From 1852b9dbb29a2e2ad71ec8e72bc80a91368d6a5d Mon Sep 17 00:00:00 2001 From: Stephen Kitt Date: Fri, 9 Oct 2015 17:07:27 +0200 Subject: [PATCH] Avoid ConcurrentModificationExceptions AggregateMojo.getDescendants() can end up adding descendants while it's iterating over them. This separates the addition from the iteration to avoid this. Signed-off-by: Stephen Kitt --- .../owasp/dependencycheck/maven/AggregateMojo.java | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java index b6ca59a9a..d7dde7c70 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java @@ -173,15 +173,14 @@ public class AggregateMojo extends BaseDependencyCheckMojo { } } } + Set addedDescendants = new HashSet(); for (MavenProject dec : descendants) { for (String mod : dec.getModules()) { try { File mpp = new File(dec.getBasedir(), mod); mpp = mpp.getCanonicalFile(); - if (mpp.compareTo(p.getBasedir()) == 0 && descendants.add(p)) { - if (getLog().isDebugEnabled()) { - getLog().debug(String.format("Decendent module %s added", p.getName())); - } + if (mpp.compareTo(p.getBasedir()) == 0) { + addedDescendants.add(p); } } catch (IOException ex) { if (getLog().isDebugEnabled()) { @@ -190,6 +189,11 @@ public class AggregateMojo extends BaseDependencyCheckMojo { } } } + for (MavenProject addedDescendant : addedDescendants) { + if (descendants.add(addedDescendant) && getLog().isDebugEnabled()) { + getLog().debug(String.format("Decendent module %s added", addedDescendant.getName())); + } + } } } while (size != 0 && size != descendants.size()); if (getLog().isDebugEnabled()) {