CN114780139A - Mirror image component analysis method, system and storage medium - Google Patents
Mirror image component analysis method, system and storage medium Download PDFInfo
- Publication number
- CN114780139A CN114780139A CN202210339814.2A CN202210339814A CN114780139A CN 114780139 A CN114780139 A CN 114780139A CN 202210339814 A CN202210339814 A CN 202210339814A CN 114780139 A CN114780139 A CN 114780139A
- Authority
- CN
- China
- Prior art keywords
- layer
- mirror image
- information
- component
- name
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/75—Structural analysis for program understanding
Abstract
The application discloses a method, a system and a storage medium for analyzing mirror image components, which relate to the field of software analysis and comprise the following steps: acquiring a mirror image file; inquiring a plurality of hash values arranged in the image file according to a preset sequence; matching the level information of the image level corresponding to the hash value from the image file in sequence; adding a preset script in the layer 0; mounting the layer 0 and other layers pairwise to form a plurality of temporary mirror images respectively, calling a package manager through a first query script to obtain component information of a new added layer in the temporary mirror images, and adding the component information to the new added layer, wherein the component information comprises a component name, a component license and a version; and reading the component information from the new added layer after the hierarchical mounting is cancelled. The hierarchical information is recombined into two mounted mirror images, the component information is acquired in an internal query mode and stored in a hierarchical directory, and then the component information is acquired by external reading, so that component analysis of the mirror images is realized.
Description
Technical Field
The present application relates to the field of software analysis, and in particular, to a method, a system, and a storage medium for analyzing mirror components.
Background
The container is a product appearing under the trend of new era development, and has the characteristics of high availability and low cost. Containers are created on the basis of images, i.e. processes in the container depend on files in the image. While the source risk and safety risk are in the row, the main risk for the container at present is that the safety risk exists by using a third-party component and the component of the container is defective. Therefore, the container needs to be analyzed to know its components.
At present, the common detection technology is sca (software component analysis), however, the detection object of sca is generally a code or a file, which is extracted by decompressing the code and the file and then training the obtained object by a model from semantics as the code or the file feature. However, in order to actually acquire the container entirety, that is, the complete component information in a virtual environment formed by a plurality of components rather than the code, the container is analyzed by using the conventional SCA, and a situation that the container is split into individual individuals by the conventional SCA and then the individuals are analyzed occurs, so that the container components cannot be completely and accurately detected.
Disclosure of Invention
In order to acquire component information in a mirror image, the application provides an analysis method, a system and a storage medium of mirror image components.
In a first aspect, the present application provides a method for analyzing mirror image components, which adopts the following technical scheme:
a method of analyzing specular components, comprising the steps of:
acquiring a mirror image file;
querying a plurality of hash values arranged in the image file according to a preset sequence, wherein each hash value corresponds to one image level in the image file, and respectively defining the corresponding image levels as 0 layer, 1 layer, a text, and an M layer according to the preset sequence in which the hash values are arranged, wherein M is a positive integer and is at least 1;
matching the hierarchical information of the image levels corresponding to the hash values one by one from the image files in sequence;
adding a preset script in the layer 0, wherein the preset script comprises a first query script for querying component information in a hierarchy;
mounting 0 layer and other layers pairwise to form a plurality of temporary mirror images respectively, wherein the 0 layer in the temporary mirror images is a bottom layer, and the layer above the 0 layer is named as a newly added layer;
calling a package manager through a first query script to acquire component information of a new added layer in the temporary mirror image, and adding the component information to the new added layer, wherein the component information comprises a component name, a component license and a version;
reading component information from the new added layer after the hierarchical mounting is cancelled;
the component information is taken as result information and the result information is output.
By adopting the technical scheme, the hierarchical information is recombined into two mounted mirror images, the component information is acquired in an internal query mode and is stored in the hierarchical directory, and then the component information is acquired by external reading, so that the component analysis of the mirror images is realized.
