Fix the parsing logic of FreeBSD pkg-audit (#1334)

* fix scanUnsecurePackages for FreeBSD pkg audit output change

* Add test case TestParseBlock for FreeBSD pkg audit output change

* Fix for no CVE in a block

* fix(scan): parse logic of pkg-audit

* fix

ca761fb218

Co-authored-by: User Kurita <kurita@vuls0.digitiminimi.com>

scanner/freebsd.go

@@ -1,6 +1,8 @@
 package scanner
 
 import (
+	"bufio"
+	"fmt"
 	"net"
 	"strings"
 
@@ -207,7 +209,7 @@ func (o *bsd) scanUnsecurePackages() (models.VulnInfos, error) {
 	blocks := o.splitIntoBlocks(r.Stdout)
 	for _, b := range blocks {
 		name, cveIDs, vulnID := o.parseBlock(b)
-		if len(cveIDs) == 0 {
+		if name == "" || len(cveIDs) == 0 {
 			continue
 		}
 		pack, found := o.Packages[name]
@@ -331,20 +333,21 @@ type pkgAuditResult struct {
 }
 
 func (o *bsd) splitIntoBlocks(stdout string) (blocks []string) {
-	lines := strings.Split(stdout, "\n")
-	block := []string{}
-	for _, l := range lines {
-		if len(strings.TrimSpace(l)) == 0 {
-			if 0 < len(block) {
-				blocks = append(blocks, strings.Join(block, "\n"))
-				block = []string{}
-			}
+	scanner := bufio.NewScanner(strings.NewReader(stdout))
+	for scanner.Scan() {
+		line := strings.TrimSpace(scanner.Text())
+		if strings.HasSuffix(line, " is vulnerable:") {
+			blocks = append(blocks, line)
 			continue
 		}
-		block = append(block, strings.TrimSpace(l))
-	}
-	if 0 < len(block) {
-		blocks = append(blocks, strings.Join(block, "\n"))
+
+		if len(blocks) == 0 {
+			continue
+		}
+
+		last := blocks[len(blocks)-1]
+		last = fmt.Sprintf("%s\n%s", last, line)
+		blocks[len(blocks)-1] = last
 	}
 	return
 }