diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java index 9c15f48d2..e82296225 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java @@ -66,7 +66,6 @@ import org.owasp.dependencycheck.utils.H2DBLock; import static org.owasp.dependencycheck.analyzer.AnalysisPhase.*; //CSON: AvoidStarImport - /** * Scans files, directories, etc. for Dependencies. Analyzers are loaded and * used to process the files found by the scan, if a file is encountered and an @@ -661,7 +660,9 @@ public class Engine implements FileFilter, AutoCloseable { initializeAnalyzer(analyzer); } catch (InitializationException ex) { exceptions.add(ex); - continue; + if (ex.isFatal()) { + continue; + } } if (analyzer.isEnabled()) { @@ -815,10 +816,12 @@ public class Engine implements FileFilter, AutoCloseable { } catch (InitializationException ex) { LOGGER.error("Exception occurred initializing {}.", analyzer.getName()); LOGGER.debug("", ex); - try { - analyzer.close(); - } catch (Throwable ex1) { - LOGGER.trace("", ex1); + if (ex.isFatal()) { + try { + analyzer.close(); + } catch (Throwable ex1) { + LOGGER.trace("", ex1); + } } throw ex; } catch (Throwable ex) { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java index 9f525ba08..ca61b07f8 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java @@ -90,7 +90,7 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer { try { loadSuppressionData(); } catch (SuppressionParseException ex) { - throw new InitializationException("Error initializing the suppression analyzer: " + ex.getLocalizedMessage(), ex); + throw new InitializationException("Error initializing the suppression analyzer: " + ex.getLocalizedMessage(), ex, true); } } } diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/InitializationException.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/InitializationException.java index 0e36540f5..866ccf3d9 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/InitializationException.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/InitializationException.java @@ -31,6 +31,28 @@ public class InitializationException extends Exception { * The serial version uid. */ private static final long serialVersionUID = 1L; + /** + * Whether or not the exception is fatal. + */ + private boolean fatal = true; + + /** + * Get the value of fatal + * + * @return the value of fatal + */ + public boolean isFatal() { + return fatal; + } + + /** + * Set the value of fatal + * + * @param fatal new value of fatal + */ + public void setFatal(boolean fatal) { + this.fatal = fatal; + } /** * Creates a new InitializationException. @@ -66,4 +88,16 @@ public class InitializationException extends Exception { public InitializationException(String msg, Throwable ex) { super(msg, ex); } + + /** + * Creates a new InitializationException. + * + * @param msg a message for the exception. + * @param ex the cause of the exception. + * @param fatal whether or not the exception is fatal. + */ + public InitializationException(String msg, Throwable ex, boolean fatal) { + super(msg, ex); + this.fatal = fatal; + } }