Optionally, the obtaining of the component information of the new added layer in the temporary mirror image includes the following steps:
acquiring all data sets of the temporary mirror image;
and removing preset basic data from all data sets of the temporary mirror image, and taking the remaining data as software information of a new added layer, wherein the preset basic data is stored in the query script.
Optionally, before outputting the result information, the method further includes the following steps:
comparing the component information of the n layers with the component information of the n +1 layers to obtain component increase and decrease information corresponding to the n +1 layers, wherein n =0 initially;
after the increase and decrease information of the components of the n +1 layer is obtained, whether n +1 is equal to L or not is judged,
if n +1 is not equal to L, n = n +1, and the component information of the n layer is compared with the component information of the n +1 layer again to obtain component increase and decrease information corresponding to the current n +1 layer;
and if n +1 is equal to L, adding the increase and decrease information of the components corresponding to all the hierarchies into the result information.
Optionally, the query script further includes a second query script for querying a dependency relationship corresponding to the variable according to the input variable;
after reading the component information from the new added layer, the method also comprises the following steps:
inputting the component names serving as variables into a second query script, and acquiring the dependency corresponding to each component name through the second query script;
and adding the dependency corresponding to each component name into the result information.
Optionally, the method includes the steps of inputting the component names as variables into a second query script, and obtaining the dependency corresponding to each component name through the second query script, including:
after the mounting is cancelled, transmitting variables for representing the component names to a preset script of a 0 layer;
secondly, the layer 0 and the newly added layer are mounted pairwise in a combined mode, the second query script obtains the dependency corresponding to the component name represented by the variable through calling a package manager, and the dependency is stored in the newly added layer;
and after the mounting is cancelled again, reading the dependency relationship in the new added layer.
Optionally, acquiring the image file includes the following steps:
acquiring mirror image name, judging whether mirror image files with names consistent with the input mirror image name exist in the local mirror image warehouse or not,
if the local mirror image warehouse has a mirror image file with the name consistent with the input mirror image name, calling the mirror image file;
if the image file with the name consistent with the input image name does not exist in the local image warehouse, judging whether the image file with the name consistent with the input image name exists in the remote image warehouse or not,
if the image file with the name consistent with the input image name exists in the remote image warehouse, pulling the information of the corresponding image file into the local image warehouse;
and if the image file with the name consistent with the input image name does not exist in the remote image warehouse, reporting an error.
Optionally, if the local mirror image warehouse has a mirror image file with a consistent name, or the remote mirror image warehouse has a mirror image file with a consistent name, the method further includes the following steps:
acquiring identification codes of image files with consistent names;
judging whether the identification code is consistent with the preset code,
if the identification code is not consistent with the preset code, the corresponding mirror image warehouse is considered to have no mirror image file with consistent name;
and if the identification code is consistent with the preset code, determining that the corresponding mirror image warehouse has the mirror image file with the consistent name.
Optionally, after the preset script is placed in the layer 0, the method further includes the following steps:
matching a plurality of keywords preset in a preset script in the 0-layer system basic information, and determining the operating system of the current mirror image according to the keywords with consistent matching, wherein the keywords preset in the preset script respectively correspond to one operating system;
and calling the package manager corresponding to the operating system by the preset script during the combined mounting.
In a second aspect, the present application provides a system for analyzing mirror image components, which adopts the following technical solutions:
an analysis system for mirror image components, comprising the following modules:
the matching module is used for matching a corresponding mirror image file from the mirror image warehouse according to the mirror image name input by the user;
the layering module is used for inquiring hash values corresponding to the layers one by one from the image file and acquiring the layer information of the corresponding layers according to the hash values; wherein, the level at the lowest layer of the image file is level 0.
The embedded module is used for adding a preset script into the layer 0;
a mounting module for mounting the level information of the layer 0 and the level information of other levels in a pairwise combination to form a temporary mirror image,
the operation module is used for operating the container formed by the temporary mirror image;
the disassembly module is used for canceling the mounting of the running temporary mirror image so as to output a new added layer and a 0 layer;
and the processing module is used for reading and processing the data of the newly added layer output in the disassembling module and outputting component information.
