From 2594fb1c5f28f460dbfc8ba2fe65386447f8a9c2 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 22 Feb 2015 10:57:52 -0500 Subject: [PATCH] removed unused collection Former-commit-id: 5f3c6eab38eae99fef70909650a5eddf2a374a56 --- .../java/org/owasp/dependencycheck/data/nvdcve/CveDB.java | 4 ---- 1 file changed, 4 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java index 08258d7c6..4d82c7907 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java @@ -459,8 +459,6 @@ public class CveDB { final List vulnerabilities = new ArrayList(); PreparedStatement ps; - //TODO(code review): Looks like things are only added to this map, but never retrieved or checked - final Set cveEntries = new HashSet(); try { ps = getConnection().prepareStatement(SELECT_CVE_FROM_SOFTWARE); ps.setString(1, cpe.getVendor()); @@ -474,7 +472,6 @@ public class CveDB { if (!currentCVE.equals(cveId)) { //check for match and add final Entry matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion); if (matchedCPE != null) { - cveEntries.add(currentCVE); final Vulnerability v = getVulnerability(currentCVE); v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? "Y" : null); vulnerabilities.add(v); @@ -491,7 +488,6 @@ public class CveDB { //remember to process the last set of CVE/CPE entries final Entry matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion); if (matchedCPE != null) { - cveEntries.add(currentCVE); final Vulnerability v = getVulnerability(currentCVE); v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? "Y" : null); vulnerabilities.add(v);