Skip to content

support universal (fat) mach-o binary files#4278

Merged
kzantow merged 5 commits intoanchore:mainfrom
JoeyShapiro:macho-support-universal-files
Oct 17, 2025
Merged

support universal (fat) mach-o binary files#4278
kzantow merged 5 commits intoanchore:mainfrom
JoeyShapiro:macho-support-universal-files

Conversation

@JoeyShapiro
Copy link
Copy Markdown
Contributor

@JoeyShapiro JoeyShapiro commented Oct 14, 2025

Description

This change adds support for Mach-o Universal (Fat) binaries. This was a TODO in the code that I ran across while using the package. I have made a few changes that handle fat files differently and I am not sure if this is the best way, so I wanted someone to check and see if they wanted a different way.

  • Using the reader, I check the magic of the file to determine if it is fat or not
  • I create a unique list of all libraries used over all of the arches
    • I could also add text to the library string to say which arch it is from.
  • I set the flag to true if any of the arches have HasExports or HasEntrypoint.
  • Rather than making sure all of them have it. There is not a standard way of handling this for fat binaries

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

@JoeyShapiro
support fat mach-o binary files
db1b3a0 
Signed-off-by: Joseph Shapiro <joeyashapiro@gmail.com>
@JoeyShapiro
added testing for universal macho binaries
052094b 
Signed-off-by: Joseph Shapiro <joeyashapiro@gmail.com>
@JoeyShapiro
fix static analysis failure
29d6cc1 
Signed-off-by: Joseph Shapiro <joeyashapiro@gmail.com>
@JoeyShapiro JoeyShapiro force-pushed the macho-support-universal-files branch from 24f0864 to 29d6cc1 Compare October 17, 2025 15:21
@JoeyShapiro
Copy link
Copy Markdown
Contributor Author

JoeyShapiro commented Oct 17, 2025

the static analysis says to rewrite my if-else to a switch. but I can't see how it can be rewritten as a switch statement.

@kzantow
Copy link
Copy Markdown
Contributor

kzantow commented Oct 17, 2025

@JoeyShapiro you can make a switch statement like:

switch {
case <any boolean condition>:
case <another boolean condition>:
}

@JoeyShapiro
switched to switch statement
4996ea7 
Signed-off-by: Joseph Shapiro <joeyashapiro@gmail.com>
@JoeyShapiro
Copy link
Copy Markdown
Contributor Author

JoeyShapiro commented Oct 17, 2025

ah I see. how is this? I didn't know a switch statement could do that.

@kzantow
Copy link
Copy Markdown
Contributor

kzantow commented Oct 17, 2025

Golang switch specialty!

We have some handling of universal binaries already, the UnionReader, for example. Maybe it would be simpler to use that?

@JoeyShapiro
use union reader instead of switching on magic
5d6c1f0 
Signed-off-by: Joseph Shapiro <joeyashapiro@gmail.com>
@JoeyShapiro
Copy link
Copy Markdown
Contributor Author

JoeyShapiro commented Oct 17, 2025

ok, how does this look. it seems quite a bit cleaner. but I'm wondering if it isn't as obvious that it is working on universal binaries. If that even matters

@kzantow
Copy link
Copy Markdown
Contributor

kzantow commented Oct 17, 2025

It might be good to have some indication about the file being a universal binary, but it seems to me that returning information about all the libraries used, existence of entrypoint, etc. is more important, where we may have been missing some of this information before. We can always add the universal binary indicator later.

kzantow
kzantow approved these changes Oct 17, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @JoeyShapiro 👍

@kzantow kzantow merged commit 31b2c4c into anchore:main Oct 17, 2025
12 checks passed
@JoeyShapiro
Copy link
Copy Markdown
Contributor Author

JoeyShapiro commented Oct 17, 2025

ok cool. thanks for the help

@willmurphyscode willmurphyscode added the enhancement New feature or request label Oct 22, 2025
spiffcs added a commit that referenced this pull request Oct 22, 2025
@spiffcs
Merge branch 'main' into 4184-gguf-parser
3326ae4 
* main:
  chore(deps): update tools to latest versions (#4302)
  chore(deps): bump github.com/github/go-spdx/v2 from 2.3.3 to 2.3.4 (#4301)
  chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 (#4299)
  support universal (fat) mach-o binary files (#4278)
  chore(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#4296)
  chore(deps): bump anchore/sbom-action from 0.20.7 to 0.20.8 (#4297)
  convert posix path back to windows (#4285)
  Remove duplicate image source providers (#4289)
  chore(deps): bump anchore/sbom-action from 0.20.6 to 0.20.7 (#4293)
  feat: add option to fetch remote licenses for pnpm-lock.yaml files (#4286)
  Add PDM parser (#4234)
  chore(deps): update tools to latest versions (#4291)
  fix: panic during java archive maven resolution (#4290)
  Extract zip archive with multiple entries (#4283)
  chore: update to use old configuration on new cosign (#4287)
  chore(deps): update anchore dependencies (#4282)
  chore(deps): bump github.com/mholt/archives from 0.1.3 to 0.1.5 (#4280)
  add docs to configs (#4281)
@BrewTestBot BrewTestBot mentioned this pull request Oct 22, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kzantow kzantow kzantow approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JoeyShapiro @kzantow @willmurphyscode