And the output module is used for outputting the component information as result information.
In a third aspect, the present application provides a computer readable storage medium storing a computer program that can be loaded by a processor and executed to perform any of the analysis methods for image components described above.
In summary, the present application includes at least one of the following beneficial technical effects: the hierarchical information is recombined into two mounted mirror images, the component information is acquired in an internal query mode and stored in a hierarchical directory, and then the component information is acquired through external reading, so that component analysis of the mirror images is realized.
Drawings
FIG. 1 is a flow chart of steps in an embodiment of the present application.
FIG. 2 is a logic diagram of obtaining an image file according to an embodiment of the present application.
Detailed Description
The present application is described in further detail below with reference to fig. 1-2.
A method for inspecting a mirror image assembly, see fig. 1, comprising the steps of:
and S100, acquiring the mirror image file.
The mode of obtaining the image file comprises direct obtaining and indirect obtaining.
The direct acquisition mode is that the user directly stores the mirror image file to be detected into the local mirror image warehouse in an uploading, dragging and other modes.
The indirect acquisition mode is to acquire the mirror image name input by the user and then match a prestored mirror image file based on the mirror image name.
In practice, the content input by the user is not limited to the mirror name, and the user may input the mirror label or input the mirror label and the mirror name together. However, in any input content, the corresponding matching manner is similar, and in this embodiment, only the mirror name is taken as an example of the input content for specific description.
The operation of matching the pre-stored image file based on the image name is performed by a Docker daemon.
After acquiring the mirror image name input by the user, the Docker daemon matches the mirror image file with the consistent name in the mirror image warehouse according to the mirror image name.
In one embodiment, matching a pre-stored container image based on the image name, see fig. 2, comprises the steps of:
s110, judging whether the mirror image file with the name consistent with the input mirror image name exists in the local mirror image warehouse or not.
S120, if the image file with the name consistent with the input image name exists in the local image warehouse, the step 200 is executed on the image file with the name consistent with the input image name in the local image warehouse.
S130, if the image file with the name consistent with the input image name does not exist in the local image warehouse, judging whether the image file with the name consistent with the input image name exists in the remote image warehouse or not.
The mirror image warehouse comprises a local mirror image warehouse and a remote mirror image warehouse, and when corresponding mirror image files are obtained according to mirror image names, the Docker daemon process preferentially searches whether mirror image files with consistent names exist in the local mirror image warehouse or not. And when the image files with the consistent names do not exist in the local image warehouse, the Docker daemon process searches whether the image files with the consistent names exist in the remote image warehouse or not.
The remote mirror repository defaults to a public Docker repository (Docker hub). Of course, the user may also define the remote mirror warehouse as another Docker warehouse according to the actual situation.
And S140, if the image file with the name consistent with the input image name exists in the remote image warehouse, pulling the information of the corresponding image file into the local image warehouse.
When an image file with a name consistent with the input image name exists in the remote image warehouse, the Docker daemon process pulls the information of the corresponding image file into the local image warehouse.
And S150, if the image file with the name consistent with the input image name does not exist in the remote image warehouse, reporting an error.
If the Docker daemon cannot retrieve the image files with the same name from the two image warehouses, the Docker daemon reports an error to remind the user to notice whether the inputted image name is wrong or not.
In addition, after the creation of the mirror image file is completed, if the content of the mirror image file is changed and the name of the mirror image file is not changed, the mirror image file is directly matched with the name of the mirror image file, and the finally obtained mirror image file is probably not actually required by a user, so that whether the mirror image file is tampered or not can be further checked on the basis of matching with the name of the mirror image file.
Specifically, if the local mirror image warehouse has the mirror image file with the consistent name, or the remote mirror image warehouse has the mirror image file with the consistent name, the method includes the following steps:
s131, acquiring the identification codes of the image files with the consistent names.
The identifier code refers to a hash value corresponding to the entire image file, specifically, the identifier code may be an MD value obtained by calculating the entire image file through an MD5/MD4 algorithm, or may be an SHA value obtained by calculating the entire image file through an SHA-1 algorithm, where in this embodiment, the identifier code value is taken as the SHA value.
