github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-17 23:04:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

removed unused collection

Browse Source 
Former-commit-id: 5f3c6eab38eae99fef70909650a5eddf2a374a56
This commit is contained in:
Jeremy Long
2015-02-22 10:57:52 -05:00
parent 9c15bdfe41
commit 2594fb1c5f
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
View File

@@ -459,8 +459,6 @@ public class CveDB {
final List<Vulnerability> vulnerabilities = new ArrayList<Vulnerability>(); final List<Vulnerability> vulnerabilities = new ArrayList<Vulnerability>();
PreparedStatement ps; PreparedStatement ps;
//TODO(code review): Looks like things are only added to this map, but never retrieved or checked
final Set<String> cveEntries = new HashSet<String>();
try { try {
ps = getConnection().prepareStatement(SELECT_CVE_FROM_SOFTWARE); ps = getConnection().prepareStatement(SELECT_CVE_FROM_SOFTWARE);
ps.setString(1, cpe.getVendor()); ps.setString(1, cpe.getVendor());
@@ -474,7 +472,6 @@ public class CveDB {
if (!currentCVE.equals(cveId)) { //check for match and add if (!currentCVE.equals(cveId)) { //check for match and add
final Entry<String, Boolean> matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion); final Entry<String, Boolean> matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion);
if (matchedCPE != null) { if (matchedCPE != null) {
cveEntries.add(currentCVE);
final Vulnerability v = getVulnerability(currentCVE); final Vulnerability v = getVulnerability(currentCVE);
v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? "Y" : null); v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? "Y" : null);
vulnerabilities.add(v); vulnerabilities.add(v);
@@ -491,7 +488,6 @@ public class CveDB {
//remember to process the last set of CVE/CPE entries //remember to process the last set of CVE/CPE entries
final Entry<String, Boolean> matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion); final Entry<String, Boolean> matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion);
if (matchedCPE != null) { if (matchedCPE != null) {
cveEntries.add(currentCVE);
final Vulnerability v = getVulnerability(currentCVE); final Vulnerability v = getVulnerability(currentCVE);
v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? "Y" : null); v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? "Y" : null);
vulnerabilities.add(v); vulnerabilities.add(v);