
         """find strings for CONTAINS_PATTERNS with product_name in them"""
 
         file_content_list = file_content.split("\n")
-        matches = [
-            i.strip() for i in file_content_list if re.search(pattern, i, re.IGNORECASE)
-        ]
+        line_count = len(file_content_list)
+        matches = []
+        for i, line in enumerate(file_content_list):
+            if not re.search(pattern, line, re.IGNORECASE):
+                continue
+            striped_line = line.strip()
+            matches.append(striped_line)
+            if i == line_count - 1:
+                continue
+            next_line = file_content_list[i + 1]
+            if not re.search(version_pattern, next_line, re.IGNORECASE):
+                continue
+            striped_next_line = next_line.rstrip()
+            line = "\r?\n".join([striped_line, striped_next_line])
+            matches.append(line)
+
         LOGGER.debug(
             f"found matches = {matches}"
         )  # TODO: regex highlight in these matched strings?
@@ -121,8 +138,6 @@ def search_pattern(self, file_content: str, pattern: str) -> list[str]:
     def search_version_string(self, matched_list: list[str]) -> list[str]:
         """finds version strings from matched list"""
 
-        # TODO: add multiline string finding
-
         pattern1 = rf"{self.product_name}(.*){self.version_number}"
         # ^ this does not work for debian packages
 
@@ -134,11 +149,12 @@ def search_version_string(self, matched_list: list[str]) -> list[str]:
         # product.1.2.3
         # product version 1.2.3
         # product v1.2.3(1)
+        # <artifactId>product</artifactId>\n  <version>1.2.3</version>
 
         version_strings = [
             i
             for i in matched_list
-            if re.search(pattern1, i, re.IGNORECASE)
+            if re.search(pattern1, i, re.IGNORECASE | re.DOTALL)
             if not i.endswith(
                 ".debug"
             )  # removes .debug, so, this does not gets printed
@@ -319,6 +335,7 @@ def output_single(self) -> None:
         # output: version-strings
         print("\tVERSION_PATTERNS = [")
         for version_string in self.version_pattern:
+            version_string = version_string.replace("\r?\n", "\\r?\\n")
             rprint(f'\t\t[green]r"{version_string}"[/],')
         print("\t]")