It should be noted that the manner of obtaining the identification code of the image file stored in the local image repository is different from the manner of obtaining the identification code of the image file stored in the remote image repository. For an image file in the local image repository, the Docker daemon will record whether the image file is changed, and as long as the Docker daemon does not prompt that the image file is changed, the sha value recorded during the creation of the image file can be directly used as an identification code. Whether the image file stored in the remote image warehouse is modified or not is not necessarily effectively monitored, so that under the condition that the names are matched consistently, the image file is pulled to the local image warehouse, the corresponding sha value is calculated, and the sha value is used as the identification code. Since the step of checking whether the image file stored in the remote image repository is tampered with is more complicated, it is assumed that the Docker daemon preferentially matches the image file in the local image repository.
S132, judging whether the identification code is consistent with the preset code.
The preset code refers to the sha value recorded after the image file is created locally.
When the content of the image file is changed, the corresponding sha value is correspondingly adjusted, so that whether the image file is changed or not can be judged by comparing the identification code with the preset code.
And S133, if the identification code is inconsistent with the preset code, determining that no image file with a consistent name exists in the corresponding image warehouse.
And when the corresponding mirror image warehouse does not have the mirror image file with the consistent name, executing different steps according to different mirror image warehouses. When the mirror image warehouse is a local mirror image warehouse, executing step S140; when the mirror repository is a remote mirror repository, the synchronization step S150 reports an error.
S200, inquiring a plurality of hash values arranged in the image file according to a preset sequence, wherein each hash value corresponds to one image level in the image file, and the corresponding image levels are respectively defined as 0 layer, 1.
The hash value in this embodiment refers to a sha value of a file corresponding to each level in an image file. Different levels correspond to different sha values.
The hash value is queried by querying a main file of the image file through a Docker daemon to obtain a list file recording hash values corresponding to each level in the image.
The manifest file stores hash values of each level, and the arrangement of the hash values is related to the arrangement of the levels corresponding to the hash values in the mirror image, for example, in the mirror image, 0 is the bottom layer, 1 is superimposed on 0, and 2 is superimposed on 1, so in the manifest file, the hash value corresponding to 0 is arranged in front of the hash value corresponding to 1, and the hash value corresponding to 2 is arranged behind the hash value corresponding to 1.
The number of the levels in the mirror image can be determined according to the number of the obtained hash values, and the hash values also have the function of positioning the position relation among the mirror image levels.
And S300, matching the image level information corresponding to the hash values one by one from the image files in sequence.
And respectively determining the compressed packets of the corresponding levels from the container mirror image by using the hash values of different levels, and respectively decompressing and restoring the compressed packets of the levels to output a plurality of levels of information, wherein each level of information comprises all files of the mirror image layer corresponding to the level.
S400, adding a preset script in the layer 0.
The preset script comprises a first query script used for querying component information in the hierarchy and a third query script used for determining an operating system corresponding to the mirror image.
And after the preset script is implanted into the 0 layer, the third query script queries system basic information stored in the os-release file in the etc directory of the 0 layer, and the third query script determines an operating system corresponding to the mirror image from the os-release file in a keyword retrieval mode, wherein the keyword is a specific system name, such as centros, reddat and the like.
And the first query script is used to query the component information of each hierarchy in step S500.
And S500, mounting the layer 0 and other layers pairwise respectively to form a plurality of temporary mirror images respectively.
Wherein, the 0 layer in the temporary mirror image is the bottom layer, and the layer above the 0 layer is named as the new added layer.
And (4) mounting the newly added layer above the layer 0 to form a temporary mirror image, and operating the temporary mirror image to form a corresponding container. According to the container characteristics, the layer at the top of the container, namely the new added layer, has the read-write function, and the layer 0 below the new added layer is in the read-only mode.
S600, calling a package manager through the first query script to acquire the component information of the new added layer in the temporary mirror image, and adding the component information to the new added layer.
