From 0372c2eccc0656f08fa3183f7afb406762131d80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Kimminich?= Date: Fri, 25 Apr 2014 14:33:15 +0200 Subject: [PATCH] attempt to locate suppressions in classpath when they cannot be found via URL or file path Former-commit-id: 6ba46b24bd89465aef454ca87c20b783bc761eee --- .../analyzer/AbstractSuppressionAnalyzer.java | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java index 78c5e6ab0..8b1d33a8b 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java @@ -17,10 +17,11 @@ */ package org.owasp.dependencycheck.analyzer; -import java.io.File; -import java.io.IOException; +import java.io.*; import java.net.MalformedURLException; import java.net.URL; +import java.nio.file.Files; +import java.nio.file.Path; import java.util.List; import java.util.Set; import java.util.logging.Level; @@ -115,6 +116,20 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer { } } else { file = new File(suppressionFilePath); + if (!file.exists()) { + InputStream suppressionsFromClasspath = this.getClass().getClassLoader().getResourceAsStream(suppressionFilePath); + if (suppressionsFromClasspath != null) { + deleteTempFile = true; + file = FileUtils.getTempFile("suppression", "xml"); + try { + org.apache.commons.io.FileUtils.copyInputStreamToFile(suppressionsFromClasspath, file); + } catch (IOException ex) { + LOGGER.log(Level.WARNING, "Unable to locate suppressions file in classpath"); + LOGGER.log(Level.FINE, "", ex); + throw new SuppressionParseException("Unable to locate suppressions file in classpath", ex); + } + } + } } if (file != null) {