feat: examine options for matching on strings <3 characters long #3074
Description
In #3003 @ffontaine noted...
Unfortunately, we can't catch some ngircd version which are on two digits (e.g. 25) because cve-bin-tool only extracts strings which have more than 3 characters
And I responded in the review:
We could potentially look into having a 2-character scan happen if and only if the pattern ngIRCd is found. I don't think it would impossible to engineer that somehow by overriding the checker functions to grab the strings, but I don't know off the top of my head how much work it would be. We could also see if enabling 2-character strings in all scans would cause a performance hit or break any existing checkers.
So this is me opening an issue so we don't forget to think about this. In the menatime, the ngircd checker has been merged as is with a note about what it will (and won't) match.