The component information includes a component name, a license for the component, and a version of the component.
The packet manager needs to query the information in the container during the mirror operation process, and the container operation is isolated from the external environment, so that the information cannot be transmitted outside the container and inside the container.
Therefore, in the temporary mirroring operation process, the package manager needs to be called by the first query script preset in the layer 0, and after the package manager queries the component information of the newly added layer, the component information is stored in the newly added layer. And after the joint mounting is cancelled, reading the new added layer to obtain the component information.
Specifically, the method for acquiring the component information of the new added layer in the temporary mirror image comprises the following steps:
and S510, acquiring all data sets of the temporary mirror image.
The first query script added to the layer 0 calls a package manager in the operating system by the operating system running the temporary image determined in step S400. And performing software management through a package manager to obtain all data sets of the temporary mirror image.
S520, removing preset basic data from all the data sets of the temporary mirror image, and taking the residual data as software information of the new added layer.
The preset basic data is stored in the query script in advance. The preset basic data is the component information of the layer 0, and the software information is known because the construction of the layer 0 is basically fixed.
In addition, if the software information of the layer 0 is unknown or uncertain, the layer 0 identified from the mirror image can be replaced by the preset base layer when the temporary mirror image is constructed, so that the software information of the layer 0 in the temporary mirror image is ensured to be correct.
Note that, what is obtained by removing the original software information of the layer 0 from all the acquired data sets is software information of a new added layer, and the software information is not component information of the new added layer. From software information to component information, further processing of the software information is required. And before the software information is processed, the preset script stores the software information in an original directory of a new added layer for facilitating subsequent reading of the software information.
And S700, reading the component information from the new added layer after the hierarchical mounting is cancelled.
After the mounting is cancelled, corresponding software information is read from the new added layer, and the software information is transmitted to a preset script for processing so as to obtain component information such as a component name, a component version, a component license and the like.
It should be noted that when the operating system is a non-rpm management system, such as ubuntu and debian, the component license cannot be directly queried. After the component name is obtained, the position of the corresponding license is located through the component name, so that the license information is stored in the directory of the new added layer to facilitate the subsequent reading of the license information from the new added layer, and the operation is the same as the obtaining method of the rest component information.
And S800, taking the component information as result information and outputting the result information.
The result information is displayed to the user in a preset display mode, and the preset display method can be one or more of methods of displaying on a specified display screen, transmitting to a specified mailbox, sending to a specified mobile phone in short messages and the like.
Furthermore, the detection method can also query the increase and decrease information of the components corresponding to the levels so as to clearly show the forming process of the whole mirror image.
The specific method for inquiring the increase and decrease information of the components corresponding to the levels comprises the following steps:
and S710, sequentially comparing the component information of the n layers with the component information of the n +1 layers to obtain component increase and decrease information corresponding to the n +1 layers, wherein n = 0.
The comparison method is that a preset script calls a package manager by taking the component information of the n layer and the component information of the n +1 layer as input, and the package manager outputs the component increase and decrease information corresponding to the n +1 layer.
The component addition/subtraction information is information of components that increase and decrease in the current n +1 level compared to the n level.
S720, after the increase and decrease information of the components of the n +1 layer is obtained, whether n +1 is equal to L or not is judged.
S730, if n +1 is not equal to L, n = n +1, and the component information of the n layer is compared with the component information of the n +1 layer again.
Whether n +1 is equal to L or not is judged, so that whether all the levels complete the query of the increase and decrease information of the components or not is judged. If n +1 is not equal to L, it indicates that there are other levels to query the component increase and decrease information. The value of n +1 is assigned to n, and steps S720 to S730 are repeated.
And S740, if n +1= L, adding the component increase and decrease information corresponding to all the levels to the result information.
In practice, the method for querying the increase and decrease information of the components in the hierarchy is not limited to the above method, and all hierarchies may be uniformly arranged and combined in sequence in a manner of being adjacent and combining two by two, and then the increase and decrease information of the components is sequentially obtained by the Docker daemon process through diff commands. It is only necessary to finally acquire the component increase/decrease information corresponding to all the hierarchies.
