fix: improved efficiency of docker mount in known vulns plugin

src/plugins/analysis/known_vulnerabilities/code/known_vulnerabilities.py

@@ -51,7 +51,7 @@ def get_matched_vulnerabilities(self, yara_result: list[tuple[str, dict]], file_
 
         # CVE-2021-45608 NetUSB
         if 'NetUSB' in software_components_results:
-            matched_vulnerabilities.extend(self._check_netusb_vulnerability(file_object.binary))
+            matched_vulnerabilities.extend(self._check_netusb_vulnerability(file_object.file_path))
 
         # CVE-2024-3094 XZ Backdoor secondary detection
         if 'liblzma' in software_components_results and not any(vuln == 'xz_backdoor' for vuln, _ in yara_result):
@@ -97,18 +97,17 @@ def _check_vulnerabilities(processed_analysis):
 
         return matched_vulnerabilities
 
-    def _check_netusb_vulnerability(self, input_file_data: bytes) -> list[tuple[str, dict]]:
+    def _check_netusb_vulnerability(self, file_path: str) -> list[tuple[str, dict]]:
         with TemporaryDirectory(prefix='known_vulns_', dir=config.backend.docker_mount_base_dir) as tmp_dir:
             tmp_dir_path = Path(tmp_dir)
-            ghidra_input_file = tmp_dir_path / 'ghidra_input'
-            ghidra_input_file.write_bytes(input_file_data)
             with suppress(DockerException, TimeoutError):
                 run_docker_container(
                     'fact/known-vulnerabilities',
                     logging_label=self.NAME,
                     timeout=60,
                     mounts=[
                         Mount('/io', tmp_dir, type='bind'),
+                        Mount('/io/ghidra_input', file_path, type='bind', read_only=True),
                     ],
                 )
 
@@ -140,7 +139,7 @@ def _check_xz_backdoor(software_results: dict) -> list[tuple[str, dict]]:
                     'description': 'CVE-2024-3094: a malicious backdoor was planted into the xz compression library',
                     'score': 'high',
                     # the vulnerability is only contained in certain versions built for debian; a more reliable
-                    # yara rule is in the signatures files
+                    # yara rule is in the signature files
                     'reliability': 20,
                     'link': 'https://nvd.nist.gov/vuln/detail/CVE-2024-3094',
                     'short_name': 'XZ Backdoor',

src/plugins/analysis/known_vulnerabilities/test/test_known_vulnerabilities.py

@@ -65,25 +65,22 @@ def test_process_object_hash(self, analysis_plugin):
         assert not results['tags']['Netgear_CGI']['propagate']
 
     def test_netusb_vulnerable(self, analysis_plugin):
-        test_file = FileObject(file_path=str(TEST_DATA_DIR / 'netusb_vulnerable.elf'))
-        assert test_file.binary is not None
-        result = analysis_plugin._check_netusb_vulnerability(test_file.binary)
+        test_path = TEST_DATA_DIR / 'netusb_vulnerable.elf'
+        result = analysis_plugin._check_netusb_vulnerability(str(test_path))
         assert len(result) == 1
         assert result[0][0] == 'CVE-2021-45608'
         assert result[0][1]['additional_data']['is_vulnerable'] is True
 
     def test_netusb_not_vulnerable(self, analysis_plugin):
-        test_file = FileObject(file_path=str(TEST_DATA_DIR / 'netusb_not_vulnerable.elf'))
-        assert test_file.binary is not None
-        result = analysis_plugin._check_netusb_vulnerability(test_file.binary)
+        test_path = TEST_DATA_DIR / 'netusb_not_vulnerable.elf'
+        result = analysis_plugin._check_netusb_vulnerability(str(test_path))
         assert len(result) == 1
         assert result[0][0] == 'CVE-2021-45608'
         assert result[0][1]['additional_data']['is_vulnerable'] is False
 
     def test_netusb_error(self, analysis_plugin):
-        test_file = FileObject(file_path=str(TEST_DATA_DIR / 'testfile'))
-        assert test_file.binary is not None
-        result = analysis_plugin._check_netusb_vulnerability(test_file.binary)
+        test_path = TEST_DATA_DIR / 'testfile'
+        result = analysis_plugin._check_netusb_vulnerability(str(test_path))
         assert len(result) == 0
 
     def test_xz_backdoor_1st(self, analysis_plugin):