feat(contrib/snmp2cpe): update convert command

contrib/snmp2cpe/pkg/cpe/cpe.go

@@ -2,12 +2,15 @@ package cpe
 
 import (
 	"fmt"
+	"log"
+	"maps"
+	"slices"
 	"strings"
 
 	"github.com/hashicorp/go-version"
+	"github.com/knqyf263/go-cpe/naming"
 
 	"github.com/future-architect/vuls/contrib/snmp2cpe/pkg/snmp"
-	"github.com/future-architect/vuls/contrib/snmp2cpe/pkg/util"
 )
 
 // Convert ...
@@ -77,7 +80,7 @@ func Convert(result snmp.Result) []string {
 			if strings.HasPrefix(v, "Arista Networks EOS version ") {
 				cpes = append(cpes, fmt.Sprintf("cpe:2.3:o:arista:eos:%s:*:*:*:*:*:*:*", strings.ToLower(strings.TrimPrefix(v, "Arista Networks EOS version "))))
 			}
-			cpes = append(cpes, fmt.Sprintf("cpe:/h:arista:%s:-:*:*:*:*:*:*:*", strings.ToLower(strings.TrimPrefix(h, "Arista Networks "))))
+			cpes = append(cpes, fmt.Sprintf("cpe:2.3:h:arista:%s:-:*:*:*:*:*:*:*", strings.ToLower(strings.TrimPrefix(h, "Arista Networks "))))
 		}
 		if t, ok := result.EntPhysicalTables[1]; ok {
 			if t.EntPhysicalSoftwareRev != "" {
@@ -424,7 +427,17 @@ func Convert(result snmp.Result) []string {
 		return []string{}
 	}
 
-	return util.Unique(cpes)
+	m := make(map[string]struct{}, len(cpes))
+	for _, c := range cpes {
+		c = strings.NewReplacer(" ", "_").Replace(c)
+		if _, err := naming.UnbindFS(c); err != nil {
+			log.Printf("WARN: skip %q. err: %s", c, err)
+			continue
+		}
+		m[c] = struct{}{}
+	}
+
+	return slices.Collect(maps.Keys(m))
 }
 
 func detectVendor(r snmp.Result) string {

contrib/snmp2cpe/pkg/cpe/cpe_test.go

@@ -83,7 +83,7 @@ func TestConvert(t *testing.T) {
 			want: []string{"cpe:2.3:o:cisco:ios:12.2(17d)sxb11:*:*:*:*:*:*:*"},
 		},
 		{
-			name: "Cisco IOX-XE Version 16.12.4",
+			name: "Cisco IOS-XE Version 16.12.4",
 			args: snmp.Result{
 				SysDescr0: `Cisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT9K_LITE_IOSXE), Version 16.12.4, RELEASE SOFTWARE (fc5)
 		Technical Support: http://www.cisco.com/techsupport
@@ -93,7 +93,7 @@ func TestConvert(t *testing.T) {
 			want: []string{"cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*"},
 		},
 		{
-			name: "Cisco IOX-XE Version 03.06.07.E",
+			name: "Cisco IOS-XE Version 03.06.07.E",
 			args: snmp.Result{
 				SysDescr0: `Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500es8-UNIVERSALK9-M), Version 03.06.07.E RELEASE SOFTWARE (fc3)
 		Technical Support: http://www.cisco.com/techsupport
@@ -102,6 +102,16 @@ func TestConvert(t *testing.T) {
 			},
 			want: []string{"cpe:2.3:o:cisco:ios_xe:03.06.07.e:*:*:*:*:*:*:*"},
 		},
+		{
+			name: "Cisco IOS-XE Version 03.06.06E on c38xx Stack",
+			args: snmp.Result{
+				SysDescr0: "Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.06.06E RELEASE SOFTWARE (fc1)\r\nTechnical Support: http://www.cisco.com/techsupport\r\nCopyright (c) 1986-2016 by Cisco Systems, Inc.\r\nCompiled Sat 17-Dec-",
+				EntPhysicalTables: map[int]snmp.EntPhysicalTable{1: {
+					EntPhysicalName: "c38xx Stack",
+				}},
+			},
+			want: []string{"cpe:2.3:h:cisco:c38xx_stack:-:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:03.06.06e:*:*:*:*:*:*:*"},
+		},
 		{
 			name: "Juniper SSG-5-SH-BT",
 			args: snmp.Result{
@@ -164,7 +174,7 @@ func TestConvert(t *testing.T) {
 					EntPhysicalSoftwareRev: "4.28.4M",
 				}},
 			},
-			want: []string{"cpe:/h:arista:dcs-7050tx-64:-:*:*:*:*:*:*:*", "cpe:2.3:o:arista:eos:4.28.4m:*:*:*:*:*:*:*"},
+			want: []string{"cpe:2.3:h:arista:dcs-7050tx-64:-:*:*:*:*:*:*:*", "cpe:2.3:o:arista:eos:4.28.4m:*:*:*:*:*:*:*"},
 		},
 		{
 			name: "FortiGate-50E",