Further, after the component information of each hierarchy is acquired, the detection method may further acquire the dependency relationship between the components according to the component information, and in order to implement query of the dependency relationship, the query script further includes a second query script for querying the dependency relationship corresponding to the variable according to the input variable.
The specific method for querying the dependency relationship is as follows:
and S750, inputting the component names serving as variables into a second query script, and acquiring the dependency relationship corresponding to each component name through the second query script.
The component name is acquired in step S700, and therefore the query dependency must be performed after acquiring the component information. And only one component name can be selected as a variable to be input into the second query script each time, and after the dependency relationship corresponding to the component name is obtained, other component names are selected to replace the variable in the second query script, so that the dependency relationship corresponding to each component is obtained.
And S760, adding the dependency corresponding to each component name into the result information.
In one embodiment, inputting the component names as variables into a second query script, and obtaining the dependency relationship corresponding to each component name through the second query script, includes the following steps:
and S751, after the mounting is cancelled, transmitting variables for characterizing the component name into a preset script of the 0 layer.
And canceling the mounting between the layers in the temporary container, so that the layer 0 is independent again, and transmitting the component name to be inquired to a preset script in the layer 0 through an external script.
And S752, mounting the 0 layer and the newly added layer in a pairwise combined manner, and acquiring a dependency relationship corresponding to the component name represented by the variable by the second query script by calling the package manager, and storing the dependency relationship in the newly added layer.
In order to avoid the situation that the first query script repeatedly queries, the preset script determines the currently executed query script according to whether a variable exists in the second query script. When the second query script does not have the variable, executing the first query script to acquire the component information in the process of operating the temporary container; when the variable exists in the second query script, the second query script is executed to obtain the dependency corresponding to the variable in the process of running the temporary container.
And S753, after the mounting is cancelled again, reading the dependency relationship in the new added layer.
The embodiment of the application also discloses an analysis system of mirror image components, which comprises the following modules:
the matching module is used for matching a corresponding mirror image file from the mirror image warehouse according to the mirror image name input by the user;
the layering module is used for inquiring hash values corresponding to the layers one by one from the image file and acquiring the layer information of the corresponding layers according to the hash values; wherein, the level at the lowest layer of the image file is level 0.
The embedding module is used for adding a preset script into the layer 0;
a mounting module for mounting the level information of the layer 0 and the level information of other levels in a pairwise combination to form a temporary mirror image,
the operation module is used for operating the container formed by the temporary mirror image;
and the disassembly module is used for canceling the mounting of the running temporary mirror image so as to output a new added layer and a 0 layer.
And the input module is used for transmitting the component information serving as a variable into a preset script in the 0 layer when the component information is not mounted.
And the processing module is used for reading and processing the data of the newly added layer output in the disassembly module and outputting one or more of component information, dependency relationship, license information and component increase and decrease information.
And the output module is used for outputting the component information, the dependency relationship, the component increase and decrease information and the like as result information.
The embodiment of the application also discloses a computer readable storage medium, which stores a computer program capable of being loaded by a processor and executing the analysis method of the mirror image component.
The above are preferred embodiments of the present application, and the scope of protection of the present application is not limited thereto, so: equivalent changes in structure, shape and principle of the present application shall be covered by the protection scope of the present application.
Claims (10)
1. A method for analyzing mirror image components is characterized by comprising the following steps:
acquiring a mirror image file;
inquiring a plurality of hash values arranged in the image file according to a preset sequence, wherein each hash value corresponds to one image level in the image file, and the corresponding image levels are respectively defined as 0 layer, 1 layer, 1.. and M layer according to the preset sequence arranged by the hash values, wherein M is a positive integer and is at least 1;
matching the hierarchical information of the image levels corresponding to the hash values one by one from the image files in sequence;
adding a preset script in the layer 0, wherein the preset script comprises a first query script for querying component information in a hierarchy;
mounting 0 layer and other layers pairwise to form a plurality of temporary mirror images respectively, wherein the 0 layer in the temporary mirror images is a bottom layer, and the layer above the 0 layer is named as a newly added layer;
calling a package manager through a first query script to acquire component information of a new added layer in the temporary mirror image, and adding the component information to the new added layer, wherein the component information comprises a component name, a component license and a version;
reading component information from the new added layer after the hierarchical mounting is cancelled;
and taking the component information as result information and outputting the result information.
2. The method for analyzing mirror image components according to claim 1, wherein obtaining component information of a new added layer in the temporary mirror image comprises the following steps:
acquiring all data sets of the temporary mirror image;
and removing preset basic data from all data sets of the temporary mirror image, and taking the residual data as software information of a new added layer, wherein the preset basic data is stored in the query script.
3. A method for analyzing mirror image components according to claim 1, further comprising the steps of, before outputting the result information:
comparing the component information of the n layers with the component information of the n +1 layers to obtain component increase and decrease information corresponding to the n +1 layers, wherein n =0 initially;
after the component increase and decrease information of the n +1 layer is obtained, whether n +1 is equal to L or not is judged,
if n +1 is not equal to L, n = n +1, and the component information of the n layer is compared with the component information of the n +1 layer again to obtain component increase and decrease information corresponding to the current n +1 layer;
and if n +1 is equal to L, adding the component increase and decrease information corresponding to all the levels into the result information.
4. The method for analyzing an image component according to claim 1, wherein the query script further comprises a second query script for querying a dependency relationship corresponding to the variable according to the input variable;
after reading the component information from the new added layer, the method also comprises the following steps:
inputting the component names serving as variables into a second query script, and acquiring the dependency corresponding to each component name through the second query script;
and adding the dependency corresponding to each component name into the result information.
5. The method for analyzing mirror image components according to claim 4, wherein the component names are input into the second query script as variables, and the dependency corresponding to each component name is obtained through the second query script, comprising the steps of:
after the mounting is cancelled, transmitting a variable for representing the component name to a preset script of a layer 0;
secondly, the layer 0 and the newly added layer are mounted pairwise in a combined mode, the second query script obtains the dependency corresponding to the component name represented by the variable through calling a package manager, and the dependency is stored in the newly added layer;
and after the mounting is cancelled again, reading the dependency relationship in the new added layer.
6. The method for analyzing the components of an image according to claim 1, wherein obtaining the image file comprises the following steps:
acquiring mirror image name, judging whether mirror image file with name consistent with inputted mirror image name exists in local mirror image warehouse or not,
if an image file with a name consistent with the input image name exists in the local image warehouse, calling the image file;
if the image file with the name consistent with the input image name does not exist in the local image warehouse, judging whether the image file with the name consistent with the input image name exists in the remote image warehouse or not,
if the image file with the name consistent with the input image name exists in the remote image warehouse, pulling the information of the corresponding image file into the local image warehouse;
if the mirror image file with the name consistent with the input mirror image name does not exist in the remote mirror image warehouse, an error is reported.
7. A method for analyzing specular components according to claim 1, wherein: if the local mirror image warehouse has the mirror image file with the consistent name, or the remote mirror image warehouse has the mirror image file with the consistent name, the method further comprises the following steps:
acquiring identification codes of image files with consistent names;
judging whether the identification code is consistent with the preset code,
if the identification code is not consistent with the preset code, the corresponding mirror image warehouse is considered to have no mirror image file with consistent name;
and if the identification code is consistent with the preset code, determining that the corresponding mirror image warehouse has the mirror image file with the consistent name.
8. A method for analyzing specular components according to claim 1, wherein: after the preset script is placed into the layer 0, the method also comprises the following steps:
matching a plurality of keywords preset in a preset script in the 0-layer system basic information, and determining the operating system of the current mirror image according to the keywords with consistent matching, wherein the keywords preset in the preset script respectively correspond to one operating system;
and calling the package manager corresponding to the operating system by the preset script during the combined mounting.
9. An analysis system for mirror image components, comprising the following modules:
the matching module is used for matching a corresponding mirror image file from the mirror image warehouse according to the mirror image name input by the user;
the layering module is used for inquiring hash values corresponding to the hierarchies one by one from the image file and acquiring hierarchy information of the corresponding hierarchies according to the hash values; wherein, the level at the bottommost layer of the mirror image file is 0 layer;
the embedded module is used for adding a preset script into the layer 0;
a mounting module for mounting the level information of the layer 0 and the level information of other levels in a pairwise combination to form a temporary mirror image,
the operation module is used for operating the container formed by the temporary mirror image;
the disassembly module is used for canceling the mounting of the running temporary mirror image so as to output a new added layer and a 0 layer;
the processing module is used for reading and processing the data of the newly added layer output in the disassembling module and outputting component information;
and the output module is used for outputting the component information as result information.
10. A computer-readable storage medium, characterized in that a computer program capable of being loaded by a processor and executing a method of analyzing image components according to any one of claims 1 to 8 is stored.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210339814.2A CN114780139A (en) | 2022-04-01 | 2022-04-01 | Mirror image component analysis method, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210339814.2A CN114780139A (en) | 2022-04-01 | 2022-04-01 | Mirror image component analysis method, system and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114780139A true CN114780139A (en) | 2022-07-22 |
Family
ID=82427726
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210339814.2A Pending CN114780139A (en) | 2022-04-01 | 2022-04-01 | Mirror image component analysis method, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114780139A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117311905A (en) * | 2023-10-11 | 2023-12-29 | 上海安势信息技术有限公司 | Container mirror image software composition analysis system and method based on layered detection |
-
2022
- 2022-04-01 CN CN202210339814.2A patent/CN114780139A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117311905A (en) * | 2023-10-11 | 2023-12-29 | 上海安势信息技术有限公司 | Container mirror image software composition analysis system and method based on layered detection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6535776B1 (en) | Method for localizing and isolating an errant process step | |
| US8881131B2 (en) | Method and apparatus for populating a software catalogue with software knowledge gathering | |
| JPH07117895B2 (en) | Version control method and apparatus for source data | |
| CN104268006A (en) | Keyboard and mouse script playback method and device | |
| US20100250596A1 (en) | Methods and Apparatus for Identifying Conditional Functional Dependencies | |
| US11868388B2 (en) | Automatic annotation for vehicle damage | |
| WO2007129474A1 (en) | Object recognition device, object recognition program, and image search service providing method | |
| GB2485883A (en) | Retrieval and reviewing of medical image processing | |
| CN114780139A (en) | Mirror image component analysis method, system and storage medium | |
| CN111258614B (en) | Method, system, equipment and storage medium for detecting upgrade exception of project third-party library | |
| JPH09293082A (en) | Device for retrieving picture and its method | |
| CN110647415A (en) | Database detection method, device and equipment and computer readable storage medium | |
| CN114650167A (en) | Abnormity detection method, device, equipment and computer readable storage medium | |
| US11403209B2 (en) | Rendering GUI test object of application under test to reflect test information | |
| CN113806160A (en) | Method, device, equipment and storage medium for monitoring configuration file | |
| US11954100B2 (en) | Systems and methods for automating mapping of repair procedures to repair information | |
| CN115630028A (en) | Remote sensing image filing management method, device, equipment and storage medium | |
| US7051230B2 (en) | Method and system for allowing customization of remote data collection in the event of a system error | |
| CN112732588A (en) | Artificial intelligence code verification system, method and device based on cloud computing | |
| CN113254338A (en) | Test case generation method, device and equipment | |
| CN116503412B (en) | Appearance defect detection method, apparatus, computer device and storage medium | |
| US20240134900A1 (en) | Automatic annotation for vehicle damage | |
| US20230306115A1 (en) | Optimal antimalware signatures database | |
| EP4089579A1 (en) | Method for comparing digital images, in particular for evaluating art works | |
| CN111459767A (en) | Defect management method, device, system and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |