mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-26 11:01:44 +01:00
updated documentation for version 1.0.2
This commit is contained in:
Jeremy Long
@@ -13,9 +13,6 @@
|
||||
<ul>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/analyzer/AbstractAnalyzer.html" target="classFrame">AbstractAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/lucene/AbstractIndex.html" target="classFrame">AbstractIndex</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/lucene/AbstractTokenizingFilter.html" target="classFrame">AbstractTokenizingFilter</a>
|
||||
@@ -49,6 +46,9 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.html" target="classFrame">ArchiveAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/BaseIndex.html" target="classFrame">BaseIndex</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/Build.html" target="classFrame">Build</a>
|
||||
@@ -57,7 +57,7 @@
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/BuildBase.html" target="classFrame">BuildBase</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/CPEAnalyzer.html" target="classFrame">CPEAnalyzer</a>
|
||||
<a href="org/owasp/dependencycheck/analyzer/CPEAnalyzer.html" target="classFrame">CPEAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/CachedWebDataSource.html" target="classFrame">CachedWebDataSource</a>
|
||||
@@ -85,6 +85,12 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/CorruptDatabaseException.html" target="classFrame">CorruptDatabaseException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/CpeIndexReader.html" target="classFrame">CpeIndexReader</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html" target="classFrame">CpeIndexWriter</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/CveDB.html" target="classFrame">CveDB</a>
|
||||
@@ -94,12 +100,15 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cwe/CweHandler.html" target="classFrame">CweHandler</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/update/DataStoreMetaInfo.html" target="classFrame">DataStoreMetaInfo</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/DatabaseException.html" target="classFrame">DatabaseException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.html" target="classFrame">DatabaseUpdater</a>
|
||||
<a href="org/owasp/dependencycheck/data/update/DatabaseUpdater.html" target="classFrame">DatabaseUpdater</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/Profile.html" target="classFrame">Dependencies</a>
|
||||
@@ -130,6 +139,12 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/Model.html" target="classFrame">Developers</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/concurrency/DirectoryLockException.html" target="classFrame">DirectoryLockException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/concurrency/DirectorySpinLock.html" target="classFrame">DirectorySpinLock</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/DistributionManagement.html" target="classFrame">DistributionManagement</a>
|
||||
@@ -141,7 +156,7 @@
|
||||
<a href="org/owasp/dependencycheck/utils/Downloader.html" target="classFrame">Downloader</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/NvdCve20Handler.html" target="classFrame">Element</a>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html" target="classFrame">Element</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/Engine.html" target="classFrame">Engine</a>
|
||||
@@ -169,6 +184,9 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/Build.html" target="classFrame">Extensions</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/utils/ExtractionException.html" target="classFrame">ExtractionException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.html" target="classFrame">FalsePositiveAnalyzer</a>
|
||||
@@ -207,22 +225,22 @@
|
||||
<a href="org/owasp/dependencycheck/dependency/Identifier.html" target="classFrame">Identifier</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/CPEAnalyzer.html" target="classFrame">IdentifierConfidence</a>
|
||||
<a href="org/owasp/dependencycheck/analyzer/CPEAnalyzer.html" target="classFrame">IdentifierConfidence</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/CPEAnalyzer.html" target="classFrame">IdentifierMatch</a>
|
||||
<a href="org/owasp/dependencycheck/analyzer/CPEAnalyzer.html" target="classFrame">IdentifierMatch</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/Resource.html" target="classFrame">Includes</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/Index.html" target="classFrame">Index</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/cpe/IndexEntry.html" target="classFrame">IndexEntry</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/InvalidDataException.html" target="classFrame">InvalidDataException</a>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/InvalidDataException.html" target="classFrame">InvalidDataException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html" target="classFrame">InvalidDirectoryException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/utils/InvalidSettingException.html" target="classFrame">InvalidSettingException</a>
|
||||
@@ -273,16 +291,16 @@
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/CiManagement.html" target="classFrame">Notifiers</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/NvdCve12Handler.html" target="classFrame">NvdCve12Handler</a>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/NvdCve12Handler.html" target="classFrame">NvdCve12Handler</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/NvdCve20Handler.html" target="classFrame">NvdCve20Handler</a>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html" target="classFrame">NvdCve20Handler</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/NvdCveAnalyzer.html" target="classFrame">NvdCveAnalyzer</a>
|
||||
<a href="org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.html" target="classFrame">NvdCveAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.html" target="classFrame">NvdCveUrl</a>
|
||||
<a href="org/owasp/dependencycheck/data/update/NvdCveInfo.html" target="classFrame">NvdCveInfo</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/jaxb/pom/generated/ObjectFactory.html" target="classFrame">ObjectFactory</a>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference</title>
|
||||
</head>
|
||||
<frameset cols="20%,80%">
|
||||
<frameset rows="30%,70%">
|
||||
|
||||
@@ -42,280 +42,293 @@
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> java.util.Set;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> java.util.zip.ZipEntry;
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> java.util.zip.ZipInputStream;
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> org.h2.store.fs.FileUtils;
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * <p>An analyzer that works on archive files:</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * <ul></em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> * <li><b>ZIP</b> - if it is determined to be a JAR, WAR or EAR a copy is made</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> * and the copy is given the correct extension so that it will be correctly</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> * analyzed.</li></em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> * <li><b>WAR</b> - the WAR contents are extracted and added as dependencies to</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> * the scan. The displayed path is relative to the WAR.</li></em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * <li><b>EAR</b> - the WAR contents are extracted and added as dependencies to</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * the scan. Any WAR files are also processed so that the contained JAR files</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * are added to the list of dependencies. The displayed path is relative to the</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * EAR.</li></em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * </ul></p></em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.html">ArchiveAnalyzer</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AbstractAnalyzer.html">AbstractAnalyzer</a> <strong class="jxr_keyword">implements</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/Analyzer.html">Analyzer</a> {
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * The buffer size to use when extracting files from the archive.</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> BUFFER_SIZE = 4096;
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> * The count of directories created during analysis. This is used for</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> * creating temporary directories.</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> dirCount = 0;
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> * The parent directory for the individual directories per archive.</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <strong class="jxr_keyword">private</strong> File tempFileLocation = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> * The max scan depth that the analyzer will recursively extract nested</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> * archives.</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> MAX_SCAN_DEPTH = Settings.getInt(<span class="jxr_string">"archive.scan.depth"</span>, 3);
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> * Tracks the current scan/extraction depth for nested archives.</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">int</strong> scanDepth = 0;
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_comment">//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer"></em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> * The name of the analyzer.</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ANALYZER_NAME = <span class="jxr_string">"Archive Analyzer"</span>;
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment"> * The phase that this analyzer is intended to run in.</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> ANALYSIS_PHASE = AnalysisPhase.INITIAL;
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> * The set of file extensions supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Set<String> EXTENSIONS = newHashSet(<span class="jxr_string">"zip"</span>, <span class="jxr_string">"ear"</span>, <span class="jxr_string">"war"</span>);
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> * Returns a list of file EXTENSIONS supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> * @return a list of file EXTENSIONS supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <strong class="jxr_keyword">public</strong> Set<String> getSupportedExtensions() {
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <strong class="jxr_keyword">return</strong> EXTENSIONS;
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> }
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a>
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <em class="jxr_javadoccomment"> * Returns the name of the analyzer.</em>
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <em class="jxr_javadoccomment"> * @return the name of the analyzer.</em>
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">public</strong> String getName() {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <strong class="jxr_keyword">return</strong> ANALYZER_NAME;
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> }
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a>
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_javadoccomment"> * Returns whether or not this analyzer can process the given extension.</em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment"> * @param extension the file extension to test for support.</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> * @return whether or not the specified file extension is supported by this</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> * analyzer.</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> supportsExtension(String extension) {
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <strong class="jxr_keyword">return</strong> EXTENSIONS.contains(extension);
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> }
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment"> * Returns the phase that the analyzer is intended to run in.</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> * @return the phase that the analyzer is intended to run in.</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <strong class="jxr_keyword">return</strong> ANALYSIS_PHASE;
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> }
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_comment">//</editor-fold></em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_javadoccomment"> * The initialize method does nothing for this Analyzer.</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown if there is an exception deleting or creating</em>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_javadoccomment"> * temporary files</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> @Override
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> initialize() <strong class="jxr_keyword">throws</strong> Exception {
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <strong class="jxr_keyword">final</strong> String tmpDir = Settings.getString(Settings.KEYS.TEMP_DIRECTORY, System.getProperty(<span class="jxr_string">"java.io.tmpdir"</span>));
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <strong class="jxr_keyword">final</strong> File baseDir = <strong class="jxr_keyword">new</strong> File(tmpDir);
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> tempFileLocation = File.createTempFile(<span class="jxr_string">"check"</span>, <span class="jxr_string">"tmp"</span>, baseDir);
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.delete()) {
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to delete temporary file '"</span> + tempFileLocation.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> }
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to create directory '"</span> + tempFileLocation.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> }
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> }
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> * The close method does nothing for this Analyzer.</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <em class="jxr_javadoccomment"> * @throws Exception thrown if there is an exception deleting temporary</em>
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <em class="jxr_javadoccomment"> * files</em>
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> @Override
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() <strong class="jxr_keyword">throws</strong> Exception {
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">if</strong> (tempFileLocation != <strong class="jxr_keyword">null</strong> && tempFileLocation.exists()) {
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> FileUtils.deleteRecursive(tempFileLocation.getAbsolutePath(), <strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> }
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> }
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a>
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <em class="jxr_javadoccomment"> * Analyzes a given dependency. If the dependency is an archive, such as a</em>
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <em class="jxr_javadoccomment"> * WAR or EAR, the contents are extracted, scanned, and added to the list of</em>
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <em class="jxr_javadoccomment"> * dependencies within the engine.</em>
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <em class="jxr_javadoccomment"> * @param dependency the dependency to analyze</em>
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> <em class="jxr_javadoccomment"> * @param engine the engine scanning</em>
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if there is an analysis exception</em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> @Override
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> analyze(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <strong class="jxr_keyword">final</strong> File f = <strong class="jxr_keyword">new</strong> File(dependency.getActualFilePath());
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <strong class="jxr_keyword">final</strong> File tmpDir = getNextTempDirectory();
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> extractFiles(f, tmpDir, engine);
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a>
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <em class="jxr_comment">//make a copy</em>
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <strong class="jxr_keyword">final</strong> List<Dependency> dependencies = <strong class="jxr_keyword">new</strong> ArrayList<Dependency>(engine.getDependencies());
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> engine.scan(tmpDir);
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> <strong class="jxr_keyword">final</strong> List<Dependency> newDependencies = engine.getDependencies();
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <strong class="jxr_keyword">if</strong> (dependencies.size() != newDependencies.size()) {
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <em class="jxr_comment">//get the new dependencies</em>
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <strong class="jxr_keyword">final</strong> Set<Dependency> dependencySet = <strong class="jxr_keyword">new</strong> HashSet<Dependency>();
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> dependencySet.addAll(newDependencies);
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> dependencySet.removeAll(dependencies);
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a>
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <strong class="jxr_keyword">for</strong> (Dependency d : dependencySet) {
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <em class="jxr_comment">//fix the dependency's display name and path</em>
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <strong class="jxr_keyword">final</strong> String displayPath = String.format(<span class="jxr_string">"%s%s"</span>,
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> dependency.getFilePath(),
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> d.getActualFilePath().substring(tmpDir.getAbsolutePath().length()));
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <strong class="jxr_keyword">final</strong> String displayName = String.format(<span class="jxr_string">"%s%s%s"</span>,
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> dependency.getFileName(),
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> File.separator,
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> d.getFileName());
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> d.setFilePath(displayPath);
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> d.setFileName(displayName);
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_comment">//TODO - can we get more evidence from the parent? EAR contains module name, etc.</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a>
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <em class="jxr_comment">//analyze the dependency (i.e. extract files) if it is a supported type.</em>
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.supportsExtension(d.getFileExtension()) && scanDepth < MAX_SCAN_DEPTH) {
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> scanDepth += 1;
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> analyze(d, engine);
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> scanDepth -= 1;
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> }
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> }
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> }
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> Collections.sort(engine.getDependencies());
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> }
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a>
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> <em class="jxr_javadoccomment"> * Retrieves the next temporary directory to extract an archive too.</em>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * @return a directory</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if unable to create temporary directory</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <strong class="jxr_keyword">private</strong> File getNextTempDirectory() <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> dirCount += 1;
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <strong class="jxr_keyword">final</strong> File directory = <strong class="jxr_keyword">new</strong> File(tempFileLocation, String.valueOf(dirCount));
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> <strong class="jxr_keyword">if</strong> (!directory.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to create temp directory '"</span> + directory.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> }
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <strong class="jxr_keyword">return</strong> directory;
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> }
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_javadoccomment"> * Extracts the contents of an archive into the specified directory.</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <em class="jxr_javadoccomment"> * @param archive an archive file such as a WAR or EAR</em>
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <em class="jxr_javadoccomment"> * @param extractTo a directory to extract the contents to</em>
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <em class="jxr_javadoccomment"> * @param engine the scanning engine</em>
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if the archive is not found</em>
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> extractFiles(File archive, File extractTo, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> <strong class="jxr_keyword">if</strong> (archive == <strong class="jxr_keyword">null</strong> || extractTo == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> <strong class="jxr_keyword">return</strong>;
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> }
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a>
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> FileInputStream fis = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> ZipInputStream zis = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a>
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> fis = <strong class="jxr_keyword">new</strong> FileInputStream(archive);
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Archive file was not found."</span>, ex);
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> }
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> zis = <strong class="jxr_keyword">new</strong> ZipInputStream(<strong class="jxr_keyword">new</strong> BufferedInputStream(fis));
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> ZipEntry entry;
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> <strong class="jxr_keyword">while</strong> ((entry = zis.getNextEntry()) != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <strong class="jxr_keyword">if</strong> (entry.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> <strong class="jxr_keyword">final</strong> File d = <strong class="jxr_keyword">new</strong> File(extractTo, entry.getName());
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> <strong class="jxr_keyword">if</strong> (!d.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to create '"</span> + d.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> }
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> <strong class="jxr_keyword">final</strong> File file = <strong class="jxr_keyword">new</strong> File(extractTo, entry.getName());
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <strong class="jxr_keyword">final</strong> String ext = org.owasp.dependencycheck.utils.FileUtils.getFileExtension(file.getName());
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> <strong class="jxr_keyword">if</strong> (engine.supportsExtension(ext)) {
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> BufferedOutputStream bos = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> FileOutputStream fos;
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> fos = <strong class="jxr_keyword">new</strong> FileOutputStream(file);
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a> bos = <strong class="jxr_keyword">new</strong> BufferedOutputStream(fos, BUFFER_SIZE);
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> <strong class="jxr_keyword">int</strong> count;
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> <strong class="jxr_keyword">final</strong> byte data[] = <strong class="jxr_keyword">new</strong> byte[BUFFER_SIZE];
|
||||
<a class="jxr_linenumber" name="274" href="#274">274</a> <strong class="jxr_keyword">while</strong> ((count = zis.read(data, 0, BUFFER_SIZE)) != -1) {
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a> bos.write(data, 0, count);
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a> }
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a> bos.flush();
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to find file '"</span> + file.getName() + <span class="jxr_string">"'."</span>, ex);
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"IO Exception while parsing file '"</span> + file.getName() + <span class="jxr_string">"'."</span>, ex);
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a> <strong class="jxr_keyword">if</strong> (bos != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> bos.close();
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> }
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> }
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a> }
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> }
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a> }
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> }
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Exception reading archive '%s'."</span>, archive.getName());
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, msg, ex);
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> zis.close();
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> }
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> }
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a> }
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> }
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_comment">//import java.util.zip.ZipEntry;</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_comment">//import java.util.zip.ZipException;</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_comment">//import java.util.zip.ZipInputStream;</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.apache.commons.compress.archivers.zip.ZipArchiveEntry;
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> org.apache.commons.compress.archivers.zip.ZipArchiveInputStream;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> org.h2.store.fs.FileUtils;
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> * <p>An analyzer that works on archive files:</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> * <ul></em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> * <li><b>ZIP</b> - if it is determined to be a JAR, WAR or EAR a copy is made</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> * and the copy is given the correct extension so that it will be correctly</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * analyzed.</li></em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * <li><b>WAR</b> - the WAR contents are extracted and added as dependencies to</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * the scan. The displayed path is relative to the WAR.</li></em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * <li><b>EAR</b> - the WAR contents are extracted and added as dependencies to</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * the scan. Any WAR files are also processed so that the contained JAR files</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * are added to the list of dependencies. The displayed path is relative to the</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * EAR.</li></em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * </ul></p></em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.html">ArchiveAnalyzer</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AbstractAnalyzer.html">AbstractAnalyzer</a> <strong class="jxr_keyword">implements</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/Analyzer.html">Analyzer</a> {
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * The buffer size to use when extracting files from the archive.</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> BUFFER_SIZE = 4096;
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> * The count of directories created during analysis. This is used for</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> * creating temporary directories.</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> dirCount = 0;
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * The parent directory for the individual directories per archive.</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <strong class="jxr_keyword">private</strong> File tempFileLocation = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * The max scan depth that the analyzer will recursively extract nested</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> * archives.</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> MAX_SCAN_DEPTH = Settings.getInt(<span class="jxr_string">"archive.scan.depth"</span>, 3);
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * Tracks the current scan/extraction depth for nested archives.</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">int</strong> scanDepth = 0;
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_comment">//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer"></em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> * The name of the analyzer.</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ANALYZER_NAME = <span class="jxr_string">"Archive Analyzer"</span>;
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> * The phase that this analyzer is intended to run in.</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> ANALYSIS_PHASE = AnalysisPhase.INITIAL;
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * The set of file extensions supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Set<String> EXTENSIONS = newHashSet(<span class="jxr_string">"zip"</span>, <span class="jxr_string">"ear"</span>, <span class="jxr_string">"war"</span>);
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * Returns a list of file EXTENSIONS supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> * @return a list of file EXTENSIONS supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">public</strong> Set<String> getSupportedExtensions() {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">return</strong> EXTENSIONS;
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> }
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <em class="jxr_javadoccomment"> * Returns the name of the analyzer.</em>
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <em class="jxr_javadoccomment"> * @return the name of the analyzer.</em>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">public</strong> String getName() {
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <strong class="jxr_keyword">return</strong> ANALYZER_NAME;
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> }
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> * Returns whether or not this analyzer can process the given extension.</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> * @param extension the file extension to test for support.</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <em class="jxr_javadoccomment"> * @return whether or not the specified file extension is supported by this</em>
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <em class="jxr_javadoccomment"> * analyzer.</em>
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> supportsExtension(String extension) {
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <strong class="jxr_keyword">return</strong> EXTENSIONS.contains(extension);
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> }
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> * Returns the phase that the analyzer is intended to run in.</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment"> * @return the phase that the analyzer is intended to run in.</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <strong class="jxr_keyword">return</strong> ANALYSIS_PHASE;
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> }
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_comment">//</editor-fold></em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_javadoccomment"> * The initialize method does nothing for this Analyzer.</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown if there is an exception deleting or creating</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment"> * temporary files</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> @Override
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> initialize() <strong class="jxr_keyword">throws</strong> Exception {
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <strong class="jxr_keyword">final</strong> File baseDir = Settings.getTempDirectory();
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">if</strong> (!baseDir.exists()) {
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> baseDir.mkdirs();
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> }
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> tempFileLocation = File.createTempFile(<span class="jxr_string">"check"</span>, <span class="jxr_string">"tmp"</span>, baseDir);
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.delete()) {
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to delete temporary file '"</span> + tempFileLocation.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> }
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to create directory '"</span> + tempFileLocation.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> }
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> }
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a>
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <em class="jxr_javadoccomment"> * The close method does nothing for this Analyzer.</em>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <em class="jxr_javadoccomment"> * @throws Exception thrown if there is an exception deleting temporary</em>
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> <em class="jxr_javadoccomment"> * files</em>
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> @Override
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() <strong class="jxr_keyword">throws</strong> Exception {
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <strong class="jxr_keyword">if</strong> (tempFileLocation != <strong class="jxr_keyword">null</strong> && tempFileLocation.exists()) {
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> FileUtils.deleteRecursive(tempFileLocation.getAbsolutePath(), <strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> }
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> }
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a>
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> <em class="jxr_javadoccomment"> * Analyzes a given dependency. If the dependency is an archive, such as a</em>
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment"> * WAR or EAR, the contents are extracted, scanned, and added to the list of</em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment"> * dependencies within the engine.</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <em class="jxr_javadoccomment"> * @param dependency the dependency to analyze</em>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment"> * @param engine the engine scanning</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if there is an analysis exception</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> @Override
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> analyze(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <strong class="jxr_keyword">final</strong> File f = <strong class="jxr_keyword">new</strong> File(dependency.getActualFilePath());
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <strong class="jxr_keyword">final</strong> File tmpDir = getNextTempDirectory();
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> extractFiles(f, tmpDir, engine);
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a>
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <em class="jxr_comment">//make a copy</em>
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <strong class="jxr_keyword">final</strong> List<Dependency> dependencies = <strong class="jxr_keyword">new</strong> ArrayList<Dependency>(engine.getDependencies());
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> engine.scan(tmpDir);
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> <strong class="jxr_keyword">final</strong> List<Dependency> newDependencies = engine.getDependencies();
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> <strong class="jxr_keyword">if</strong> (dependencies.size() != newDependencies.size()) {
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <em class="jxr_comment">//get the new dependencies</em>
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <strong class="jxr_keyword">final</strong> Set<Dependency> dependencySet = <strong class="jxr_keyword">new</strong> HashSet<Dependency>();
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> dependencySet.addAll(newDependencies);
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> dependencySet.removeAll(dependencies);
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a>
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <strong class="jxr_keyword">for</strong> (Dependency d : dependencySet) {
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <em class="jxr_comment">//fix the dependency's display name and path</em>
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <strong class="jxr_keyword">final</strong> String displayPath = String.format(<span class="jxr_string">"%s%s"</span>,
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> dependency.getFilePath(),
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> d.getActualFilePath().substring(tmpDir.getAbsolutePath().length()));
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <strong class="jxr_keyword">final</strong> String displayName = String.format(<span class="jxr_string">"%s%s%s"</span>,
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> dependency.getFileName(),
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> File.separator,
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> d.getFileName());
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> d.setFilePath(displayPath);
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> d.setFileName(displayName);
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a>
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <em class="jxr_comment">//TODO - can we get more evidence from the parent? EAR contains module name, etc.</em>
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a>
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <em class="jxr_comment">//analyze the dependency (i.e. extract files) if it is a supported type.</em>
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.supportsExtension(d.getFileExtension()) && scanDepth < MAX_SCAN_DEPTH) {
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> scanDepth += 1;
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> analyze(d, engine);
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> scanDepth -= 1;
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> }
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> }
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> }
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> Collections.sort(engine.getDependencies());
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> }
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> * Retrieves the next temporary directory to extract an archive too.</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <em class="jxr_javadoccomment"> * @return a directory</em>
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if unable to create temporary directory</em>
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <strong class="jxr_keyword">private</strong> File getNextTempDirectory() <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> dirCount += 1;
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <strong class="jxr_keyword">final</strong> File directory = <strong class="jxr_keyword">new</strong> File(tempFileLocation, String.valueOf(dirCount));
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <strong class="jxr_keyword">if</strong> (!directory.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to create temp directory '"</span> + directory.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> }
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <strong class="jxr_keyword">return</strong> directory;
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> }
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a>
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <em class="jxr_javadoccomment"> * Extracts the contents of an archive into the specified directory.</em>
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> <em class="jxr_javadoccomment"> * @param archive an archive file such as a WAR or EAR</em>
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> <em class="jxr_javadoccomment"> * @param extractTo a directory to extract the contents to</em>
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> <em class="jxr_javadoccomment"> * @param engine the scanning engine</em>
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if the archive is not found</em>
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> extractFiles(File archive, File extractTo, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <strong class="jxr_keyword">if</strong> (archive == <strong class="jxr_keyword">null</strong> || extractTo == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> <strong class="jxr_keyword">return</strong>;
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> }
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a>
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> FileInputStream fis = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> <em class="jxr_comment">//ZipInputStream zis = null;</em>
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> ZipArchiveInputStream zis = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a>
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> fis = <strong class="jxr_keyword">new</strong> FileInputStream(archive);
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Archive file was not found."</span>, ex);
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> }
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> zis = <strong class="jxr_keyword">new</strong> ZipArchiveInputStream(<strong class="jxr_keyword">new</strong> BufferedInputStream(fis));
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> ZipArchiveEntry entry;
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a>
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> <strong class="jxr_keyword">while</strong> ((entry = zis.getNextZipEntry()) != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <strong class="jxr_keyword">if</strong> (entry.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> <strong class="jxr_keyword">final</strong> File d = <strong class="jxr_keyword">new</strong> File(extractTo, entry.getName());
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> <strong class="jxr_keyword">if</strong> (!d.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to create '"</span> + d.getAbsolutePath() + <span class="jxr_string">"'."</span>);
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a> }
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a> <strong class="jxr_keyword">final</strong> File file = <strong class="jxr_keyword">new</strong> File(extractTo, entry.getName());
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> <strong class="jxr_keyword">final</strong> String ext = org.owasp.dependencycheck.utils.FileUtils.getFileExtension(file.getName());
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> <strong class="jxr_keyword">if</strong> (engine.supportsExtension(ext)) {
|
||||
<a class="jxr_linenumber" name="274" href="#274">274</a> BufferedOutputStream bos = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a> FileOutputStream fos;
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a> fos = <strong class="jxr_keyword">new</strong> FileOutputStream(file);
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> bos = <strong class="jxr_keyword">new</strong> BufferedOutputStream(fos, BUFFER_SIZE);
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> <strong class="jxr_keyword">int</strong> count;
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <strong class="jxr_keyword">final</strong> byte data[] = <strong class="jxr_keyword">new</strong> byte[BUFFER_SIZE];
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> <strong class="jxr_keyword">while</strong> ((count = zis.read(data, 0, BUFFER_SIZE)) != -1) {
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> bos.write(data, 0, count);
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a> }
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> bos.flush();
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to find file '"</span> + file.getName() + <span class="jxr_string">"'."</span>, ex);
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"IO Exception while parsing file '"</span> + file.getName() + <span class="jxr_string">"'."</span>, ex);
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a> <strong class="jxr_keyword">if</strong> (bos != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a> bos.close();
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> }
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a> }
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> }
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a> }
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> }
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> }
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Exception reading archive '%s'."</span>, archive.getName());
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, msg);
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> } <strong class="jxr_keyword">catch</strong> (Throwable ex) {
|
||||
<a class="jxr_linenumber" name="309" href="#309">309</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Exception reading archive '%s'."</span>, archive.getName());
|
||||
<a class="jxr_linenumber" name="310" href="#310">310</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, msg);
|
||||
<a class="jxr_linenumber" name="311" href="#311">311</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="312" href="#312">312</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="313" href="#313">313</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="314" href="#314">314</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="315" href="#315">315</a> zis.close();
|
||||
<a class="jxr_linenumber" name="316" href="#316">316</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="317" href="#317">317</a> Logger.getLogger(ArchiveAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="318" href="#318">318</a> }
|
||||
<a class="jxr_linenumber" name="319" href="#319">319</a> }
|
||||
<a class="jxr_linenumber" name="320" href="#320">320</a> }
|
||||
<a class="jxr_linenumber" name="321" href="#321">321</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,814 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>CPEAnalyzer xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.analyzer;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.io.UnsupportedEncodingException;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.net.URLEncoder;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.sql.SQLException;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.ArrayList;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.util.Collections;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> java.util.Set;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> java.util.StringTokenizer;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.document.Document;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.CorruptIndexException;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.queryparser.classic.ParseException;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.search.ScoreDoc;
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.search.TopDocs;
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.lucene.LuceneUtils;
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Evidence;
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Evidence.Confidence;
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.EvidenceCollection;
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.CpeIndexReader;
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.Fields;
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.IndexEntry;
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.CveDB;
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Identifier;
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.VulnerableSoftware;
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.DependencyVersion;
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.DependencyVersionUtil;
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * CPEAnalyzer is a utility class that takes a project dependency and attempts</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * to discern if there is an associated CPE. It uses the evidence contained</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * within the dependency to search the Lucene index.</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">CPEAnalyzer</a> <strong class="jxr_keyword">implements</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/Analyzer.html">Analyzer</a> {
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> * The maximum number of query results to return.</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> MAX_QUERY_RESULTS = 25;
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment"> * The weighting boost to give terms when constructing the Lucene query.</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String WEIGHTING_BOOST = <span class="jxr_string">"^5"</span>;
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * A string representation of a regular expression defining characters</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * utilized within the CPE Names.</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CLEANSE_CHARACTER_RX = <span class="jxr_string">"[^A-Za-z0-9 ._-]"</span>;
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * A string representation of a regular expression used to remove all but</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * alpha characters.</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CLEANSE_NONALPHA_RX = <span class="jxr_string">"[^A-Za-z]*"</span>;
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * The additional size to add to a new StringBuilder to account for extra</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * data that will be written into the string.</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> STRING_BUILDER_BUFFER = 20;
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> * The CPE Index Reader.</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/CpeIndexReader.html">CpeIndexReader</a> cpe;
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> * The CVE Database.</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a> cve;
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * Opens the data source.</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> * @throws IOException when the Lucene directory to be queried does not</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment"> * exist or is corrupt.</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> * @throws DatabaseException when the database throws an exception. This</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * usually occurs when the database is in use by another process.</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> open() <strong class="jxr_keyword">throws</strong> IOException, DatabaseException {
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> cpe = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/CpeIndexReader.html">CpeIndexReader</a>();
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> cpe.open();
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> cve = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a>();
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> cve.open();
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> } <strong class="jxr_keyword">catch</strong> (SQLException ex) {
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> Logger.getLogger(CPEAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/data/nvdcve/DatabaseException.html">DatabaseException</a>(<span class="jxr_string">"Unable to open the cve db"</span>, ex);
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> } <strong class="jxr_keyword">catch</strong> (ClassNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> Logger.getLogger(CPEAnalyzer.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/data/nvdcve/DatabaseException.html">DatabaseException</a>(<span class="jxr_string">"Unable to open the cve db"</span>, ex);
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> }
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> }
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> * Closes the data source.</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> @Override
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <strong class="jxr_keyword">if</strong> (cpe != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> cpe.close();
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> }
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <strong class="jxr_keyword">if</strong> (cve != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> cve.close();
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> }
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> }
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment"> * Returns the status of the data source - is the index open.</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment"> * @return true or false.</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isOpen() {
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <strong class="jxr_keyword">return</strong> (cpe != <strong class="jxr_keyword">null</strong>) && cpe.isOpen();
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> }
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment"> * Ensures that the Lucene index is closed.</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment"> * @throws Throwable when a throwable is thrown.</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> @Override
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> finalize() <strong class="jxr_keyword">throws</strong> Throwable {
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <strong class="jxr_keyword">super</strong>.finalize();
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">if</strong> (isOpen()) {
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> close();
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> }
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> }
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment"> * Searches the data store of CPE entries, trying to identify the CPE for</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment"> * the given dependency based on the evidence contained within. The</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> * dependency passed in is updated with any identified CPE values.</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <em class="jxr_javadoccomment"> * @param dependency the dependency to search for CPE entries on.</em>
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <em class="jxr_javadoccomment"> * @throws CorruptIndexException is thrown when the Lucene index is corrupt.</em>
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown when an IOException occurs.</em>
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <em class="jxr_javadoccomment"> * @throws ParseException is thrown when the Lucene query cannot be parsed.</em>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> determineCPE(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency) <strong class="jxr_keyword">throws</strong> CorruptIndexException, IOException, ParseException {
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> vendorConf = Confidence.HIGHEST;
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> productConf = Confidence.HIGHEST;
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a>
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> String vendors = addEvidenceWithoutDuplicateTerms(<span class="jxr_string">""</span>, dependency.getVendorEvidence(), vendorConf);
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> String products = addEvidenceWithoutDuplicateTerms(<span class="jxr_string">""</span>, dependency.getProductEvidence(), productConf);
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a>
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <strong class="jxr_keyword">int</strong> ctr = 0;
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <strong class="jxr_keyword">do</strong> {
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <strong class="jxr_keyword">if</strong> (!vendors.isEmpty() && !products.isEmpty()) {
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <strong class="jxr_keyword">final</strong> List<IndexEntry> entries = searchCPE(vendors, products, dependency.getProductEvidence().getWeighting(),
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> dependency.getVendorEvidence().getWeighting());
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <strong class="jxr_keyword">for</strong> (IndexEntry e : entries) {
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <strong class="jxr_keyword">if</strong> (verifyEntry(e, dependency)) {
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <strong class="jxr_keyword">final</strong> String vendor = e.getVendor();
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <strong class="jxr_keyword">final</strong> String product = e.getProduct();
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> determineIdentifiers(dependency, vendor, product);
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> }
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> }
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> }
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> vendorConf = reduceConfidence(vendorConf);
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <strong class="jxr_keyword">if</strong> (dependency.getVendorEvidence().contains(vendorConf)) {
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> vendors = addEvidenceWithoutDuplicateTerms(vendors, dependency.getVendorEvidence(), vendorConf);
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> }
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> productConf = reduceConfidence(productConf);
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <strong class="jxr_keyword">if</strong> (dependency.getProductEvidence().contains(productConf)) {
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> products = addEvidenceWithoutDuplicateTerms(products, dependency.getProductEvidence(), productConf);
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> }
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> } <strong class="jxr_keyword">while</strong> ((++ctr) < 4);
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> }
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a>
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> <em class="jxr_javadoccomment"> * Returns the text created by concatenating the text and the values from</em>
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> <em class="jxr_javadoccomment"> * the EvidenceCollection (filtered for a specific confidence). This</em>
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <em class="jxr_javadoccomment"> * attempts to prevent duplicate terms from being added.<br/<br/> Note, if</em>
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <em class="jxr_javadoccomment"> * the evidence is longer then 200 characters it will be truncated.</em>
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> <em class="jxr_javadoccomment"> * @param text the base text.</em>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_javadoccomment"> * @param ec an EvidenceCollection</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_javadoccomment"> * @param confidenceFilter a Confidence level to filter the evidence by.</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_javadoccomment"> * @return the new evidence text</em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <strong class="jxr_keyword">private</strong> String addEvidenceWithoutDuplicateTerms(<strong class="jxr_keyword">final</strong> String text, <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/dependency/EvidenceCollection.html">EvidenceCollection</a> ec, <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> confidenceFilter) {
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <strong class="jxr_keyword">final</strong> String txt = (text == <strong class="jxr_keyword">null</strong>) ? <span class="jxr_string">""</span> : text;
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">final</strong> StringBuilder sb = <strong class="jxr_keyword">new</strong> StringBuilder(txt.length() + (20 * ec.size()));
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> sb.append(' ').append(txt).append(' ');
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <strong class="jxr_keyword">for</strong> (Evidence e : ec.iterator(confidenceFilter)) {
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> String value = e.getValue();
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a>
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <em class="jxr_comment">//hack to get around the fact that lucene does a really good job of recognizing domains and not</em>
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <em class="jxr_comment">// splitting them. TODO - put together a better lucene analyzer specific to the domain.</em>
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <strong class="jxr_keyword">if</strong> (value.startsWith(<span class="jxr_string">"http://"</span>)) {
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> value = value.substring(7).replaceAll(<span class="jxr_string">"\\."</span>, <span class="jxr_string">" "</span>);
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> }
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> <strong class="jxr_keyword">if</strong> (value.startsWith(<span class="jxr_string">"https://"</span>)) {
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> value = value.substring(8).replaceAll(<span class="jxr_string">"\\."</span>, <span class="jxr_string">" "</span>);
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> }
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <strong class="jxr_keyword">if</strong> (sb.indexOf(<span class="jxr_string">" "</span> + value + <span class="jxr_string">" "</span>) < 0) {
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> sb.append(value).append(' ');
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> }
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> }
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <strong class="jxr_keyword">return</strong> sb.toString().trim();
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> }
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a>
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <em class="jxr_javadoccomment"> * Reduces the given confidence by one level. This returns LOW if the</em>
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <em class="jxr_javadoccomment"> * confidence passed in is not HIGH.</em>
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <em class="jxr_javadoccomment"> * @param c the confidence to reduce.</em>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment"> * @return One less then the confidence passed in.</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> reduceConfidence(<strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> c) {
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <strong class="jxr_keyword">if</strong> (c == Confidence.HIGHEST) {
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <strong class="jxr_keyword">return</strong> Confidence.HIGH;
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (c == Confidence.HIGH) {
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <strong class="jxr_keyword">return</strong> Confidence.MEDIUM;
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> <strong class="jxr_keyword">return</strong> Confidence.LOW;
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> }
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> }
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a>
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <em class="jxr_javadoccomment"> * <p>Searches the Lucene CPE index to identify possible CPE entries</em>
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <em class="jxr_javadoccomment"> * associated with the supplied vendor, product, and version.</p></em>
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> <em class="jxr_javadoccomment"> * <p>If either the vendorWeightings or productWeightings lists have been</em>
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> <em class="jxr_javadoccomment"> * populated this data is used to add weighting factors to the search.</p></em>
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> <em class="jxr_javadoccomment"> * @param vendor the text used to search the vendor field</em>
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> <em class="jxr_javadoccomment"> * @param product the text used to search the product field</em>
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> <em class="jxr_javadoccomment"> * @param vendorWeightings a list of strings to use to add weighting factors</em>
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <em class="jxr_javadoccomment"> * to the vendor field</em>
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> <em class="jxr_javadoccomment"> * @param productWeightings Adds a list of strings that will be used to add</em>
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> <em class="jxr_javadoccomment"> * weighting factors to the product search</em>
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> <em class="jxr_javadoccomment"> * @return a list of possible CPE values</em>
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <em class="jxr_javadoccomment"> * @throws CorruptIndexException when the Lucene index is corrupt</em>
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> <em class="jxr_javadoccomment"> * @throws IOException when the Lucene index is not found</em>
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> <em class="jxr_javadoccomment"> * @throws ParseException when the generated query is not valid</em>
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> <strong class="jxr_keyword">protected</strong> List<IndexEntry> searchCPE(String vendor, String product,
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> Set<String> vendorWeightings, Set<String> productWeightings)
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> <strong class="jxr_keyword">throws</strong> CorruptIndexException, IOException, ParseException {
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <strong class="jxr_keyword">final</strong> ArrayList<IndexEntry> ret = <strong class="jxr_keyword">new</strong> ArrayList<IndexEntry>(MAX_QUERY_RESULTS);
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a>
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> <strong class="jxr_keyword">final</strong> String searchString = buildSearch(vendor, product, vendorWeightings, productWeightings);
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> <strong class="jxr_keyword">if</strong> (searchString == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a> <strong class="jxr_keyword">return</strong> ret;
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> }
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a>
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> <strong class="jxr_keyword">final</strong> TopDocs docs = cpe.search(searchString, MAX_QUERY_RESULTS);
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> <strong class="jxr_keyword">for</strong> (ScoreDoc d : docs.scoreDocs) {
|
||||
<a class="jxr_linenumber" name="274" href="#274">274</a> <strong class="jxr_keyword">if</strong> (d.score >= 0.08) {
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a> <strong class="jxr_keyword">final</strong> Document doc = cpe.getDocument(d.doc);
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/IndexEntry.html">IndexEntry</a> entry = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/IndexEntry.html">IndexEntry</a>();
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a> entry.setVendor(doc.get(Fields.VENDOR));
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> entry.setProduct(doc.get(Fields.PRODUCT));
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> <em class="jxr_comment">// if (d.score < 0.08) {</em>
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <em class="jxr_comment">// System.out.print(entry.getVendor());</em>
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> <em class="jxr_comment">// System.out.print(":");</em>
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> <em class="jxr_comment">// System.out.print(entry.getProduct());</em>
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a> <em class="jxr_comment">// System.out.print(":");</em>
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> <em class="jxr_comment">// System.out.println(d.score);</em>
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> entry.setSearchScore(d.score);
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> <strong class="jxr_keyword">if</strong> (!ret.contains(entry)) {
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> ret.add(entry);
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> }
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> }
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> }
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a> <strong class="jxr_keyword">return</strong> ret;
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> }
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a>
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> <em class="jxr_javadoccomment"> * <p>Builds a Lucene search string by properly escaping data and</em>
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> <em class="jxr_javadoccomment"> * constructing a valid search query.</p></em>
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> <em class="jxr_javadoccomment"> * <p>If either the possibleVendor or possibleProducts lists have been</em>
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a> <em class="jxr_javadoccomment"> * populated this data is used to add weighting factors to the search string</em>
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> <em class="jxr_javadoccomment"> * generated.</p></em>
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> <em class="jxr_javadoccomment"> * @param vendor text to search the vendor field</em>
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> <em class="jxr_javadoccomment"> * @param product text to search the product field</em>
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> <em class="jxr_javadoccomment"> * @param vendorWeighting a list of strings to apply to the vendor to boost</em>
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> <em class="jxr_javadoccomment"> * the terms weight</em>
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a> <em class="jxr_javadoccomment"> * @param productWeightings a list of strings to apply to the product to</em>
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> <em class="jxr_javadoccomment"> * boost the terms weight</em>
|
||||
<a class="jxr_linenumber" name="309" href="#309">309</a> <em class="jxr_javadoccomment"> * @return the Lucene query</em>
|
||||
<a class="jxr_linenumber" name="310" href="#310">310</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="311" href="#311">311</a> <strong class="jxr_keyword">protected</strong> String buildSearch(String vendor, String product,
|
||||
<a class="jxr_linenumber" name="312" href="#312">312</a> Set<String> vendorWeighting, Set<String> productWeightings) {
|
||||
<a class="jxr_linenumber" name="313" href="#313">313</a> <strong class="jxr_keyword">final</strong> String v = vendor; <em class="jxr_comment">//.replaceAll("[^\\w\\d]", " ");</em>
|
||||
<a class="jxr_linenumber" name="314" href="#314">314</a> <strong class="jxr_keyword">final</strong> String p = product; <em class="jxr_comment">//.replaceAll("[^\\w\\d]", " ");</em>
|
||||
<a class="jxr_linenumber" name="315" href="#315">315</a> <strong class="jxr_keyword">final</strong> StringBuilder sb = <strong class="jxr_keyword">new</strong> StringBuilder(v.length() + p.length()
|
||||
<a class="jxr_linenumber" name="316" href="#316">316</a> + Fields.PRODUCT.length() + Fields.VENDOR.length() + STRING_BUILDER_BUFFER);
|
||||
<a class="jxr_linenumber" name="317" href="#317">317</a>
|
||||
<a class="jxr_linenumber" name="318" href="#318">318</a> <strong class="jxr_keyword">if</strong> (!appendWeightedSearch(sb, Fields.PRODUCT, p, productWeightings)) {
|
||||
<a class="jxr_linenumber" name="319" href="#319">319</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="320" href="#320">320</a> }
|
||||
<a class="jxr_linenumber" name="321" href="#321">321</a> sb.append(<span class="jxr_string">" AND "</span>);
|
||||
<a class="jxr_linenumber" name="322" href="#322">322</a> <strong class="jxr_keyword">if</strong> (!appendWeightedSearch(sb, Fields.VENDOR, v, vendorWeighting)) {
|
||||
<a class="jxr_linenumber" name="323" href="#323">323</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="324" href="#324">324</a> }
|
||||
<a class="jxr_linenumber" name="325" href="#325">325</a> <strong class="jxr_keyword">return</strong> sb.toString();
|
||||
<a class="jxr_linenumber" name="326" href="#326">326</a> }
|
||||
<a class="jxr_linenumber" name="327" href="#327">327</a>
|
||||
<a class="jxr_linenumber" name="328" href="#328">328</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="329" href="#329">329</a> <em class="jxr_javadoccomment"> * This method constructs a Lucene query for a given field. The searchText</em>
|
||||
<a class="jxr_linenumber" name="330" href="#330">330</a> <em class="jxr_javadoccomment"> * is split into separate words and if the word is within the list of</em>
|
||||
<a class="jxr_linenumber" name="331" href="#331">331</a> <em class="jxr_javadoccomment"> * weighted words then an additional weighting is applied to the term as it</em>
|
||||
<a class="jxr_linenumber" name="332" href="#332">332</a> <em class="jxr_javadoccomment"> * is appended into the query.</em>
|
||||
<a class="jxr_linenumber" name="333" href="#333">333</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="334" href="#334">334</a> <em class="jxr_javadoccomment"> * @param sb a StringBuilder that the query text will be appended to.</em>
|
||||
<a class="jxr_linenumber" name="335" href="#335">335</a> <em class="jxr_javadoccomment"> * @param field the field within the Lucene index that the query is</em>
|
||||
<a class="jxr_linenumber" name="336" href="#336">336</a> <em class="jxr_javadoccomment"> * searching.</em>
|
||||
<a class="jxr_linenumber" name="337" href="#337">337</a> <em class="jxr_javadoccomment"> * @param searchText text used to construct the query.</em>
|
||||
<a class="jxr_linenumber" name="338" href="#338">338</a> <em class="jxr_javadoccomment"> * @param weightedText a list of terms that will be considered higher</em>
|
||||
<a class="jxr_linenumber" name="339" href="#339">339</a> <em class="jxr_javadoccomment"> * importance when searching.</em>
|
||||
<a class="jxr_linenumber" name="340" href="#340">340</a> <em class="jxr_javadoccomment"> * @return if the append was successful.</em>
|
||||
<a class="jxr_linenumber" name="341" href="#341">341</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="342" href="#342">342</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> appendWeightedSearch(StringBuilder sb, String field, String searchText, Set<String> weightedText) {
|
||||
<a class="jxr_linenumber" name="343" href="#343">343</a> sb.append(<span class="jxr_string">" "</span>).append(field).append(<span class="jxr_string">":( "</span>);
|
||||
<a class="jxr_linenumber" name="344" href="#344">344</a>
|
||||
<a class="jxr_linenumber" name="345" href="#345">345</a> <strong class="jxr_keyword">final</strong> String cleanText = cleanseText(searchText);
|
||||
<a class="jxr_linenumber" name="346" href="#346">346</a>
|
||||
<a class="jxr_linenumber" name="347" href="#347">347</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">""</span>.equals(cleanText)) {
|
||||
<a class="jxr_linenumber" name="348" href="#348">348</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="349" href="#349">349</a> }
|
||||
<a class="jxr_linenumber" name="350" href="#350">350</a>
|
||||
<a class="jxr_linenumber" name="351" href="#351">351</a> <strong class="jxr_keyword">if</strong> (weightedText == <strong class="jxr_keyword">null</strong> || weightedText.isEmpty()) {
|
||||
<a class="jxr_linenumber" name="352" href="#352">352</a> LuceneUtils.appendEscapedLuceneQuery(sb, cleanText);
|
||||
<a class="jxr_linenumber" name="353" href="#353">353</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="354" href="#354">354</a> <strong class="jxr_keyword">final</strong> StringTokenizer tokens = <strong class="jxr_keyword">new</strong> StringTokenizer(cleanText);
|
||||
<a class="jxr_linenumber" name="355" href="#355">355</a> <strong class="jxr_keyword">while</strong> (tokens.hasMoreElements()) {
|
||||
<a class="jxr_linenumber" name="356" href="#356">356</a> <strong class="jxr_keyword">final</strong> String word = tokens.nextToken();
|
||||
<a class="jxr_linenumber" name="357" href="#357">357</a> String temp = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="358" href="#358">358</a> <strong class="jxr_keyword">for</strong> (String weighted : weightedText) {
|
||||
<a class="jxr_linenumber" name="359" href="#359">359</a> <strong class="jxr_keyword">final</strong> String weightedStr = cleanseText(weighted);
|
||||
<a class="jxr_linenumber" name="360" href="#360">360</a> <strong class="jxr_keyword">if</strong> (equalsIgnoreCaseAndNonAlpha(word, weightedStr)) {
|
||||
<a class="jxr_linenumber" name="361" href="#361">361</a> temp = LuceneUtils.escapeLuceneQuery(word) + WEIGHTING_BOOST;
|
||||
<a class="jxr_linenumber" name="362" href="#362">362</a> <strong class="jxr_keyword">if</strong> (!word.equalsIgnoreCase(weightedStr)) {
|
||||
<a class="jxr_linenumber" name="363" href="#363">363</a> temp += <span class="jxr_string">" "</span> + LuceneUtils.escapeLuceneQuery(weightedStr) + WEIGHTING_BOOST;
|
||||
<a class="jxr_linenumber" name="364" href="#364">364</a> }
|
||||
<a class="jxr_linenumber" name="365" href="#365">365</a> }
|
||||
<a class="jxr_linenumber" name="366" href="#366">366</a> }
|
||||
<a class="jxr_linenumber" name="367" href="#367">367</a> <strong class="jxr_keyword">if</strong> (temp == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="368" href="#368">368</a> temp = LuceneUtils.escapeLuceneQuery(word);
|
||||
<a class="jxr_linenumber" name="369" href="#369">369</a> }
|
||||
<a class="jxr_linenumber" name="370" href="#370">370</a> sb.append(<span class="jxr_string">" "</span>).append(temp);
|
||||
<a class="jxr_linenumber" name="371" href="#371">371</a> }
|
||||
<a class="jxr_linenumber" name="372" href="#372">372</a> }
|
||||
<a class="jxr_linenumber" name="373" href="#373">373</a> sb.append(<span class="jxr_string">" ) "</span>);
|
||||
<a class="jxr_linenumber" name="374" href="#374">374</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="375" href="#375">375</a> }
|
||||
<a class="jxr_linenumber" name="376" href="#376">376</a>
|
||||
<a class="jxr_linenumber" name="377" href="#377">377</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="378" href="#378">378</a> <em class="jxr_javadoccomment"> * Removes characters from the input text that are not used within the CPE</em>
|
||||
<a class="jxr_linenumber" name="379" href="#379">379</a> <em class="jxr_javadoccomment"> * index.</em>
|
||||
<a class="jxr_linenumber" name="380" href="#380">380</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="381" href="#381">381</a> <em class="jxr_javadoccomment"> * @param text is the text to remove the characters from.</em>
|
||||
<a class="jxr_linenumber" name="382" href="#382">382</a> <em class="jxr_javadoccomment"> * @return the text having removed some characters.</em>
|
||||
<a class="jxr_linenumber" name="383" href="#383">383</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="384" href="#384">384</a> <strong class="jxr_keyword">private</strong> String cleanseText(String text) {
|
||||
<a class="jxr_linenumber" name="385" href="#385">385</a> <strong class="jxr_keyword">return</strong> text.replaceAll(CLEANSE_CHARACTER_RX, <span class="jxr_string">" "</span>);
|
||||
<a class="jxr_linenumber" name="386" href="#386">386</a> }
|
||||
<a class="jxr_linenumber" name="387" href="#387">387</a>
|
||||
<a class="jxr_linenumber" name="388" href="#388">388</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="389" href="#389">389</a> <em class="jxr_javadoccomment"> * Compares two strings after lower casing them and removing the non-alpha</em>
|
||||
<a class="jxr_linenumber" name="390" href="#390">390</a> <em class="jxr_javadoccomment"> * characters.</em>
|
||||
<a class="jxr_linenumber" name="391" href="#391">391</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="392" href="#392">392</a> <em class="jxr_javadoccomment"> * @param l string one to compare.</em>
|
||||
<a class="jxr_linenumber" name="393" href="#393">393</a> <em class="jxr_javadoccomment"> * @param r string two to compare.</em>
|
||||
<a class="jxr_linenumber" name="394" href="#394">394</a> <em class="jxr_javadoccomment"> * @return whether or not the two strings are similar.</em>
|
||||
<a class="jxr_linenumber" name="395" href="#395">395</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="396" href="#396">396</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> equalsIgnoreCaseAndNonAlpha(String l, String r) {
|
||||
<a class="jxr_linenumber" name="397" href="#397">397</a> <strong class="jxr_keyword">if</strong> (l == <strong class="jxr_keyword">null</strong> || r == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="398" href="#398">398</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="399" href="#399">399</a> }
|
||||
<a class="jxr_linenumber" name="400" href="#400">400</a>
|
||||
<a class="jxr_linenumber" name="401" href="#401">401</a> <strong class="jxr_keyword">final</strong> String left = l.replaceAll(CLEANSE_NONALPHA_RX, <span class="jxr_string">""</span>);
|
||||
<a class="jxr_linenumber" name="402" href="#402">402</a> <strong class="jxr_keyword">final</strong> String right = r.replaceAll(CLEANSE_NONALPHA_RX, <span class="jxr_string">""</span>);
|
||||
<a class="jxr_linenumber" name="403" href="#403">403</a> <strong class="jxr_keyword">return</strong> left.equalsIgnoreCase(right);
|
||||
<a class="jxr_linenumber" name="404" href="#404">404</a> }
|
||||
<a class="jxr_linenumber" name="405" href="#405">405</a>
|
||||
<a class="jxr_linenumber" name="406" href="#406">406</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="407" href="#407">407</a> <em class="jxr_javadoccomment"> * Ensures that the CPE Identified matches the dependency. This validates</em>
|
||||
<a class="jxr_linenumber" name="408" href="#408">408</a> <em class="jxr_javadoccomment"> * that the product, vendor, and version information for the CPE are</em>
|
||||
<a class="jxr_linenumber" name="409" href="#409">409</a> <em class="jxr_javadoccomment"> * contained within the dependencies evidence.</em>
|
||||
<a class="jxr_linenumber" name="410" href="#410">410</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="411" href="#411">411</a> <em class="jxr_javadoccomment"> * @param entry a CPE entry.</em>
|
||||
<a class="jxr_linenumber" name="412" href="#412">412</a> <em class="jxr_javadoccomment"> * @param dependency the dependency that the CPE entries could be for.</em>
|
||||
<a class="jxr_linenumber" name="413" href="#413">413</a> <em class="jxr_javadoccomment"> * @return whether or not the entry is valid.</em>
|
||||
<a class="jxr_linenumber" name="414" href="#414">414</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="415" href="#415">415</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> verifyEntry(<strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/IndexEntry.html">IndexEntry</a> entry, <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency) {
|
||||
<a class="jxr_linenumber" name="416" href="#416">416</a> <strong class="jxr_keyword">boolean</strong> isValid = false;
|
||||
<a class="jxr_linenumber" name="417" href="#417">417</a>
|
||||
<a class="jxr_linenumber" name="418" href="#418">418</a> <strong class="jxr_keyword">if</strong> (collectionContainsString(dependency.getProductEvidence(), entry.getProduct())
|
||||
<a class="jxr_linenumber" name="419" href="#419">419</a> && collectionContainsString(dependency.getVendorEvidence(), entry.getVendor())) {
|
||||
<a class="jxr_linenumber" name="420" href="#420">420</a> <em class="jxr_comment">//&& collectionContainsVersion(dependency.getVersionEvidence(), entry.getVersion())</em>
|
||||
<a class="jxr_linenumber" name="421" href="#421">421</a> isValid = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="422" href="#422">422</a> }
|
||||
<a class="jxr_linenumber" name="423" href="#423">423</a> <strong class="jxr_keyword">return</strong> isValid;
|
||||
<a class="jxr_linenumber" name="424" href="#424">424</a> }
|
||||
<a class="jxr_linenumber" name="425" href="#425">425</a>
|
||||
<a class="jxr_linenumber" name="426" href="#426">426</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="427" href="#427">427</a> <em class="jxr_javadoccomment"> * Used to determine if the EvidenceCollection contains a specific string.</em>
|
||||
<a class="jxr_linenumber" name="428" href="#428">428</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="429" href="#429">429</a> <em class="jxr_javadoccomment"> * @param ec an EvidenceCollection</em>
|
||||
<a class="jxr_linenumber" name="430" href="#430">430</a> <em class="jxr_javadoccomment"> * @param text the text to search for</em>
|
||||
<a class="jxr_linenumber" name="431" href="#431">431</a> <em class="jxr_javadoccomment"> * @return whether or not the EvidenceCollection contains the string</em>
|
||||
<a class="jxr_linenumber" name="432" href="#432">432</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="433" href="#433">433</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> collectionContainsString(<a href="../../../../org/owasp/dependencycheck/dependency/EvidenceCollection.html">EvidenceCollection</a> ec, String text) {
|
||||
<a class="jxr_linenumber" name="434" href="#434">434</a>
|
||||
<a class="jxr_linenumber" name="435" href="#435">435</a> <em class="jxr_comment">//<editor-fold defaultstate="collapsed" desc="This code fold contains an old version of the code, delete once more testing is done"></em>
|
||||
<a class="jxr_linenumber" name="436" href="#436">436</a> <em class="jxr_comment">// String[] splitText = text.split("[\\s_-]");</em>
|
||||
<a class="jxr_linenumber" name="437" href="#437">437</a> <em class="jxr_comment">//</em>
|
||||
<a class="jxr_linenumber" name="438" href="#438">438</a> <em class="jxr_comment">// for (String search : splitText) {</em>
|
||||
<a class="jxr_linenumber" name="439" href="#439">439</a> <em class="jxr_comment">// //final String search = text.replaceAll("[\\s_-]", "").toLowerCase();</em>
|
||||
<a class="jxr_linenumber" name="440" href="#440">440</a> <em class="jxr_comment">// if (ec.containsUsedString(search)) {</em>
|
||||
<a class="jxr_linenumber" name="441" href="#441">441</a> <em class="jxr_comment">// return true;</em>
|
||||
<a class="jxr_linenumber" name="442" href="#442">442</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="443" href="#443">443</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="444" href="#444">444</a> <em class="jxr_comment">//</editor-fold></em>
|
||||
<a class="jxr_linenumber" name="445" href="#445">445</a>
|
||||
<a class="jxr_linenumber" name="446" href="#446">446</a> <em class="jxr_comment">//TODO - likely need to change the split... not sure if this will work for CPE with special chars</em>
|
||||
<a class="jxr_linenumber" name="447" href="#447">447</a> <strong class="jxr_keyword">final</strong> String[] words = text.split(<span class="jxr_string">"[\\s_-]"</span>);
|
||||
<a class="jxr_linenumber" name="448" href="#448">448</a> <strong class="jxr_keyword">final</strong> List<String> list = <strong class="jxr_keyword">new</strong> ArrayList<String>();
|
||||
<a class="jxr_linenumber" name="449" href="#449">449</a> String tempWord = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="450" href="#450">450</a> <strong class="jxr_keyword">for</strong> (String word : words) {
|
||||
<a class="jxr_linenumber" name="451" href="#451">451</a> <em class="jxr_comment">//single letter words should be concatonated with the next word.</em>
|
||||
<a class="jxr_linenumber" name="452" href="#452">452</a> <em class="jxr_comment">// so { "m", "core", "sample" } -> { "mcore", "sample" }</em>
|
||||
<a class="jxr_linenumber" name="453" href="#453">453</a> <strong class="jxr_keyword">if</strong> (tempWord != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="454" href="#454">454</a> list.add(tempWord + word);
|
||||
<a class="jxr_linenumber" name="455" href="#455">455</a> tempWord = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="456" href="#456">456</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (word.length() <= 2) {
|
||||
<a class="jxr_linenumber" name="457" href="#457">457</a> tempWord = word;
|
||||
<a class="jxr_linenumber" name="458" href="#458">458</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="459" href="#459">459</a> list.add(word);
|
||||
<a class="jxr_linenumber" name="460" href="#460">460</a> }
|
||||
<a class="jxr_linenumber" name="461" href="#461">461</a> }
|
||||
<a class="jxr_linenumber" name="462" href="#462">462</a> <strong class="jxr_keyword">if</strong> (tempWord != <strong class="jxr_keyword">null</strong> && !list.isEmpty()) {
|
||||
<a class="jxr_linenumber" name="463" href="#463">463</a> String tmp = list.get(list.size() - 1) + tempWord;
|
||||
<a class="jxr_linenumber" name="464" href="#464">464</a> list.add(tmp);
|
||||
<a class="jxr_linenumber" name="465" href="#465">465</a> }
|
||||
<a class="jxr_linenumber" name="466" href="#466">466</a> <strong class="jxr_keyword">boolean</strong> contains = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="467" href="#467">467</a> <strong class="jxr_keyword">for</strong> (String word : list) {
|
||||
<a class="jxr_linenumber" name="468" href="#468">468</a> contains &= ec.containsUsedString(word);
|
||||
<a class="jxr_linenumber" name="469" href="#469">469</a> }
|
||||
<a class="jxr_linenumber" name="470" href="#470">470</a> <strong class="jxr_keyword">return</strong> contains;
|
||||
<a class="jxr_linenumber" name="471" href="#471">471</a> }
|
||||
<a class="jxr_linenumber" name="472" href="#472">472</a>
|
||||
<a class="jxr_linenumber" name="473" href="#473">473</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="474" href="#474">474</a> <em class="jxr_javadoccomment"> * Analyzes a dependency and attempts to determine if there are any CPE</em>
|
||||
<a class="jxr_linenumber" name="475" href="#475">475</a> <em class="jxr_javadoccomment"> * identifiers for this dependency.</em>
|
||||
<a class="jxr_linenumber" name="476" href="#476">476</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="477" href="#477">477</a> <em class="jxr_javadoccomment"> * @param dependency The Dependency to analyze.</em>
|
||||
<a class="jxr_linenumber" name="478" href="#478">478</a> <em class="jxr_javadoccomment"> * @param engine The analysis engine</em>
|
||||
<a class="jxr_linenumber" name="479" href="#479">479</a> <em class="jxr_javadoccomment"> * @throws AnalysisException is thrown if there is an issue analyzing the</em>
|
||||
<a class="jxr_linenumber" name="480" href="#480">480</a> <em class="jxr_javadoccomment"> * dependency.</em>
|
||||
<a class="jxr_linenumber" name="481" href="#481">481</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="482" href="#482">482</a> @Override
|
||||
<a class="jxr_linenumber" name="483" href="#483">483</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> analyze(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="484" href="#484">484</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="485" href="#485">485</a> determineCPE(dependency);
|
||||
<a class="jxr_linenumber" name="486" href="#486">486</a> } <strong class="jxr_keyword">catch</strong> (CorruptIndexException ex) {
|
||||
<a class="jxr_linenumber" name="487" href="#487">487</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"CPE Index is corrupt."</span>, ex);
|
||||
<a class="jxr_linenumber" name="488" href="#488">488</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="489" href="#489">489</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Failure opening the CPE Index."</span>, ex);
|
||||
<a class="jxr_linenumber" name="490" href="#490">490</a> } <strong class="jxr_keyword">catch</strong> (ParseException ex) {
|
||||
<a class="jxr_linenumber" name="491" href="#491">491</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unable to parse the generated Lucene query for this dependency."</span>, ex);
|
||||
<a class="jxr_linenumber" name="492" href="#492">492</a> }
|
||||
<a class="jxr_linenumber" name="493" href="#493">493</a> }
|
||||
<a class="jxr_linenumber" name="494" href="#494">494</a>
|
||||
<a class="jxr_linenumber" name="495" href="#495">495</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="496" href="#496">496</a> <em class="jxr_javadoccomment"> * Returns true because this analyzer supports all dependency types.</em>
|
||||
<a class="jxr_linenumber" name="497" href="#497">497</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="498" href="#498">498</a> <em class="jxr_javadoccomment"> * @return true.</em>
|
||||
<a class="jxr_linenumber" name="499" href="#499">499</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="500" href="#500">500</a> @Override
|
||||
<a class="jxr_linenumber" name="501" href="#501">501</a> <strong class="jxr_keyword">public</strong> Set<String> getSupportedExtensions() {
|
||||
<a class="jxr_linenumber" name="502" href="#502">502</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="503" href="#503">503</a> }
|
||||
<a class="jxr_linenumber" name="504" href="#504">504</a>
|
||||
<a class="jxr_linenumber" name="505" href="#505">505</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="506" href="#506">506</a> <em class="jxr_javadoccomment"> * Returns the name of this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="507" href="#507">507</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="508" href="#508">508</a> <em class="jxr_javadoccomment"> * @return the name of this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="509" href="#509">509</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="510" href="#510">510</a> @Override
|
||||
<a class="jxr_linenumber" name="511" href="#511">511</a> <strong class="jxr_keyword">public</strong> String getName() {
|
||||
<a class="jxr_linenumber" name="512" href="#512">512</a> <strong class="jxr_keyword">return</strong> <span class="jxr_string">"CPE Analyzer"</span>;
|
||||
<a class="jxr_linenumber" name="513" href="#513">513</a> }
|
||||
<a class="jxr_linenumber" name="514" href="#514">514</a>
|
||||
<a class="jxr_linenumber" name="515" href="#515">515</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="516" href="#516">516</a> <em class="jxr_javadoccomment"> * Returns true because this analyzer supports all dependency types.</em>
|
||||
<a class="jxr_linenumber" name="517" href="#517">517</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="518" href="#518">518</a> <em class="jxr_javadoccomment"> * @param extension the file extension of the dependency being analyzed.</em>
|
||||
<a class="jxr_linenumber" name="519" href="#519">519</a> <em class="jxr_javadoccomment"> * @return true.</em>
|
||||
<a class="jxr_linenumber" name="520" href="#520">520</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="521" href="#521">521</a> @Override
|
||||
<a class="jxr_linenumber" name="522" href="#522">522</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> supportsExtension(String extension) {
|
||||
<a class="jxr_linenumber" name="523" href="#523">523</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="524" href="#524">524</a> }
|
||||
<a class="jxr_linenumber" name="525" href="#525">525</a>
|
||||
<a class="jxr_linenumber" name="526" href="#526">526</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="527" href="#527">527</a> <em class="jxr_javadoccomment"> * Returns the analysis phase that this analyzer should run in.</em>
|
||||
<a class="jxr_linenumber" name="528" href="#528">528</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="529" href="#529">529</a> <em class="jxr_javadoccomment"> * @return the analysis phase that this analyzer should run in.</em>
|
||||
<a class="jxr_linenumber" name="530" href="#530">530</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="531" href="#531">531</a> @Override
|
||||
<a class="jxr_linenumber" name="532" href="#532">532</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
|
||||
<a class="jxr_linenumber" name="533" href="#533">533</a> <strong class="jxr_keyword">return</strong> AnalysisPhase.IDENTIFIER_ANALYSIS;
|
||||
<a class="jxr_linenumber" name="534" href="#534">534</a> }
|
||||
<a class="jxr_linenumber" name="535" href="#535">535</a>
|
||||
<a class="jxr_linenumber" name="536" href="#536">536</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="537" href="#537">537</a> <em class="jxr_javadoccomment"> * Opens the CPE Lucene Index.</em>
|
||||
<a class="jxr_linenumber" name="538" href="#538">538</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="539" href="#539">539</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown if there is an issue opening the index.</em>
|
||||
<a class="jxr_linenumber" name="540" href="#540">540</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="541" href="#541">541</a> @Override
|
||||
<a class="jxr_linenumber" name="542" href="#542">542</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> initialize() <strong class="jxr_keyword">throws</strong> Exception {
|
||||
<a class="jxr_linenumber" name="543" href="#543">543</a> <strong class="jxr_keyword">this</strong>.open();
|
||||
<a class="jxr_linenumber" name="544" href="#544">544</a> }
|
||||
<a class="jxr_linenumber" name="545" href="#545">545</a>
|
||||
<a class="jxr_linenumber" name="546" href="#546">546</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="547" href="#547">547</a> <em class="jxr_javadoccomment"> * Retrieves a list of CPE values from the CveDB based on the vendor and</em>
|
||||
<a class="jxr_linenumber" name="548" href="#548">548</a> <em class="jxr_javadoccomment"> * product passed in. The list is then validated to find only CPEs that are</em>
|
||||
<a class="jxr_linenumber" name="549" href="#549">549</a> <em class="jxr_javadoccomment"> * valid for the given dependency. It is possible that the CPE identified is</em>
|
||||
<a class="jxr_linenumber" name="550" href="#550">550</a> <em class="jxr_javadoccomment"> * a best effort "guess" based on the vendor, product, and version</em>
|
||||
<a class="jxr_linenumber" name="551" href="#551">551</a> <em class="jxr_javadoccomment"> * information.</em>
|
||||
<a class="jxr_linenumber" name="552" href="#552">552</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="553" href="#553">553</a> <em class="jxr_javadoccomment"> * @param dependency the Dependency being analyzed</em>
|
||||
<a class="jxr_linenumber" name="554" href="#554">554</a> <em class="jxr_javadoccomment"> * @param vendor the vendor for the CPE being analyzed</em>
|
||||
<a class="jxr_linenumber" name="555" href="#555">555</a> <em class="jxr_javadoccomment"> * @param product the product for the CPE being analyzed</em>
|
||||
<a class="jxr_linenumber" name="556" href="#556">556</a> <em class="jxr_javadoccomment"> * @throws UnsupportedEncodingException is thrown if UTF-8 is not supported</em>
|
||||
<a class="jxr_linenumber" name="557" href="#557">557</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="558" href="#558">558</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> determineIdentifiers(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, String vendor, String product) <strong class="jxr_keyword">throws</strong> UnsupportedEncodingException {
|
||||
<a class="jxr_linenumber" name="559" href="#559">559</a> <strong class="jxr_keyword">final</strong> Set<VulnerableSoftware> cpes = cve.getCPEs(vendor, product);
|
||||
<a class="jxr_linenumber" name="560" href="#560">560</a> <a href="../../../../org/owasp/dependencycheck/utils/DependencyVersion.html">DependencyVersion</a> bestGuess = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DependencyVersion.html">DependencyVersion</a>(<span class="jxr_string">"-"</span>);
|
||||
<a class="jxr_linenumber" name="561" href="#561">561</a> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> bestGuessConf = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="562" href="#562">562</a> <strong class="jxr_keyword">final</strong> List<IdentifierMatch> collected = <strong class="jxr_keyword">new</strong> ArrayList<IdentifierMatch>();
|
||||
<a class="jxr_linenumber" name="563" href="#563">563</a> <strong class="jxr_keyword">for</strong> (Confidence conf : Confidence.values()) {
|
||||
<a class="jxr_linenumber" name="564" href="#564">564</a> <strong class="jxr_keyword">for</strong> (Evidence evidence : dependency.getVersionEvidence().iterator(conf)) {
|
||||
<a class="jxr_linenumber" name="565" href="#565">565</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/utils/DependencyVersion.html">DependencyVersion</a> evVer = DependencyVersionUtil.parseVersion(evidence.getValue());
|
||||
<a class="jxr_linenumber" name="566" href="#566">566</a> <strong class="jxr_keyword">if</strong> (evVer == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="567" href="#567">567</a> <strong class="jxr_keyword">continue</strong>;
|
||||
<a class="jxr_linenumber" name="568" href="#568">568</a> }
|
||||
<a class="jxr_linenumber" name="569" href="#569">569</a> <strong class="jxr_keyword">for</strong> (VulnerableSoftware vs : cpes) {
|
||||
<a class="jxr_linenumber" name="570" href="#570">570</a> <a href="../../../../org/owasp/dependencycheck/utils/DependencyVersion.html">DependencyVersion</a> dbVer;
|
||||
<a class="jxr_linenumber" name="571" href="#571">571</a> <strong class="jxr_keyword">if</strong> (vs.getRevision() != <strong class="jxr_keyword">null</strong> && !vs.getRevision().isEmpty()) {
|
||||
<a class="jxr_linenumber" name="572" href="#572">572</a> dbVer = DependencyVersionUtil.parseVersion(vs.getVersion() + <span class="jxr_string">"."</span> + vs.getRevision());
|
||||
<a class="jxr_linenumber" name="573" href="#573">573</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="574" href="#574">574</a> dbVer = DependencyVersionUtil.parseVersion(vs.getVersion());
|
||||
<a class="jxr_linenumber" name="575" href="#575">575</a> }
|
||||
<a class="jxr_linenumber" name="576" href="#576">576</a> <strong class="jxr_keyword">if</strong> (dbVer == <strong class="jxr_keyword">null</strong> <em class="jxr_comment">//special case, no version specified - everything is vulnerable</em>
|
||||
<a class="jxr_linenumber" name="577" href="#577">577</a> || evVer.equals(dbVer)) { <em class="jxr_comment">//woot exect match</em>
|
||||
<a class="jxr_linenumber" name="578" href="#578">578</a> <strong class="jxr_keyword">final</strong> String url = String.format(<span class="jxr_string">"http://web.nvd.nist.gov/view/vuln/search?cpe=%s"</span>, URLEncoder.encode(vs.getName(), <span class="jxr_string">"UTF-8"</span>));
|
||||
<a class="jxr_linenumber" name="579" href="#579">579</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a> match = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a>(<span class="jxr_string">"cpe"</span>, vs.getName(), url, IdentifierConfidence.EXACT_MATCH, conf);
|
||||
<a class="jxr_linenumber" name="580" href="#580">580</a> collected.add(match);
|
||||
<a class="jxr_linenumber" name="581" href="#581">581</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="582" href="#582">582</a> <em class="jxr_comment">//TODO the following isn't quite right is it? need to think about this guessing game a bit more.</em>
|
||||
<a class="jxr_linenumber" name="583" href="#583">583</a> <strong class="jxr_keyword">if</strong> (evVer.getVersionParts().size() <= dbVer.getVersionParts().size()
|
||||
<a class="jxr_linenumber" name="584" href="#584">584</a> && evVer.matchesAtLeastThreeLevels(dbVer)) {
|
||||
<a class="jxr_linenumber" name="585" href="#585">585</a> <strong class="jxr_keyword">if</strong> (bestGuessConf == <strong class="jxr_keyword">null</strong> || bestGuessConf.compareTo(conf) > 0) {
|
||||
<a class="jxr_linenumber" name="586" href="#586">586</a> <strong class="jxr_keyword">if</strong> (bestGuess.getVersionParts().size() < dbVer.getVersionParts().size()) {
|
||||
<a class="jxr_linenumber" name="587" href="#587">587</a> bestGuess = dbVer;
|
||||
<a class="jxr_linenumber" name="588" href="#588">588</a> bestGuessConf = conf;
|
||||
<a class="jxr_linenumber" name="589" href="#589">589</a> }
|
||||
<a class="jxr_linenumber" name="590" href="#590">590</a> }
|
||||
<a class="jxr_linenumber" name="591" href="#591">591</a> }
|
||||
<a class="jxr_linenumber" name="592" href="#592">592</a> }
|
||||
<a class="jxr_linenumber" name="593" href="#593">593</a> }
|
||||
<a class="jxr_linenumber" name="594" href="#594">594</a> <strong class="jxr_keyword">if</strong> (bestGuessConf == <strong class="jxr_keyword">null</strong> || bestGuessConf.compareTo(conf) > 0) {
|
||||
<a class="jxr_linenumber" name="595" href="#595">595</a> <strong class="jxr_keyword">if</strong> (bestGuess.getVersionParts().size() < evVer.getVersionParts().size()) {
|
||||
<a class="jxr_linenumber" name="596" href="#596">596</a> bestGuess = evVer;
|
||||
<a class="jxr_linenumber" name="597" href="#597">597</a> bestGuessConf = conf;
|
||||
<a class="jxr_linenumber" name="598" href="#598">598</a> }
|
||||
<a class="jxr_linenumber" name="599" href="#599">599</a> }
|
||||
<a class="jxr_linenumber" name="600" href="#600">600</a> }
|
||||
<a class="jxr_linenumber" name="601" href="#601">601</a> }
|
||||
<a class="jxr_linenumber" name="602" href="#602">602</a> <strong class="jxr_keyword">final</strong> String cpeName = String.format(<span class="jxr_string">"cpe:/a:%s:%s:%s"</span>, vendor, product, bestGuess.toString());
|
||||
<a class="jxr_linenumber" name="603" href="#603">603</a> <strong class="jxr_keyword">final</strong> String url = <strong class="jxr_keyword">null</strong>; <em class="jxr_comment">//String.format("http://web.nvd.nist.gov/view/vuln/search?cpe=%s", URLEncoder.encode(cpeName, "UTF-8"));</em>
|
||||
<a class="jxr_linenumber" name="604" href="#604">604</a> <strong class="jxr_keyword">if</strong> (bestGuessConf == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="605" href="#605">605</a> bestGuessConf = Confidence.LOW;
|
||||
<a class="jxr_linenumber" name="606" href="#606">606</a> }
|
||||
<a class="jxr_linenumber" name="607" href="#607">607</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a> match = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a>(<span class="jxr_string">"cpe"</span>, cpeName, url, IdentifierConfidence.BEST_GUESS, bestGuessConf);
|
||||
<a class="jxr_linenumber" name="608" href="#608">608</a> collected.add(match);
|
||||
<a class="jxr_linenumber" name="609" href="#609">609</a>
|
||||
<a class="jxr_linenumber" name="610" href="#610">610</a> Collections.sort(collected);
|
||||
<a class="jxr_linenumber" name="611" href="#611">611</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierConfidence</a> bestIdentifierQuality = collected.get(0).getConfidence();
|
||||
<a class="jxr_linenumber" name="612" href="#612">612</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> bestEvidenceQuality = collected.get(0).getEvidenceConfidence();
|
||||
<a class="jxr_linenumber" name="613" href="#613">613</a> <strong class="jxr_keyword">for</strong> (IdentifierMatch m : collected) {
|
||||
<a class="jxr_linenumber" name="614" href="#614">614</a> <strong class="jxr_keyword">if</strong> (bestIdentifierQuality.equals(m.getConfidence())
|
||||
<a class="jxr_linenumber" name="615" href="#615">615</a> && bestEvidenceQuality.equals(m.getEvidenceConfidence())) {
|
||||
<a class="jxr_linenumber" name="616" href="#616">616</a> dependency.addIdentifier(m.getIdentifier());
|
||||
<a class="jxr_linenumber" name="617" href="#617">617</a> }
|
||||
<a class="jxr_linenumber" name="618" href="#618">618</a> }
|
||||
<a class="jxr_linenumber" name="619" href="#619">619</a> }
|
||||
<a class="jxr_linenumber" name="620" href="#620">620</a>
|
||||
<a class="jxr_linenumber" name="621" href="#621">621</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="622" href="#622">622</a> <em class="jxr_javadoccomment"> * The confidence whether the identifier is an exact match, or a best guess.</em>
|
||||
<a class="jxr_linenumber" name="623" href="#623">623</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="624" href="#624">624</a> <strong class="jxr_keyword">private</strong> enum <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierConfidence</a> {
|
||||
<a class="jxr_linenumber" name="625" href="#625">625</a>
|
||||
<a class="jxr_linenumber" name="626" href="#626">626</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="627" href="#627">627</a> <em class="jxr_javadoccomment"> * An exact match for the CPE.</em>
|
||||
<a class="jxr_linenumber" name="628" href="#628">628</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="629" href="#629">629</a> EXACT_MATCH,
|
||||
<a class="jxr_linenumber" name="630" href="#630">630</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="631" href="#631">631</a> <em class="jxr_javadoccomment"> * A best guess for the CPE.</em>
|
||||
<a class="jxr_linenumber" name="632" href="#632">632</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="633" href="#633">633</a> BEST_GUESS
|
||||
<a class="jxr_linenumber" name="634" href="#634">634</a> }
|
||||
<a class="jxr_linenumber" name="635" href="#635">635</a>
|
||||
<a class="jxr_linenumber" name="636" href="#636">636</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="637" href="#637">637</a> <em class="jxr_javadoccomment"> * A simple object to hold an identifier and carry information about the</em>
|
||||
<a class="jxr_linenumber" name="638" href="#638">638</a> <em class="jxr_javadoccomment"> * confidence in the identifier.</em>
|
||||
<a class="jxr_linenumber" name="639" href="#639">639</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="640" href="#640">640</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a> <strong class="jxr_keyword">implements</strong> Comparable<IdentifierMatch> {
|
||||
<a class="jxr_linenumber" name="641" href="#641">641</a>
|
||||
<a class="jxr_linenumber" name="642" href="#642">642</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="643" href="#643">643</a> <em class="jxr_javadoccomment"> * Constructs an IdentiferMatch.</em>
|
||||
<a class="jxr_linenumber" name="644" href="#644">644</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="645" href="#645">645</a> <em class="jxr_javadoccomment"> * @param type the type of identifier (such as CPE)</em>
|
||||
<a class="jxr_linenumber" name="646" href="#646">646</a> <em class="jxr_javadoccomment"> * @param value the value of the identifier</em>
|
||||
<a class="jxr_linenumber" name="647" href="#647">647</a> <em class="jxr_javadoccomment"> * @param url the URL of the identifier</em>
|
||||
<a class="jxr_linenumber" name="648" href="#648">648</a> <em class="jxr_javadoccomment"> * @param identifierConfidence the confidence in the identifier: best</em>
|
||||
<a class="jxr_linenumber" name="649" href="#649">649</a> <em class="jxr_javadoccomment"> * guess or exact match</em>
|
||||
<a class="jxr_linenumber" name="650" href="#650">650</a> <em class="jxr_javadoccomment"> * @param evidenceConfidence the confidence of the evidence used to find</em>
|
||||
<a class="jxr_linenumber" name="651" href="#651">651</a> <em class="jxr_javadoccomment"> * the identifier</em>
|
||||
<a class="jxr_linenumber" name="652" href="#652">652</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="653" href="#653">653</a> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a>(String type, String value, String url, <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierConfidence</a> identifierConfidence, <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> evidenceConfidence) {
|
||||
<a class="jxr_linenumber" name="654" href="#654">654</a> <strong class="jxr_keyword">this</strong>.identifier = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Identifier.html">Identifier</a>(type, value, url);
|
||||
<a class="jxr_linenumber" name="655" href="#655">655</a> <strong class="jxr_keyword">this</strong>.confidence = identifierConfidence;
|
||||
<a class="jxr_linenumber" name="656" href="#656">656</a> <strong class="jxr_keyword">this</strong>.evidenceConfidence = evidenceConfidence;
|
||||
<a class="jxr_linenumber" name="657" href="#657">657</a> }
|
||||
<a class="jxr_linenumber" name="658" href="#658">658</a> <em class="jxr_comment">//<editor-fold defaultstate="collapsed" desc="Property implementations: evidenceConfidence, confidence, identifier"></em>
|
||||
<a class="jxr_linenumber" name="659" href="#659">659</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="660" href="#660">660</a> <em class="jxr_javadoccomment"> * The confidence in the evidence used to identify this match.</em>
|
||||
<a class="jxr_linenumber" name="661" href="#661">661</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="662" href="#662">662</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> evidenceConfidence;
|
||||
<a class="jxr_linenumber" name="663" href="#663">663</a>
|
||||
<a class="jxr_linenumber" name="664" href="#664">664</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="665" href="#665">665</a> <em class="jxr_javadoccomment"> * Get the value of evidenceConfidence</em>
|
||||
<a class="jxr_linenumber" name="666" href="#666">666</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="667" href="#667">667</a> <em class="jxr_javadoccomment"> * @return the value of evidenceConfidence</em>
|
||||
<a class="jxr_linenumber" name="668" href="#668">668</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="669" href="#669">669</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> getEvidenceConfidence() {
|
||||
<a class="jxr_linenumber" name="670" href="#670">670</a> <strong class="jxr_keyword">return</strong> evidenceConfidence;
|
||||
<a class="jxr_linenumber" name="671" href="#671">671</a> }
|
||||
<a class="jxr_linenumber" name="672" href="#672">672</a>
|
||||
<a class="jxr_linenumber" name="673" href="#673">673</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="674" href="#674">674</a> <em class="jxr_javadoccomment"> * Set the value of evidenceConfidence</em>
|
||||
<a class="jxr_linenumber" name="675" href="#675">675</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="676" href="#676">676</a> <em class="jxr_javadoccomment"> * @param evidenceConfidence new value of evidenceConfidence</em>
|
||||
<a class="jxr_linenumber" name="677" href="#677">677</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="678" href="#678">678</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setEvidenceConfidence(<a href="../../../../org/owasp/dependencycheck/dependency/Evidence.html">Confidence</a> evidenceConfidence) {
|
||||
<a class="jxr_linenumber" name="679" href="#679">679</a> <strong class="jxr_keyword">this</strong>.evidenceConfidence = evidenceConfidence;
|
||||
<a class="jxr_linenumber" name="680" href="#680">680</a> }
|
||||
<a class="jxr_linenumber" name="681" href="#681">681</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="682" href="#682">682</a> <em class="jxr_javadoccomment"> * The confidence whether this is an exact match, or a best guess.</em>
|
||||
<a class="jxr_linenumber" name="683" href="#683">683</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="684" href="#684">684</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierConfidence</a> confidence;
|
||||
<a class="jxr_linenumber" name="685" href="#685">685</a>
|
||||
<a class="jxr_linenumber" name="686" href="#686">686</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="687" href="#687">687</a> <em class="jxr_javadoccomment"> * Get the value of confidence.</em>
|
||||
<a class="jxr_linenumber" name="688" href="#688">688</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="689" href="#689">689</a> <em class="jxr_javadoccomment"> * @return the value of confidence</em>
|
||||
<a class="jxr_linenumber" name="690" href="#690">690</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="691" href="#691">691</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierConfidence</a> getConfidence() {
|
||||
<a class="jxr_linenumber" name="692" href="#692">692</a> <strong class="jxr_keyword">return</strong> confidence;
|
||||
<a class="jxr_linenumber" name="693" href="#693">693</a> }
|
||||
<a class="jxr_linenumber" name="694" href="#694">694</a>
|
||||
<a class="jxr_linenumber" name="695" href="#695">695</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="696" href="#696">696</a> <em class="jxr_javadoccomment"> * Set the value of confidence.</em>
|
||||
<a class="jxr_linenumber" name="697" href="#697">697</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="698" href="#698">698</a> <em class="jxr_javadoccomment"> * @param confidence new value of confidence</em>
|
||||
<a class="jxr_linenumber" name="699" href="#699">699</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="700" href="#700">700</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setConfidence(<a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierConfidence</a> confidence) {
|
||||
<a class="jxr_linenumber" name="701" href="#701">701</a> <strong class="jxr_keyword">this</strong>.confidence = confidence;
|
||||
<a class="jxr_linenumber" name="702" href="#702">702</a> }
|
||||
<a class="jxr_linenumber" name="703" href="#703">703</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="704" href="#704">704</a> <em class="jxr_javadoccomment"> * The CPE identifier.</em>
|
||||
<a class="jxr_linenumber" name="705" href="#705">705</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="706" href="#706">706</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Identifier.html">Identifier</a> identifier;
|
||||
<a class="jxr_linenumber" name="707" href="#707">707</a>
|
||||
<a class="jxr_linenumber" name="708" href="#708">708</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="709" href="#709">709</a> <em class="jxr_javadoccomment"> * Get the value of identifier.</em>
|
||||
<a class="jxr_linenumber" name="710" href="#710">710</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="711" href="#711">711</a> <em class="jxr_javadoccomment"> * @return the value of identifier</em>
|
||||
<a class="jxr_linenumber" name="712" href="#712">712</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="713" href="#713">713</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Identifier.html">Identifier</a> getIdentifier() {
|
||||
<a class="jxr_linenumber" name="714" href="#714">714</a> <strong class="jxr_keyword">return</strong> identifier;
|
||||
<a class="jxr_linenumber" name="715" href="#715">715</a> }
|
||||
<a class="jxr_linenumber" name="716" href="#716">716</a>
|
||||
<a class="jxr_linenumber" name="717" href="#717">717</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="718" href="#718">718</a> <em class="jxr_javadoccomment"> * Set the value of identifier.</em>
|
||||
<a class="jxr_linenumber" name="719" href="#719">719</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="720" href="#720">720</a> <em class="jxr_javadoccomment"> * @param identifier new value of identifier</em>
|
||||
<a class="jxr_linenumber" name="721" href="#721">721</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="722" href="#722">722</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setIdentifier(<a href="../../../../org/owasp/dependencycheck/dependency/Identifier.html">Identifier</a> identifier) {
|
||||
<a class="jxr_linenumber" name="723" href="#723">723</a> <strong class="jxr_keyword">this</strong>.identifier = identifier;
|
||||
<a class="jxr_linenumber" name="724" href="#724">724</a> }
|
||||
<a class="jxr_linenumber" name="725" href="#725">725</a> <em class="jxr_comment">//</editor-fold></em>
|
||||
<a class="jxr_linenumber" name="726" href="#726">726</a> <em class="jxr_comment">//<editor-fold defaultstate="collapsed" desc="Standard implementations of toString, hashCode, and equals"></em>
|
||||
<a class="jxr_linenumber" name="727" href="#727">727</a>
|
||||
<a class="jxr_linenumber" name="728" href="#728">728</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="729" href="#729">729</a> <em class="jxr_javadoccomment"> * Standard toString() implementation.</em>
|
||||
<a class="jxr_linenumber" name="730" href="#730">730</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="731" href="#731">731</a> <em class="jxr_javadoccomment"> * @return the string representation of the object</em>
|
||||
<a class="jxr_linenumber" name="732" href="#732">732</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="733" href="#733">733</a> @Override
|
||||
<a class="jxr_linenumber" name="734" href="#734">734</a> <strong class="jxr_keyword">public</strong> String toString() {
|
||||
<a class="jxr_linenumber" name="735" href="#735">735</a> <strong class="jxr_keyword">return</strong> <span class="jxr_string">"IdentifierMatch{"</span> + <span class="jxr_string">"evidenceConfidence="</span> + evidenceConfidence
|
||||
<a class="jxr_linenumber" name="736" href="#736">736</a> + <span class="jxr_string">", confidence="</span> + confidence + <span class="jxr_string">", identifier="</span> + identifier + '}';
|
||||
<a class="jxr_linenumber" name="737" href="#737">737</a> }
|
||||
<a class="jxr_linenumber" name="738" href="#738">738</a>
|
||||
<a class="jxr_linenumber" name="739" href="#739">739</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="740" href="#740">740</a> <em class="jxr_javadoccomment"> * Standard hashCode() implementation.</em>
|
||||
<a class="jxr_linenumber" name="741" href="#741">741</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="742" href="#742">742</a> <em class="jxr_javadoccomment"> * @return the hashCode</em>
|
||||
<a class="jxr_linenumber" name="743" href="#743">743</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="744" href="#744">744</a> @Override
|
||||
<a class="jxr_linenumber" name="745" href="#745">745</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">int</strong> hashCode() {
|
||||
<a class="jxr_linenumber" name="746" href="#746">746</a> <strong class="jxr_keyword">int</strong> hash = 5;
|
||||
<a class="jxr_linenumber" name="747" href="#747">747</a> hash = 97 * hash + (<strong class="jxr_keyword">this</strong>.evidenceConfidence != <strong class="jxr_keyword">null</strong> ? <strong class="jxr_keyword">this</strong>.evidenceConfidence.hashCode() : 0);
|
||||
<a class="jxr_linenumber" name="748" href="#748">748</a> hash = 97 * hash + (<strong class="jxr_keyword">this</strong>.confidence != <strong class="jxr_keyword">null</strong> ? <strong class="jxr_keyword">this</strong>.confidence.hashCode() : 0);
|
||||
<a class="jxr_linenumber" name="749" href="#749">749</a> hash = 97 * hash + (<strong class="jxr_keyword">this</strong>.identifier != <strong class="jxr_keyword">null</strong> ? <strong class="jxr_keyword">this</strong>.identifier.hashCode() : 0);
|
||||
<a class="jxr_linenumber" name="750" href="#750">750</a> <strong class="jxr_keyword">return</strong> hash;
|
||||
<a class="jxr_linenumber" name="751" href="#751">751</a> }
|
||||
<a class="jxr_linenumber" name="752" href="#752">752</a>
|
||||
<a class="jxr_linenumber" name="753" href="#753">753</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="754" href="#754">754</a> <em class="jxr_javadoccomment"> * Standard equals implementation.</em>
|
||||
<a class="jxr_linenumber" name="755" href="#755">755</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="756" href="#756">756</a> <em class="jxr_javadoccomment"> * @param obj the object to compare</em>
|
||||
<a class="jxr_linenumber" name="757" href="#757">757</a> <em class="jxr_javadoccomment"> * @return true if the objects are equal, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="758" href="#758">758</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="759" href="#759">759</a> @Override
|
||||
<a class="jxr_linenumber" name="760" href="#760">760</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> equals(Object obj) {
|
||||
<a class="jxr_linenumber" name="761" href="#761">761</a> <strong class="jxr_keyword">if</strong> (obj == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="762" href="#762">762</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="763" href="#763">763</a> }
|
||||
<a class="jxr_linenumber" name="764" href="#764">764</a> <strong class="jxr_keyword">if</strong> (getClass() != obj.getClass()) {
|
||||
<a class="jxr_linenumber" name="765" href="#765">765</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="766" href="#766">766</a> }
|
||||
<a class="jxr_linenumber" name="767" href="#767">767</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a> other = (IdentifierMatch) obj;
|
||||
<a class="jxr_linenumber" name="768" href="#768">768</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.evidenceConfidence != other.evidenceConfidence) {
|
||||
<a class="jxr_linenumber" name="769" href="#769">769</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="770" href="#770">770</a> }
|
||||
<a class="jxr_linenumber" name="771" href="#771">771</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.confidence != other.confidence) {
|
||||
<a class="jxr_linenumber" name="772" href="#772">772</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="773" href="#773">773</a> }
|
||||
<a class="jxr_linenumber" name="774" href="#774">774</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.identifier != other.identifier && (<strong class="jxr_keyword">this</strong>.identifier == <strong class="jxr_keyword">null</strong> || !<strong class="jxr_keyword">this</strong>.identifier.equals(other.identifier))) {
|
||||
<a class="jxr_linenumber" name="775" href="#775">775</a> <strong class="jxr_keyword">return</strong> false;
|
||||
<a class="jxr_linenumber" name="776" href="#776">776</a> }
|
||||
<a class="jxr_linenumber" name="777" href="#777">777</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="778" href="#778">778</a> }
|
||||
<a class="jxr_linenumber" name="779" href="#779">779</a> <em class="jxr_comment">//</editor-fold></em>
|
||||
<a class="jxr_linenumber" name="780" href="#780">780</a>
|
||||
<a class="jxr_linenumber" name="781" href="#781">781</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="782" href="#782">782</a> <em class="jxr_javadoccomment"> * Standard implementation of compareTo that compares identifier</em>
|
||||
<a class="jxr_linenumber" name="783" href="#783">783</a> <em class="jxr_javadoccomment"> * confidence, evidence confidence, and then the identifier.</em>
|
||||
<a class="jxr_linenumber" name="784" href="#784">784</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="785" href="#785">785</a> <em class="jxr_javadoccomment"> * @param o the IdentifierMatch to compare to</em>
|
||||
<a class="jxr_linenumber" name="786" href="#786">786</a> <em class="jxr_javadoccomment"> * @return the natural ordering of IdentifierMatch</em>
|
||||
<a class="jxr_linenumber" name="787" href="#787">787</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="788" href="#788">788</a> @Override
|
||||
<a class="jxr_linenumber" name="789" href="#789">789</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">int</strong> compareTo(<a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzer.html">IdentifierMatch</a> o) {
|
||||
<a class="jxr_linenumber" name="790" href="#790">790</a> <strong class="jxr_keyword">int</strong> conf = <strong class="jxr_keyword">this</strong>.confidence.compareTo(o.confidence);
|
||||
<a class="jxr_linenumber" name="791" href="#791">791</a> <strong class="jxr_keyword">if</strong> (conf == 0) {
|
||||
<a class="jxr_linenumber" name="792" href="#792">792</a> conf = <strong class="jxr_keyword">this</strong>.evidenceConfidence.compareTo(o.evidenceConfidence);
|
||||
<a class="jxr_linenumber" name="793" href="#793">793</a> <strong class="jxr_keyword">if</strong> (conf == 0) {
|
||||
<a class="jxr_linenumber" name="794" href="#794">794</a> conf = identifier.compareTo(o.identifier);
|
||||
<a class="jxr_linenumber" name="795" href="#795">795</a> }
|
||||
<a class="jxr_linenumber" name="796" href="#796">796</a> }
|
||||
<a class="jxr_linenumber" name="797" href="#797">797</a> <strong class="jxr_keyword">return</strong> conf;
|
||||
<a class="jxr_linenumber" name="798" href="#798">798</a> }
|
||||
<a class="jxr_linenumber" name="799" href="#799">799</a> }
|
||||
<a class="jxr_linenumber" name="800" href="#800">800</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -169,7 +169,7 @@
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <em class="jxr_javadoccomment"> * The set of file extensions supported by this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Set<String> EXTENSIONS = newHashSet(<span class="jxr_string">"jar"</span>);
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Set<String> EXTENSIONS = newHashSet(<span class="jxr_string">"jar"</span>, <span class="jxr_string">"war"</span>);
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a>
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <em class="jxr_javadoccomment"> * Returns a list of file EXTENSIONS supported by this analyzer.</em>
|
||||
|
||||
@@ -0,0 +1,236 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>NvdCveAnalyzer xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.analyzer;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.sql.SQLException;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.Set;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Vulnerability;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Identifier;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.CveDB;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment"> * NvdCveAnalyzer is a utility class that takes a project dependency and</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment"> * attempts to discern if there is an associated CVEs. It uses the the</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> * identifiers found by other analyzers to lookup the CVE data.</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.html">NvdCveAnalyzer</a> <strong class="jxr_keyword">implements</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/Analyzer.html">Analyzer</a> {
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> * The maximum number of query results to return.</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> MAX_QUERY_RESULTS = 100;
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> * The CVE Index.</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a> cveDB;
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * Opens the data source.</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * @throws SQLException thrown when there is a SQL Exception</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * @throws IOException thrown when there is an IO Exception</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * @throws DatabaseException thrown when there is a database exceptions</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * @throws ClassNotFoundException thrown if the h2 database driver cannot be</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * loaded</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> open() <strong class="jxr_keyword">throws</strong> SQLException, IOException, DatabaseException, ClassNotFoundException {
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> cveDB = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a>();
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> cveDB.open();
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> }
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> * Closes the data source.</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> cveDB.close();
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> cveDB = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> }
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * Returns the status of the data source - is the database open.</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> * @return true or false.</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isOpen() {
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <strong class="jxr_keyword">return</strong> (cveDB != <strong class="jxr_keyword">null</strong>);
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> }
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * Ensures that the CVE Database is closed.</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> * @throws Throwable when a throwable is thrown.</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> @Override
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> finalize() <strong class="jxr_keyword">throws</strong> Throwable {
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <strong class="jxr_keyword">super</strong>.finalize();
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">if</strong> (isOpen()) {
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> close();
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> }
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> }
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * Analyzes a dependency and attempts to determine if there are any CPE</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> * identifiers for this dependency.</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment"> * @param dependency The Dependency to analyze</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> * @param engine The analysis engine</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * @throws AnalysisException is thrown if there is an issue analyzing the</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> * dependency</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> analyze(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> AnalysisException {
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">for</strong> (Identifier id : dependency.getIdentifiers()) {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"cpe"</span>.equals(id.getType())) {
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <strong class="jxr_keyword">final</strong> String value = id.getValue();
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <strong class="jxr_keyword">final</strong> List<Vulnerability> vulns = cveDB.getVulnerabilities(value);
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> dependency.getVulnerabilities().addAll(vulns);
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <em class="jxr_comment">//TODO - remove this comment block after additional testing is completed</em>
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <em class="jxr_comment">//note - valid match functionality has been moved into the CveDB class.</em>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_comment">//// for (Vulnerability v : vulns) {</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <em class="jxr_comment">//// if (isValidMatch(dependency, v)) {</em>
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <em class="jxr_comment">//// dependency.addVulnerability(v);</em>
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> } <strong class="jxr_keyword">catch</strong> (DatabaseException ex) {
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisException.html">AnalysisException</a>(ex);
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> }
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> }
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> }
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> }
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment"> * Returns true because this analyzer supports all dependency types.</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> * @return true.</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <strong class="jxr_keyword">public</strong> Set<String> getSupportedExtensions() {
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> }
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <em class="jxr_javadoccomment"> * Returns the name of this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_javadoccomment"> * @return the name of this analyzer.</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <strong class="jxr_keyword">public</strong> String getName() {
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <strong class="jxr_keyword">return</strong> <span class="jxr_string">"NVD CVE Analyzer"</span>;
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> }
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> * Returns true because this analyzer supports all dependency types.</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment"> * @param extension the file extension of the dependency being analyzed.</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> * @return true.</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> supportsExtension(String extension) {
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> }
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment"> * Returns the analysis phase that this analyzer should run in.</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> * @return the analysis phase that this analyzer should run in.</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <strong class="jxr_keyword">return</strong> AnalysisPhase.FINDING_ANALYSIS;
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> }
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <em class="jxr_javadoccomment"> * Opens the NVD CVE Lucene Index.</em>
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown if there is an issue opening the index.</em>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> initialize() <strong class="jxr_keyword">throws</strong> Exception {
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <strong class="jxr_keyword">this</strong>.open();
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> }
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <em class="jxr_comment">//TODO - remove this comment block after additional testing is completed</em>
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <em class="jxr_comment">// The following check has been moved into the CveDB class.</em>
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <em class="jxr_comment">//// </em><em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <em class="jxr_javadoccomment">//// * <p>Determines if this is a valid vulnerability match for the given</em>
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> <em class="jxr_javadoccomment">//// * dependency. Specifically, this is concerned with ensuring the version</em>
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment">//// * numbers are correct.</p></em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment">//// * <p>Currently, this is focused on the issues with the versions for Struts</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <em class="jxr_javadoccomment">//// * 1 and Struts 2. In the future this will due better matching on more</em>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <em class="jxr_javadoccomment">//// * version numbers.</p></em>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment">//// *</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment">//// * @param dependency the dependency</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <em class="jxr_javadoccomment">//// * @param v the vulnerability</em>
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <em class="jxr_javadoccomment">//// * @return returns true if the vulnerability is for the given dependency</em>
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <em class="jxr_javadoccomment">//// */</em>
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <em class="jxr_comment">//// private boolean isValidMatch(final Dependency dependency, final Vulnerability v) {</em>
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <em class="jxr_comment">//// //right now I only know of the issue with Struts1/2</em>
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> <em class="jxr_comment">//// // start with fixing this problem.</em>
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <em class="jxr_comment">////</em>
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <em class="jxr_comment">//// //TODO extend this solution to do better version matching for the vulnerable software.</em>
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <em class="jxr_comment">//// boolean struts1 = false;</em>
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> <em class="jxr_comment">//// boolean struts2 = false;</em>
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> <em class="jxr_comment">//// for (Identifier i : dependency.getIdentifiers()) {</em>
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> <em class="jxr_comment">//// if (i.getValue().startsWith("cpe:/a:apache:struts:")) {</em>
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <em class="jxr_comment">//// final char version = i.getValue().charAt(21);</em>
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <em class="jxr_comment">//// if (version == '1') {</em>
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <em class="jxr_comment">//// struts1 = true;</em>
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> <em class="jxr_comment">//// if (version == '2') {</em>
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <em class="jxr_comment">//// struts2 = true;</em>
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_comment">//// if (!struts1 && !struts2) {</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_comment">//// return true; //we are not looking at struts, so return true.</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_comment">//// if (struts1 && struts2) {</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <em class="jxr_comment">//// return true; //there is a mismatch here, but we can't solve it here so we return valid.</em>
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <em class="jxr_comment">//// if (struts1) {</em>
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> <em class="jxr_comment">//// boolean hasStruts1Vuln = false;</em>
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <em class="jxr_comment">//// boolean hasStruts2PreviousVersion = false;</em>
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <em class="jxr_comment">//// for (VulnerableSoftware vs : v.getVulnerableSoftware()) {</em>
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <em class="jxr_comment">//// //TODO FIX THIS</em>
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <em class="jxr_comment">//// //hasStruts2PreviousVersion |= vs.hasPreviousVersion() && vs.getName().charAt(21) == '2';</em>
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <em class="jxr_comment">//// //hasStruts1Vuln |= vs.getName().charAt(21) == '1';</em>
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <em class="jxr_comment">//// if (!hasStruts1Vuln && hasStruts2PreviousVersion) {</em>
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> <em class="jxr_comment">//// return false;</em>
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_comment">////</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_comment">//// return true;</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_comment">//// }</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.analyzer</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.analyzer</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -32,6 +32,9 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="ArchiveAnalyzer.html" target="classFrame">ArchiveAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">CPEAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="JarAnalyzer.html" target="classFrame">ClassNameInformation</a>
|
||||
@@ -47,12 +50,21 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="HintAnalyzer.html" target="classFrame">HintAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierConfidence</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierMatch</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="JarAnalyzer.html" target="classFrame">JarAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="JavaScriptAnalyzer.html" target="classFrame">JavaScriptAnalyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="NvdCveAnalyzer.html" target="classFrame">NvdCveAnalyzer</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.analyzer</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.analyzer</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -64,6 +64,11 @@
|
||||
<td>
|
||||
<a href="ArchiveAnalyzer.html" target="classFrame">ArchiveAnalyzer</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">CPEAnalyzer</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
@@ -89,6 +94,16 @@
|
||||
<td>
|
||||
<a href="HintAnalyzer.html" target="classFrame">HintAnalyzer</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierConfidence</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierMatch</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
@@ -99,6 +114,11 @@
|
||||
<td>
|
||||
<a href="JavaScriptAnalyzer.html" target="classFrame">JavaScriptAnalyzer</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="NvdCveAnalyzer.html" target="classFrame">NvdCveAnalyzer</a>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
@@ -0,0 +1,81 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>DirectoryLockException xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/concurrency/DirectoryLockException.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.concurrency;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <em class="jxr_javadoccomment"> * If thrown, indicates that a problem occurred when locking a directory.</em>
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a> <strong class="jxr_keyword">extends</strong> Exception {
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a>
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment"> * Default serial version UID.</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">long</strong> serialVersionUID = 1L;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment"> * Constructs a new Directory Lock Exception.</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>() {
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">super</strong>();
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> }
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> * Constructs a new Directory Lock Exception.</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * @param msg the message describing the exception</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(String msg) {
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">super</strong>(msg);
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> }
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * Constructs a new Directory Lock Exception.</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * @param ex the cause of the exception</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(Throwable ex) {
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <strong class="jxr_keyword">super</strong>(ex);
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> }
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * Constructs a new Directory Lock Exception.</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * @param msg the message describing the exception</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> * @param ex the cause of the exception</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(String msg, Throwable ex) {
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">super</strong>(msg, ex);
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> }
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,281 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>DirectorySpinLock xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/concurrency/DirectorySpinLock.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.concurrency;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.Closeable;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.io.File;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.io.FileNotFoundException;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.io.RandomAccessFile;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.nio.channels.AsynchronousCloseException;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.nio.channels.ClosedChannelException;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> java.nio.channels.FileChannel;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> java.nio.channels.FileLock;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.nio.channels.FileLockInterruptionException;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.nio.channels.NonWritableChannelException;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> java.nio.channels.OverlappingFileLockException;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * Implements a spin lock on a given directory. If the lock cannot be obtained,</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> * the process will "spin" waiting for an opportunity to obtain the lock</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> * requested.</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectorySpinLock.html">DirectorySpinLock</a> <strong class="jxr_keyword">implements</strong> Closeable <em class="jxr_comment">/*<em class="jxr_comment">, AutoCloseable*/</em> {</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> * The name of the lock file.</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String LOCK_NAME = <span class="jxr_string">"data.lock"</span>;
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * The maximum wait period used when attempting to obtain a lock.</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> MAX_SPIN = 100;
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * The file channel used to perform the lock.</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <strong class="jxr_keyword">private</strong> FileChannel channel = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> * The file used to perform the lock.</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <strong class="jxr_keyword">private</strong> File lockFile = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> * The lock object.</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <strong class="jxr_keyword">private</strong> FileLock lock = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> * The maximum number of seconds that the spin lock will wait while trying</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment"> * to obtain a lock.</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">long</strong> maxWait = MAX_SPIN;
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * Get the maximum wait time, in seconds, that the spin lock will wait while</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * trying to obtain a lock.</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> * @return the number of seconds the spin lock will wait</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">long</strong> getMaxWait() {
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <strong class="jxr_keyword">return</strong> maxWait / 2; <em class="jxr_comment">//sleep is for 500, so / 2</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> }
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * Set the maximum wait time, in seconds, that the spin lock will wait while</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> * trying to obtain a lock.</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> * @param maxWait the number of seconds the spin lock will wait</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setMaxWait(<strong class="jxr_keyword">long</strong> maxWait) {
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <strong class="jxr_keyword">this</strong>.maxWait = maxWait * 2; <em class="jxr_comment">//sleep is for 500, so * 2</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> }
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> * Constructs a new spin lock on the given directory.</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment"> * @param directory the directory to monitor/lock</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * @throws InvalidDirectoryException thrown if there is an issue with the</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> * directory provided</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> * @throws DirectoryLockException thrown there is an issue obtaining a</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment"> * handle to the lock file</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectorySpinLock.html">DirectorySpinLock</a>(File directory) <strong class="jxr_keyword">throws</strong> InvalidDirectoryException, DirectoryLockException {
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> checkDirectory(directory);
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> lockFile = <strong class="jxr_keyword">new</strong> File(directory, LOCK_NAME);
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> RandomAccessFile file = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> file = <strong class="jxr_keyword">new</strong> RandomAccessFile(lockFile, <span class="jxr_string">"rw"</span>);
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(<span class="jxr_string">"Lock file not found"</span>, ex);
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> }
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> channel = file.getChannel();
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> }
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <em class="jxr_javadoccomment"> * Attempts to obtain an exclusive lock; an exception is thrown if the lock</em>
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <em class="jxr_javadoccomment"> * could not be obtained. This method may block for a few seconds if a lock</em>
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_javadoccomment"> * cannot be obtained.</em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment"> * @throws DirectoryLockException thrown if there is an exception obtaining</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> * the lock</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> obtainSharedLock() <strong class="jxr_keyword">throws</strong> DirectoryLockException {
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> obtainLock(<strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> }
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment"> * Attempts to obtain an exclusive lock; an exception is thrown if the lock</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment"> * could not be obtained. This method may block for a few seconds if a lock</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> * cannot be obtained.</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> * @throws DirectoryLockException thrown if there is an exception obtaining</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment"> * the lock</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> obtainExclusiveLock() <strong class="jxr_keyword">throws</strong> DirectoryLockException {
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> obtainLock(false);
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> }
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a>
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_javadoccomment"> * Attempts to obtain a lock; an exception is thrown if the lock could not</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <em class="jxr_javadoccomment"> * be obtained. This method may block for a few seconds if a lock cannot be</em>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_javadoccomment"> * obtained.</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_javadoccomment"> * @param shared true if the lock is shared, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment"> * @param maxWait the maximum time to wait, in seconds, while trying to</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> * obtain the lock</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <em class="jxr_javadoccomment"> * @throws DirectoryLockException thrown if there is an exception obtaining</em>
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment"> * the lock</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> obtainLock(<strong class="jxr_keyword">boolean</strong> shared, <strong class="jxr_keyword">long</strong> maxWait) <strong class="jxr_keyword">throws</strong> DirectoryLockException {
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> setMaxWait(maxWait);
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> obtainLock(shared);
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> }
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment"> * Attempts to obtain a lock; an exception is thrown if the lock could not</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment"> * be obtained. This method may block for a few seconds if a lock cannot be</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> * obtained.</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <em class="jxr_javadoccomment"> * @param shared true if the lock is shared, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <em class="jxr_javadoccomment"> * @throws DirectoryLockException thrown if there is an exception obtaining</em>
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <em class="jxr_javadoccomment"> * the lock</em>
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> obtainLock(<strong class="jxr_keyword">boolean</strong> shared) <strong class="jxr_keyword">throws</strong> DirectoryLockException {
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">if</strong> (lock != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> release();
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> }
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <strong class="jxr_keyword">if</strong> (channel == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(<span class="jxr_string">"Unable to create lock, no file channel exists"</span>);
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> }
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <strong class="jxr_keyword">int</strong> count = 0;
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> Exception lastException = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <strong class="jxr_keyword">while</strong> (lock == <strong class="jxr_keyword">null</strong> && count++ < maxWait) {
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> lock = channel.lock(0, Long.MAX_VALUE, shared);
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> } <strong class="jxr_keyword">catch</strong> (AsynchronousCloseException ex) {
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> lastException = ex;
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> } <strong class="jxr_keyword">catch</strong> (ClosedChannelException ex) {
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> lastException = ex;
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> } <strong class="jxr_keyword">catch</strong> (FileLockInterruptionException ex) {
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> lastException = ex;
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> } <strong class="jxr_keyword">catch</strong> (OverlappingFileLockException ex) {
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> lastException = ex;
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> } <strong class="jxr_keyword">catch</strong> (NonWritableChannelException ex) {
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> lastException = ex;
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> lastException = ex;
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> }
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> Thread.sleep(500);
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> } <strong class="jxr_keyword">catch</strong> (InterruptedException ex) {
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> Thread.currentThread().interrupt();
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> }
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> }
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <strong class="jxr_keyword">if</strong> (lock == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <strong class="jxr_keyword">if</strong> (lastException == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(<span class="jxr_string">"Unable to obtain lock"</span>);
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/DirectoryLockException.html">DirectoryLockException</a>(<span class="jxr_string">"Unable to obtain lock"</span>, lastException);
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> }
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> }
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> }
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_javadoccomment"> * Performs a few simple rudimentary checks on the specified directory.</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_javadoccomment"> * Specifically, does the file exist and is it a directory.</em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <em class="jxr_javadoccomment"> * @param directory the File object to inspect</em>
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <em class="jxr_javadoccomment"> * @throws InvalidDirectoryException thrown if the directory is null or is</em>
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <em class="jxr_javadoccomment"> * not a directory</em>
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> checkDirectory(File directory) <strong class="jxr_keyword">throws</strong> InvalidDirectoryException {
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <strong class="jxr_keyword">if</strong> (directory == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a>(<span class="jxr_string">"Unable to obtain lock on a null File"</span>);
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> }
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <strong class="jxr_keyword">if</strong> (!directory.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"File, '%s', does not exist or is not a directory"</span>, directory.getAbsolutePath());
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a>(msg);
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> }
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> }
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * Releases any locks and closes the underlying channel.</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> * @throws IOException if an IO Exception occurs</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> @Override
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> release();
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <em class="jxr_comment">// TODO uncomment this once support for 1.6 is dropped.</em>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <em class="jxr_comment">// if (lock != null) {</em>
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <em class="jxr_comment">// try {</em>
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <em class="jxr_comment">// lock.close();</em>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <em class="jxr_comment">// } catch (IOException ex) {</em>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_comment">// Logger.getLogger(DirectorySpinLock.class.getName()).log(Level.FINEST, "Unable to close file lock due to IO Exception", ex);</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <strong class="jxr_keyword">if</strong> (channel != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> channel.close();
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> Logger.getLogger(DirectorySpinLock.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <span class="jxr_string">"Unable to close the channel for the file lock"</span>, ex);
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> }
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> }
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> <strong class="jxr_keyword">if</strong> (lockFile != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> <strong class="jxr_keyword">if</strong> (lockFile.exists()) {
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> <em class="jxr_comment">/*<em class="jxr_comment"> yes, this delete could fail which is totally fine. The other</em></em>
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <em class="jxr_comment"> * thread holding the lock while delete it.</em>
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> lockFile.delete();
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> }
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> }
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> }
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a>
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> <em class="jxr_javadoccomment"> * Releases the lock. Any exceptions that are thrown by the underlying lock</em>
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <em class="jxr_javadoccomment"> * during the release are ignored.</em>
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> release() {
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> <strong class="jxr_keyword">if</strong> (lock != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> lock.release();
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> } <strong class="jxr_keyword">catch</strong> (ClosedChannelException ex) {
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> Logger.getLogger(DirectorySpinLock.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <span class="jxr_string">"Uable to release file lock"</span>, ex);
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> Logger.getLogger(DirectorySpinLock.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <span class="jxr_string">"Unable to release file lock due to IO Exception"</span>, ex);
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> }
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> }
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> }
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,81 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>InvalidDirectoryException xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.concurrency;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <em class="jxr_javadoccomment"> * If thrown, indicates that there is a problem with a directory.</em>
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a> <strong class="jxr_keyword">extends</strong> Exception {
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a>
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment"> * Default serial version UID.</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">long</strong> serialVersionUID = 1L;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment"> * Constructs a new Invalid Directory Exception.</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a>() {
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">super</strong>();
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> }
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> * Constructs a new Invalid Directory Exception.</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * @param msg the message describing the exception</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a>(String msg) {
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">super</strong>(msg);
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> }
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * Constructs a new Invalid Directory Exception.</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * @param ex the cause of the exception</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a>(Throwable ex) {
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <strong class="jxr_keyword">super</strong>(ex);
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> }
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * Constructs a new Invalid Directory Exception.</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * @param msg the message describing the exception</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> * @param ex the cause of the exception</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/concurrency/InvalidDirectoryException.html">InvalidDirectoryException</a>(String msg, Throwable ex) {
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">super</strong>(msg, ex);
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> }
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.concurrency</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<h3>
|
||||
<a href="package-summary.html" target="classFrame">org.owasp.dependencycheck.concurrency</a>
|
||||
</h3>
|
||||
|
||||
<h3>Classes</h3>
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
<a href="DirectoryLockException.html" target="classFrame">DirectoryLockException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="DirectorySpinLock.html" target="classFrame">DirectorySpinLock</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="InvalidDirectoryException.html" target="classFrame">InvalidDirectoryException</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,77 @@
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.concurrency</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
<div class="overview">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../overview-summary.html">Overview</a>
|
||||
</li>
|
||||
<li class="selected">Package</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="framenoframe">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../index.html" target="_top">FRAMES</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="package-summary.html" target="_top">NO FRAMES</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<h2>Package org.owasp.dependencycheck.concurrency</h2>
|
||||
|
||||
<table class="summary">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Class Summary</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="DirectoryLockException.html" target="classFrame">DirectoryLockException</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="DirectorySpinLock.html" target="classFrame">DirectorySpinLock</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="InvalidDirectoryException.html" target="classFrame">InvalidDirectoryException</a>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<div class="overview">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../overview-summary.html">Overview</a>
|
||||
</li>
|
||||
<li class="selected">Package</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="framenoframe">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../index.html" target="_top">FRAMES</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="package-summary.html" target="_top">NO FRAMES</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
<hr />
|
||||
Copyright © 2012-2013 OWASP. All Rights Reserved.
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,131 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>BaseIndex xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/cpe/BaseIndex.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.cpe;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.File;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.store.Directory;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.store.FSDirectory;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> * The Base Index class used to access the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">abstract</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/BaseIndex.html">BaseIndex</a> {
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * The Lucene directory containing the index.</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">private</strong> Directory directory;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> * Indicates whether or not the Lucene Index is open.</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> indexOpen = false;
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> * Gets the directory.</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> * @return the directory</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <strong class="jxr_keyword">public</strong> Directory getDirectory() {
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <strong class="jxr_keyword">return</strong> directory;
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> }
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * Opens the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if an IOException occurs opening the index.</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> open() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> directory = <strong class="jxr_keyword">this</strong>.openDirectory();
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> indexOpen = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> }
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> * Closes the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> directory.close();
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to update database due to an IO error."</span>;
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> Logger.getLogger(BaseIndex.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, msg);
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> Logger.getLogger(BaseIndex.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> directory = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> }
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> indexOpen = false;
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> }
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * Returns the status of the data source - is the index open.</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> * @return true or false.</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isOpen() {
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <strong class="jxr_keyword">return</strong> indexOpen;
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> }
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> * Returns the Lucene directory object for the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> * @return the Lucene Directory object for the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if an IOException occurs.</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <strong class="jxr_keyword">protected</strong> Directory openDirectory() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">final</strong> File path = getDataDirectory();
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <strong class="jxr_keyword">return</strong> FSDirectory.open(path);
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> }
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> * Retrieves the directory that the JAR file exists in so that we can ensure</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment"> * we always use a common data directory.</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <em class="jxr_javadoccomment"> * @return the data directory for this index.</em>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if an IOException occurs of course...</em>
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getDataDirectory() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <strong class="jxr_keyword">final</strong> File path = Settings.getFile(Settings.KEYS.CPE_DATA_DIRECTORY);
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">if</strong> (!path.exists()) {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <strong class="jxr_keyword">if</strong> (!path.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> IOException(<span class="jxr_string">"Unable to create CPE Data directory"</span>);
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> }
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> }
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <strong class="jxr_keyword">return</strong> path;
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> }
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,193 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>CpeIndexReader xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/cpe/CpeIndexReader.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.cpe;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.util.HashMap;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.Map;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.analysis.Analyzer;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.analysis.core.KeywordAnalyzer;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.document.Document;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.CorruptIndexException;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.DirectoryReader;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.IndexReader;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.queryparser.classic.ParseException;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.queryparser.classic.QueryParser;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.search.IndexSearcher;
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.search.Query;
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.search.TopDocs;
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.util.Version;
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.lucene.FieldAnalyzer;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.lucene.SearchFieldAnalyzer;
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/CpeIndexReader.html">CpeIndexReader</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/BaseIndex.html">BaseIndex</a> {
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> * The Lucene IndexReader.</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <strong class="jxr_keyword">private</strong> IndexReader indexReader;
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * The Lucene IndexSearcher.</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <strong class="jxr_keyword">private</strong> IndexSearcher indexSearcher;
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * The Lucene Analyzer used for Searching.</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <strong class="jxr_keyword">private</strong> Analyzer searchingAnalyzer;
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * The Lucene QueryParser used for Searching.</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <strong class="jxr_keyword">private</strong> QueryParser queryParser;
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> * The search field analyzer for the product field.</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzer.html">SearchFieldAnalyzer</a> productSearchFieldAnalyzer;
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> * The search field analyzer for the vendor field.</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzer.html">SearchFieldAnalyzer</a> vendorSearchFieldAnalyzer;
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> * Opens the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if an IOException occurs opening the index.</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> @Override
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> open() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_comment">//TODO add spinlock (shared)</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <strong class="jxr_keyword">super</strong>.open();
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> indexReader = DirectoryReader.open(getDirectory());
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> indexSearcher = <strong class="jxr_keyword">new</strong> IndexSearcher(indexReader);
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> searchingAnalyzer = createSearchingAnalyzer();
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> queryParser = <strong class="jxr_keyword">new</strong> QueryParser(Version.LUCENE_43, Fields.DOCUMENT_KEY, searchingAnalyzer);
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> }
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> * Closes the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> @Override
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_comment">//TODO remove spinlock (shared)</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">if</strong> (searchingAnalyzer != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> searchingAnalyzer.close();
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> searchingAnalyzer = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> }
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <strong class="jxr_keyword">if</strong> (indexReader != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> indexReader.close();
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> Logger.getLogger(CpeIndexReader.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> }
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> indexReader = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> }
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> queryParser = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> indexSearcher = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <strong class="jxr_keyword">super</strong>.close();
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> }
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a>
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_javadoccomment"> * Searches the index using the given search string.</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <em class="jxr_javadoccomment"> * @param searchString the query text</em>
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_javadoccomment"> * @param maxQueryResults the maximum number of documents to return</em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment"> * @return the TopDocs found by the search</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment"> * @throws ParseException thrown when the searchString is invalid</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if there is an issue with the underlying</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> * Index</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <strong class="jxr_keyword">public</strong> TopDocs search(String searchString, <strong class="jxr_keyword">int</strong> maxQueryResults) <strong class="jxr_keyword">throws</strong> ParseException, IOException {
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <strong class="jxr_keyword">final</strong> Query query = queryParser.parse(searchString);
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <strong class="jxr_keyword">return</strong> indexSearcher.search(query, maxQueryResults);
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> }
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> * Searches the index using the given query.</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> * @param query the query used to search the index</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment"> * @param maxQueryResults the max number of results to return</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment"> * @return the TopDocs found be the query</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment"> * @throws CorruptIndexException thrown if the Index is corrupt</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment"> * @throws IOException thrown if there is an IOException</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">public</strong> TopDocs search(Query query, <strong class="jxr_keyword">int</strong> maxQueryResults) <strong class="jxr_keyword">throws</strong> CorruptIndexException, IOException {
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> resetSearchingAnalyzer();
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <strong class="jxr_keyword">return</strong> indexSearcher.search(query, maxQueryResults);
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> }
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_javadoccomment"> * Retrieves a document from the Index.</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> * @param documentId the id of the document to retrieve</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <em class="jxr_javadoccomment"> * @return the Document</em>
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment"> * @throws IOException thrown if there is an IOException</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">public</strong> Document getDocument(<strong class="jxr_keyword">int</strong> documentId) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <strong class="jxr_keyword">return</strong> indexSearcher.doc(documentId);
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> }
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment"> * Creates an Analyzer for searching the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment"> * @return the CPE Analyzer.</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> @SuppressWarnings(<span class="jxr_string">"unchecked"</span>)
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <strong class="jxr_keyword">private</strong> Analyzer createSearchingAnalyzer() {
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <strong class="jxr_keyword">final</strong> Map fieldAnalyzers = <strong class="jxr_keyword">new</strong> HashMap();
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> fieldAnalyzers.put(Fields.DOCUMENT_KEY, <strong class="jxr_keyword">new</strong> KeywordAnalyzer());
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> productSearchFieldAnalyzer = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzer.html">SearchFieldAnalyzer</a>(Version.LUCENE_43);
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> vendorSearchFieldAnalyzer = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzer.html">SearchFieldAnalyzer</a>(Version.LUCENE_43);
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> fieldAnalyzers.put(Fields.PRODUCT, productSearchFieldAnalyzer);
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> fieldAnalyzers.put(Fields.VENDOR, vendorSearchFieldAnalyzer);
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> PerFieldAnalyzerWrapper(<strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/lucene/FieldAnalyzer.html">FieldAnalyzer</a>(Version.LUCENE_43), fieldAnalyzers);
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> }
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a>
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <em class="jxr_javadoccomment"> * Resets the searching analyzers</em>
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> resetSearchingAnalyzer() {
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <strong class="jxr_keyword">if</strong> (productSearchFieldAnalyzer != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> productSearchFieldAnalyzer.clear();
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> }
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <strong class="jxr_keyword">if</strong> (vendorSearchFieldAnalyzer != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> vendorSearchFieldAnalyzer.clear();
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> }
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> }
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,163 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>CpeIndexWriter xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.cpe;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.util.HashMap;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.Map;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.analysis.Analyzer;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.analysis.core.KeywordAnalyzer;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.document.Document;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.document.Field;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.document.StringField;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.document.TextField;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.CorruptIndexException;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.IndexWriter;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.IndexWriterConfig;
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.Term;
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.util.Version;
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.lucene.FieldAnalyzer;
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html">CpeIndexWriter</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/BaseIndex.html">BaseIndex</a> {
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> * The IndexWriter for the Lucene index.</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <strong class="jxr_keyword">private</strong> IndexWriter indexWriter;
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * The Lucene Analyzer used for Indexing.</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <strong class="jxr_keyword">private</strong> Analyzer indexingAnalyzer;
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * Opens the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if an IOException occurs opening the index.</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> @Override
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> open() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_comment">//TODO add spinlock</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <strong class="jxr_keyword">super</strong>.open();
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> indexingAnalyzer = createIndexingAnalyzer();
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">final</strong> IndexWriterConfig conf = <strong class="jxr_keyword">new</strong> IndexWriterConfig(Version.LUCENE_43, indexingAnalyzer);
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> indexWriter = <strong class="jxr_keyword">new</strong> IndexWriter(getDirectory(), conf);
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> }
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> * Closes the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> @Override
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_comment">//TODO remove spinlock</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <strong class="jxr_keyword">if</strong> (indexWriter != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> commit();
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> indexWriter.close(<strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> } <strong class="jxr_keyword">catch</strong> (CorruptIndexException ex) {
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to update database, there is a corrupt index."</span>;
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, msg);
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to update database due to an IO error."</span>;
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, msg);
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> indexWriter = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> }
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> }
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">if</strong> (indexingAnalyzer != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> indexingAnalyzer.close();
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> indexingAnalyzer = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> }
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <strong class="jxr_keyword">super</strong>.close();
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> }
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> * Commits any pending changes.</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> commit() {
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <strong class="jxr_keyword">if</strong> (indexWriter != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> indexWriter.forceMerge(1);
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> indexWriter.commit();
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> } <strong class="jxr_keyword">catch</strong> (CorruptIndexException ex) {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to update database, there is a corrupt index."</span>;
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, msg);
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to update database due to an IO error."</span>;
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, msg);
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> Logger.getLogger(CpeIndexWriter.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> }
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> }
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> }
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> * Creates the indexing analyzer for the CPE Index.</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <em class="jxr_javadoccomment"> * @return the CPE Analyzer.</em>
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> @SuppressWarnings(<span class="jxr_string">"unchecked"</span>)
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <strong class="jxr_keyword">private</strong> Analyzer createIndexingAnalyzer() {
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <strong class="jxr_keyword">final</strong> Map fieldAnalyzers = <strong class="jxr_keyword">new</strong> HashMap();
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> fieldAnalyzers.put(Fields.DOCUMENT_KEY, <strong class="jxr_keyword">new</strong> KeywordAnalyzer());
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> PerFieldAnalyzerWrapper(<strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/lucene/FieldAnalyzer.html">FieldAnalyzer</a>(Version.LUCENE_43), fieldAnalyzers);
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> }
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment"> * Saves a CPE IndexEntry into the Lucene index.</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment"> * @param entry a CPE entry.</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <em class="jxr_javadoccomment"> * @throws CorruptIndexException is thrown if the index is corrupt.</em>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if an IOException occurs.</em>
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> saveEntry(<a href="../../../../../org/owasp/dependencycheck/data/cpe/IndexEntry.html">IndexEntry</a> entry) <strong class="jxr_keyword">throws</strong> CorruptIndexException, IOException {
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <strong class="jxr_keyword">final</strong> Document doc = <strong class="jxr_keyword">new</strong> Document();
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <strong class="jxr_keyword">final</strong> Field documentKey = <strong class="jxr_keyword">new</strong> StringField(Fields.DOCUMENT_KEY, entry.getDocumentId(), Field.Store.NO);
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <strong class="jxr_keyword">final</strong> Field vendor = <strong class="jxr_keyword">new</strong> TextField(Fields.VENDOR, entry.getVendor(), Field.Store.YES);
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <strong class="jxr_keyword">final</strong> Field product = <strong class="jxr_keyword">new</strong> TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.YES);
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> doc.add(documentKey);
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> doc.add(vendor);
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> doc.add(product);
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <strong class="jxr_keyword">final</strong> Term term = <strong class="jxr_keyword">new</strong> Term(Fields.DOCUMENT_KEY, entry.getDocumentId());
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> indexWriter.updateDocument(term, doc);
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> }
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.cpe</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.cpe</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -16,19 +16,16 @@
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">CPEAnalyzer</a>
|
||||
<a href="BaseIndex.html" target="classFrame">BaseIndex</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CpeIndexReader.html" target="classFrame">CpeIndexReader</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CpeIndexWriter.html" target="classFrame">CpeIndexWriter</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="Fields.html" target="classFrame">Fields</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierConfidence</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierMatch</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="Index.html" target="classFrame">Index</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="IndexEntry.html" target="classFrame">IndexEntry</a>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.cpe</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.cpe</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -37,28 +37,23 @@
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">CPEAnalyzer</a>
|
||||
<a href="BaseIndex.html" target="classFrame">BaseIndex</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CpeIndexReader.html" target="classFrame">CpeIndexReader</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CpeIndexWriter.html" target="classFrame">CpeIndexWriter</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="Fields.html" target="classFrame">Fields</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierConfidence</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="CPEAnalyzer.html" target="classFrame">IdentifierMatch</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="Index.html" target="classFrame">Index</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.cwe</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.cwe</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.cwe</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.cwe</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.lucene</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.lucene</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -16,9 +16,6 @@
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
<a href="AbstractIndex.html" target="classFrame">AbstractIndex</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="AbstractTokenizingFilter.html" target="classFrame">AbstractTokenizingFilter</a>
|
||||
</li>
|
||||
<li>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.lucene</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.lucene</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -36,11 +36,6 @@
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="AbstractIndex.html" target="classFrame">AbstractIndex</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="AbstractTokenizingFilter.html" target="classFrame">AbstractTokenizingFilter</a>
|
||||
</td>
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,66 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>InvalidDataException xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/nvdcve/InvalidDataException.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.nvdcve;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <em class="jxr_javadoccomment"> * An InvalidDataDataException is a generic exception used when trying to load</em>
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <em class="jxr_javadoccomment"> * the nvd cve meta data.</em>
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/InvalidDataException.html">InvalidDataException</a> <strong class="jxr_keyword">extends</strong> Exception {
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> * the serial version uid.</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">long</strong> serialVersionUID = 1L;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> * Creates an InvalidDataException.</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * @param msg the exception message</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">public</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/InvalidDataException.html">InvalidDataException</a>(String msg) {
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">super</strong>(msg);
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> }
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * Creates an InvalidDataException.</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> * @param msg the exception message</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> * @param ex the cause of the exception</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <strong class="jxr_keyword">public</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/InvalidDataException.html">InvalidDataException</a>(String msg, Exception ex) {
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <strong class="jxr_keyword">super</strong>(msg, ex);
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> }
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,261 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>NvdCve12Handler xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/nvdcve/NvdCve12Handler.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.nvdcve;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.util.ArrayList;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.util.HashMap;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.Map;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.VulnerableSoftware;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> org.xml.sax.Attributes;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.xml.sax.SAXException;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.xml.sax.SAXNotSupportedException;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.xml.sax.helpers.DefaultHandler;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <em class="jxr_javadoccomment"> * A SAX Handler that will parse the NVD CVE XML (schema version 1.2). This</em>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment"> * parses the xml and retrieves a listing of CPEs that have previous versions</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment"> * specified. The previous version information is not in the 2.0 version of the</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> * schema and is useful to ensure accurate identification (or at least</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> * complete).</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve12Handler.html">NvdCve12Handler</a> <strong class="jxr_keyword">extends</strong> DefaultHandler {
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * the supported schema version.</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CURRENT_SCHEMA_VERSION = <span class="jxr_string">"1.2"</span>;
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> * the current vulnerability.</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <strong class="jxr_keyword">private</strong> String vulnerability;
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * a list of vulnerable software.</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <strong class="jxr_keyword">private</strong> List<VulnerableSoftware> software;
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * the vendor name.</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <strong class="jxr_keyword">private</strong> String vendor;
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * the product name.</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <strong class="jxr_keyword">private</strong> String product;
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> * if the nvd cve should be skipped because it was rejected.</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> skip = false;
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment"> * flag indicating if there is a previous version.</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> hasPreviousVersion = false;
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * The current element.</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">Element</a> current = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">Element</a>();
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> * a map of vulnerabilities.</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">private</strong> Map<String, List<VulnerableSoftware>> vulnerabilities;
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> * Get the value of vulnerabilities.</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * @return the value of vulnerabilities</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">public</strong> Map<String, List<VulnerableSoftware>> getVulnerabilities() {
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <strong class="jxr_keyword">return</strong> vulnerabilities;
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> }
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> @Override
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> startElement(String uri, String localName, String qName, Attributes attributes) <strong class="jxr_keyword">throws</strong> SAXException {
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> current.setNode(qName);
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">if</strong> (current.isEntryNode()) {
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> vendor = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> product = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> hasPreviousVersion = false;
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <strong class="jxr_keyword">final</strong> String reject = attributes.getValue(<span class="jxr_string">"reject"</span>);
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> skip = <span class="jxr_string">"1"</span>.equals(reject);
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">if</strong> (!skip) {
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> vulnerability = attributes.getValue(<span class="jxr_string">"name"</span>);
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> software = <strong class="jxr_keyword">new</strong> ArrayList<VulnerableSoftware>();
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> vulnerability = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> software = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> }
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (!skip && current.isProdNode()) {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> vendor = attributes.getValue(<span class="jxr_string">"vendor"</span>);
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> product = attributes.getValue(<span class="jxr_string">"name"</span>);
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (!skip && current.isVersNode()) {
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <strong class="jxr_keyword">final</strong> String prev = attributes.getValue(<span class="jxr_string">"prev"</span>);
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">if</strong> (prev != <strong class="jxr_keyword">null</strong> && <span class="jxr_string">"1"</span>.equals(prev)) {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> hasPreviousVersion = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <strong class="jxr_keyword">final</strong> String edition = attributes.getValue(<span class="jxr_string">"edition"</span>);
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">final</strong> String num = attributes.getValue(<span class="jxr_string">"num"</span>);
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a>
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_comment">/*<em class="jxr_comment">yes yes, this may not actually be an "a" - it could be an OS, etc. but for our</em></em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_comment"> purposes this is good enough as we won't use this if we don't find a corresponding "a"</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_comment"> in the nvd cve 2.0. */</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> String cpe = <span class="jxr_string">"cpe:/a:"</span> + vendor + <span class="jxr_string">":"</span> + product;
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <strong class="jxr_keyword">if</strong> (num != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> cpe += <span class="jxr_string">":"</span> + num;
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> }
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <strong class="jxr_keyword">if</strong> (edition != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> cpe += <span class="jxr_string">":"</span> + edition;
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> }
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/dependency/VulnerableSoftware.html">VulnerableSoftware</a> vs = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/dependency/VulnerableSoftware.html">VulnerableSoftware</a>();
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> vs.setCpe(cpe);
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> vs.setPreviousVersion(prev);
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> software.add(vs);
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> }
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isNVDNode()) {
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <strong class="jxr_keyword">final</strong> String nvdVer = attributes.getValue(<span class="jxr_string">"nvd_xml_version"</span>);
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <strong class="jxr_keyword">if</strong> (!CURRENT_SCHEMA_VERSION.equals(nvdVer)) {
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SAXNotSupportedException(<span class="jxr_string">"Schema version "</span> + nvdVer + <span class="jxr_string">" is not supported"</span>);
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> }
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> vulnerabilities = <strong class="jxr_keyword">new</strong> HashMap<String, List<VulnerableSoftware>>();
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> }
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> }
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> @Override
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> endElement(String uri, String localName, String qName) <strong class="jxr_keyword">throws</strong> SAXException {
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> current.setNode(qName);
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <strong class="jxr_keyword">if</strong> (current.isEntryNode()) {
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <strong class="jxr_keyword">if</strong> (!skip && hasPreviousVersion) {
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> vulnerabilities.put(vulnerability, software);
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> }
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> vulnerability = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> software = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> }
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> }
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <em class="jxr_comment">// <editor-fold defaultstate="collapsed" desc="The Element Class that maintains state information about the current node"></em>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment"> * A simple class to maintain information about the current element while</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment"> * parsing the NVD CVE XML.</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">Element</a> {
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a>
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 1.2.</em>
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String NVD = <span class="jxr_string">"nvd"</span>;
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 1.2.</em>
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENTRY = <span class="jxr_string">"entry"</span>;
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 1.2.</em>
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_SOFTWARE = <span class="jxr_string">"vuln_soft"</span>;
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 1.2.</em>
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROD = <span class="jxr_string">"prod"</span>;
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 1.2.</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VERS = <span class="jxr_string">"vers"</span>;
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment"> * The name of the current node.</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <strong class="jxr_keyword">private</strong> String node;
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a>
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <em class="jxr_javadoccomment"> * Gets the value of node.</em>
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <em class="jxr_javadoccomment"> * @return the value of node</em>
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <strong class="jxr_keyword">public</strong> String getNode() {
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">this</strong>.node;
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> }
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a>
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <em class="jxr_javadoccomment"> * Sets the value of node.</em>
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> <em class="jxr_javadoccomment"> * @param node new value of node</em>
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setNode(String node) {
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <strong class="jxr_keyword">this</strong>.node = node;
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> }
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the NVD node.</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isNVDNode() {
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">return</strong> NVD.equals(node);
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> }
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a>
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the ENTRY node.</em>
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isEntryNode() {
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> <strong class="jxr_keyword">return</strong> ENTRY.equals(node);
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> }
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the VULN_SOFTWARE node.</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnSoftwareNode() {
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <strong class="jxr_keyword">return</strong> VULN_SOFTWARE.equals(node);
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> }
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the PROD node.</em>
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isProdNode() {
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <strong class="jxr_keyword">return</strong> PROD.equals(node);
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> }
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a>
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the VERS node.</em>
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVersNode() {
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> <strong class="jxr_keyword">return</strong> VERS.equals(node);
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> }
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> }
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <em class="jxr_comment">// </editor-fold></em>
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,526 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>NvdCve20Handler xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.nvdcve;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.Map;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.CorruptIndexException;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.CpeIndexWriter;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Reference;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Vulnerability;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.VulnerableSoftware;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> org.xml.sax.Attributes;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.xml.sax.SAXException;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.xml.sax.SAXNotSupportedException;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.xml.sax.helpers.DefaultHandler;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * A SAX Handler that will parse the NVD CVE XML (schema version 2.0).</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">NvdCve20Handler</a> <strong class="jxr_keyword">extends</strong> DefaultHandler {
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * the current supported schema version.</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CURRENT_SCHEMA_VERSION = <span class="jxr_string">"2.0"</span>;
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> * the current element.</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">Element</a> current = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">Element</a>();
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * the text of the node.</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <strong class="jxr_keyword">private</strong> StringBuilder nodeText;
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * the vulnerability.</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/dependency/Vulnerability.html">Vulnerability</a> vulnerability;
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> * a reference for the cve.</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/dependency/Reference.html">Reference</a> reference;
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * flag indicating whether the application has a cpe.</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> hasApplicationCpe = false;
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> * The total number of entries parsed.</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">int</strong> totalNumberOfEntries;
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * Get the value of totalNumberOfEntries.</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> * @return the value of totalNumberOfEntries</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">int</strong> getTotalNumberOfEntries() {
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <strong class="jxr_keyword">return</strong> totalNumberOfEntries;
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> }
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * The total number of application entries parsed.</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">int</strong> totalNumberOfApplicationEntries;
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> * Get the value of totalNumberOfApplicationEntries.</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment"> * @return the value of totalNumberOfApplicationEntries</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">int</strong> getTotalNumberOfApplicationEntries() {
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">return</strong> totalNumberOfApplicationEntries;
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> }
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> @Override
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> startElement(String uri, String localName, String qName, Attributes attributes) <strong class="jxr_keyword">throws</strong> SAXException {
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> current.setNode(qName);
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">if</strong> (current.isEntryNode()) {
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> hasApplicationCpe = false;
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> vulnerability = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/dependency/Vulnerability.html">Vulnerability</a>();
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> vulnerability.setName(attributes.getValue(<span class="jxr_string">"id"</span>));
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isVulnProductNode()) {
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(100);
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isVulnReferencesNode()) {
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">final</strong> String lang = attributes.getValue(<span class="jxr_string">"xml:lang"</span>);
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"en"</span>.equals(lang)) {
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> reference = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/dependency/Reference.html">Reference</a>();
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> reference = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> }
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (reference != <strong class="jxr_keyword">null</strong> && current.isVulnReferenceNode()) {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> reference.setUrl(attributes.getValue(<span class="jxr_string">"href"</span>));
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(130);
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (reference != <strong class="jxr_keyword">null</strong> && current.isVulnSourceNode()) {
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(30);
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isVulnSummaryNode()) {
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(500);
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isNVDNode()) {
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <strong class="jxr_keyword">final</strong> String nvdVer = attributes.getValue(<span class="jxr_string">"nvd_xml_version"</span>);
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <strong class="jxr_keyword">if</strong> (!CURRENT_SCHEMA_VERSION.equals(nvdVer)) {
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SAXNotSupportedException(<span class="jxr_string">"Schema version "</span> + nvdVer + <span class="jxr_string">" is not supported"</span>);
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> }
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isVulnCWENode()) {
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> vulnerability.setCwe(attributes.getValue(<span class="jxr_string">"id"</span>));
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSScoreNode()) {
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(5);
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAccessVectorNode()) {
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(20);
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAccessComplexityNode()) {
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(20);
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAuthenticationNode()) {
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(20);
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAvailabilityImpactNode()) {
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(20);
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSConfidentialityImpactNode()) {
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(20);
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSIntegrityImpactNode()) {
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> nodeText = <strong class="jxr_keyword">new</strong> StringBuilder(20);
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> }
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> }
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> @Override
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> characters(<strong class="jxr_keyword">char</strong>[] ch, <strong class="jxr_keyword">int</strong> start, <strong class="jxr_keyword">int</strong> length) <strong class="jxr_keyword">throws</strong> SAXException {
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <strong class="jxr_keyword">if</strong> (nodeText != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> nodeText.append(ch, start, length);
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> }
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> }
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a>
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> @Override
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> endElement(String uri, String localName, String qName) <strong class="jxr_keyword">throws</strong> SAXException {
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> current.setNode(qName);
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <strong class="jxr_keyword">if</strong> (current.isEntryNode()) {
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> totalNumberOfEntries += 1;
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <strong class="jxr_keyword">if</strong> (hasApplicationCpe) {
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> totalNumberOfApplicationEntries += 1;
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> saveEntry(vulnerability);
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> } <strong class="jxr_keyword">catch</strong> (DatabaseException ex) {
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SAXException(ex);
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> } <strong class="jxr_keyword">catch</strong> (CorruptIndexException ex) {
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SAXException(ex);
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SAXException(ex);
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> }
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> }
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> vulnerability = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSScoreNode()) {
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">float</strong> score = Float.parseFloat(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> vulnerability.setCvssScore(score);
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> Logger.getLogger(NvdCve20Handler.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <span class="jxr_string">"Error parsing CVSS Score."</span>);
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> Logger.getLogger(NvdCve20Handler.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> }
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAccessVectorNode()) {
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> vulnerability.setCvssAccessVector(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAccessComplexityNode()) {
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> vulnerability.setCvssAccessComplexity(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAuthenticationNode()) {
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> vulnerability.setCvssAuthentication(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSAvailabilityImpactNode()) {
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> vulnerability.setCvssAvailabilityImpact(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSConfidentialityImpactNode()) {
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> vulnerability.setCvssConfidentialityImpact(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isCVSSIntegrityImpactNode()) {
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> vulnerability.setCvssIntegrityImpact(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isVulnProductNode()) {
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <strong class="jxr_keyword">final</strong> String cpe = nodeText.toString();
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> <strong class="jxr_keyword">if</strong> (cpe.startsWith(<span class="jxr_string">"cpe:/a:"</span>)) {
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> hasApplicationCpe = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> vulnerability.addVulnerableSoftware(cpe);
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> }
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (reference != <strong class="jxr_keyword">null</strong> && current.isVulnReferencesNode()) {
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> vulnerability.addReference(reference);
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> reference = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (reference != <strong class="jxr_keyword">null</strong> && current.isVulnReferenceNode()) {
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> reference.setName(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (reference != <strong class="jxr_keyword">null</strong> && current.isVulnSourceNode()) {
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> reference.setSource(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (current.isVulnSummaryNode()) {
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> vulnerability.setDescription(nodeText.toString());
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> nodeText = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> }
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> }
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <em class="jxr_javadoccomment"> * the cve database.</em>
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a> cveDB;
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * Sets the cveDB.</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> * @param db a reference to the CveDB</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setCveDB(<a href="../../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a> db) {
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> cveDB = db;
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> }
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <em class="jxr_javadoccomment"> * A list of CVE entries and associated VulnerableSoftware entries that</em>
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <em class="jxr_javadoccomment"> * contain previous entries.</em>
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <strong class="jxr_keyword">private</strong> Map<String, List<VulnerableSoftware>> prevVersionVulnMap;
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <em class="jxr_javadoccomment"> * Sets the prevVersionVulnMap.</em>
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <em class="jxr_javadoccomment"> * @param map the map of vulnerable software with previous versions being</em>
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <em class="jxr_javadoccomment"> * vulnerable</em>
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setPrevVersionVulnMap(Map<String, List<VulnerableSoftware>> map) {
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> prevVersionVulnMap = map;
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> }
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a>
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> <em class="jxr_javadoccomment"> * Saves a vulnerability to the CVE Database. This is a callback method</em>
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <em class="jxr_javadoccomment"> * called by the Sax Parser Handler</em>
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <em class="jxr_javadoccomment"> * {@link org.owasp.dependencycheck.data.nvdcve.xml.NvdCve20Handler}.</em>
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> <em class="jxr_javadoccomment"> * @param vuln the vulnerability to store in the database</em>
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> <em class="jxr_javadoccomment"> * @throws DatabaseException thrown if there is an error writing to the</em>
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> <em class="jxr_javadoccomment"> * database</em>
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> <em class="jxr_javadoccomment"> * @throws CorruptIndexException is thrown if the CPE Index is corrupt</em>
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> <em class="jxr_javadoccomment"> * @throws IOException thrown if there is an IOException with the CPE Index</em>
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> saveEntry(<a href="../../../../../org/owasp/dependencycheck/dependency/Vulnerability.html">Vulnerability</a> vuln) <strong class="jxr_keyword">throws</strong> DatabaseException, CorruptIndexException, IOException {
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> <strong class="jxr_keyword">if</strong> (cveDB == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> <strong class="jxr_keyword">return</strong>;
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> }
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <strong class="jxr_keyword">final</strong> String cveName = vuln.getName();
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> <strong class="jxr_keyword">if</strong> (prevVersionVulnMap.containsKey(cveName)) {
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> <strong class="jxr_keyword">final</strong> List<VulnerableSoftware> vulnSoftware = prevVersionVulnMap.get(cveName);
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> <strong class="jxr_keyword">for</strong> (VulnerableSoftware vs : vulnSoftware) {
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> vuln.updateVulnerableSoftware(vs);
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> }
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> }
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <strong class="jxr_keyword">for</strong> (VulnerableSoftware vs : vuln.getVulnerableSoftware()) {
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> <strong class="jxr_keyword">if</strong> (cpeIndex != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> cpeIndex.saveEntry(vs);
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> }
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a> }
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> cveDB.updateVulnerability(vuln);
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a> }
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> <em class="jxr_javadoccomment"> * the cpe index.</em>
|
||||
<a class="jxr_linenumber" name="274" href="#274">274</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html">CpeIndexWriter</a> cpeIndex;
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a>
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> <em class="jxr_javadoccomment"> * Sets the cpe index writer.</em>
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <em class="jxr_javadoccomment"> * @param index the CPE Lucene Index</em>
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setCpeIndex(<a href="../../../../../org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html">CpeIndexWriter</a> index) {
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a> cpeIndex = index;
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> }
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a>
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> <em class="jxr_comment">// <editor-fold defaultstate="collapsed" desc="The Element Class that maintains state information about the current node"></em>
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> <em class="jxr_javadoccomment"> * A simple class to maintain information about the current element while</em>
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> <em class="jxr_javadoccomment"> * parsing the NVD CVE XML.</em>
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">Element</a> {
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a>
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String NVD = <span class="jxr_string">"nvd"</span>;
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENTRY = <span class="jxr_string">"entry"</span>;
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_PRODUCT = <span class="jxr_string">"vuln:product"</span>;
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_REFERENCES = <span class="jxr_string">"vuln:references"</span>;
|
||||
<a class="jxr_linenumber" name="309" href="#309">309</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="310" href="#310">310</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="311" href="#311">311</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="312" href="#312">312</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_SOURCE = <span class="jxr_string">"vuln:source"</span>;
|
||||
<a class="jxr_linenumber" name="313" href="#313">313</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="314" href="#314">314</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="315" href="#315">315</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="316" href="#316">316</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_REFERENCE = <span class="jxr_string">"vuln:reference"</span>;
|
||||
<a class="jxr_linenumber" name="317" href="#317">317</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="318" href="#318">318</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="319" href="#319">319</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="320" href="#320">320</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_SUMMARY = <span class="jxr_string">"vuln:summary"</span>;
|
||||
<a class="jxr_linenumber" name="321" href="#321">321</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="322" href="#322">322</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="323" href="#323">323</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="324" href="#324">324</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VULN_CWE = <span class="jxr_string">"vuln:cwe"</span>;
|
||||
<a class="jxr_linenumber" name="325" href="#325">325</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="326" href="#326">326</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="327" href="#327">327</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="328" href="#328">328</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_SCORE = <span class="jxr_string">"cvss:score"</span>;
|
||||
<a class="jxr_linenumber" name="329" href="#329">329</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="330" href="#330">330</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="331" href="#331">331</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="332" href="#332">332</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_ACCESS_VECTOR = <span class="jxr_string">"cvss:access-vector"</span>;
|
||||
<a class="jxr_linenumber" name="333" href="#333">333</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="334" href="#334">334</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="335" href="#335">335</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="336" href="#336">336</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_ACCESS_COMPLEXITY = <span class="jxr_string">"cvss:access-complexity"</span>;
|
||||
<a class="jxr_linenumber" name="337" href="#337">337</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="338" href="#338">338</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="339" href="#339">339</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="340" href="#340">340</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_AUTHENTICATION = <span class="jxr_string">"cvss:authentication"</span>;
|
||||
<a class="jxr_linenumber" name="341" href="#341">341</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="342" href="#342">342</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="343" href="#343">343</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="344" href="#344">344</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_CONFIDENTIALITY_IMPACT = <span class="jxr_string">"cvss:confidentiality-impact"</span>;
|
||||
<a class="jxr_linenumber" name="345" href="#345">345</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="346" href="#346">346</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="347" href="#347">347</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="348" href="#348">348</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_INTEGRITY_IMPACT = <span class="jxr_string">"cvss:integrity-impact"</span>;
|
||||
<a class="jxr_linenumber" name="349" href="#349">349</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="350" href="#350">350</a> <em class="jxr_javadoccomment"> * A node type in the NVD CVE Schema 2.0</em>
|
||||
<a class="jxr_linenumber" name="351" href="#351">351</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="352" href="#352">352</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVSS_AVAILABILITY_IMPACT = <span class="jxr_string">"cvss:availability-impact"</span>;
|
||||
<a class="jxr_linenumber" name="353" href="#353">353</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="354" href="#354">354</a> <em class="jxr_javadoccomment"> * The current node.</em>
|
||||
<a class="jxr_linenumber" name="355" href="#355">355</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="356" href="#356">356</a> <strong class="jxr_keyword">private</strong> String node;
|
||||
<a class="jxr_linenumber" name="357" href="#357">357</a>
|
||||
<a class="jxr_linenumber" name="358" href="#358">358</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="359" href="#359">359</a> <em class="jxr_javadoccomment"> * Gets the value of node.</em>
|
||||
<a class="jxr_linenumber" name="360" href="#360">360</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="361" href="#361">361</a> <em class="jxr_javadoccomment"> * @return the value of node</em>
|
||||
<a class="jxr_linenumber" name="362" href="#362">362</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="363" href="#363">363</a> <strong class="jxr_keyword">public</strong> String getNode() {
|
||||
<a class="jxr_linenumber" name="364" href="#364">364</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">this</strong>.node;
|
||||
<a class="jxr_linenumber" name="365" href="#365">365</a> }
|
||||
<a class="jxr_linenumber" name="366" href="#366">366</a>
|
||||
<a class="jxr_linenumber" name="367" href="#367">367</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="368" href="#368">368</a> <em class="jxr_javadoccomment"> * Sets the value of node.</em>
|
||||
<a class="jxr_linenumber" name="369" href="#369">369</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="370" href="#370">370</a> <em class="jxr_javadoccomment"> * @param node new value of node</em>
|
||||
<a class="jxr_linenumber" name="371" href="#371">371</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="372" href="#372">372</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setNode(String node) {
|
||||
<a class="jxr_linenumber" name="373" href="#373">373</a> <strong class="jxr_keyword">this</strong>.node = node;
|
||||
<a class="jxr_linenumber" name="374" href="#374">374</a> }
|
||||
<a class="jxr_linenumber" name="375" href="#375">375</a>
|
||||
<a class="jxr_linenumber" name="376" href="#376">376</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="377" href="#377">377</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the NVD node.</em>
|
||||
<a class="jxr_linenumber" name="378" href="#378">378</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="379" href="#379">379</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="380" href="#380">380</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="381" href="#381">381</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isNVDNode() {
|
||||
<a class="jxr_linenumber" name="382" href="#382">382</a> <strong class="jxr_keyword">return</strong> NVD.equals(node);
|
||||
<a class="jxr_linenumber" name="383" href="#383">383</a> }
|
||||
<a class="jxr_linenumber" name="384" href="#384">384</a>
|
||||
<a class="jxr_linenumber" name="385" href="#385">385</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="386" href="#386">386</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the ENTRY node.</em>
|
||||
<a class="jxr_linenumber" name="387" href="#387">387</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="388" href="#388">388</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="389" href="#389">389</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="390" href="#390">390</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isEntryNode() {
|
||||
<a class="jxr_linenumber" name="391" href="#391">391</a> <strong class="jxr_keyword">return</strong> ENTRY.equals(node);
|
||||
<a class="jxr_linenumber" name="392" href="#392">392</a> }
|
||||
<a class="jxr_linenumber" name="393" href="#393">393</a>
|
||||
<a class="jxr_linenumber" name="394" href="#394">394</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="395" href="#395">395</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the VULN_PRODUCT node.</em>
|
||||
<a class="jxr_linenumber" name="396" href="#396">396</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="397" href="#397">397</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="398" href="#398">398</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="399" href="#399">399</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnProductNode() {
|
||||
<a class="jxr_linenumber" name="400" href="#400">400</a> <strong class="jxr_keyword">return</strong> VULN_PRODUCT.equals(node);
|
||||
<a class="jxr_linenumber" name="401" href="#401">401</a> }
|
||||
<a class="jxr_linenumber" name="402" href="#402">402</a>
|
||||
<a class="jxr_linenumber" name="403" href="#403">403</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="404" href="#404">404</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the REFERENCES node.</em>
|
||||
<a class="jxr_linenumber" name="405" href="#405">405</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="406" href="#406">406</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="407" href="#407">407</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="408" href="#408">408</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnReferencesNode() {
|
||||
<a class="jxr_linenumber" name="409" href="#409">409</a> <strong class="jxr_keyword">return</strong> VULN_REFERENCES.equals(node);
|
||||
<a class="jxr_linenumber" name="410" href="#410">410</a> }
|
||||
<a class="jxr_linenumber" name="411" href="#411">411</a>
|
||||
<a class="jxr_linenumber" name="412" href="#412">412</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="413" href="#413">413</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the REFERENCE node.</em>
|
||||
<a class="jxr_linenumber" name="414" href="#414">414</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="415" href="#415">415</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="416" href="#416">416</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="417" href="#417">417</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnReferenceNode() {
|
||||
<a class="jxr_linenumber" name="418" href="#418">418</a> <strong class="jxr_keyword">return</strong> VULN_REFERENCE.equals(node);
|
||||
<a class="jxr_linenumber" name="419" href="#419">419</a> }
|
||||
<a class="jxr_linenumber" name="420" href="#420">420</a>
|
||||
<a class="jxr_linenumber" name="421" href="#421">421</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="422" href="#422">422</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the VULN_SOURCE node.</em>
|
||||
<a class="jxr_linenumber" name="423" href="#423">423</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="424" href="#424">424</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="425" href="#425">425</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="426" href="#426">426</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnSourceNode() {
|
||||
<a class="jxr_linenumber" name="427" href="#427">427</a> <strong class="jxr_keyword">return</strong> VULN_SOURCE.equals(node);
|
||||
<a class="jxr_linenumber" name="428" href="#428">428</a> }
|
||||
<a class="jxr_linenumber" name="429" href="#429">429</a>
|
||||
<a class="jxr_linenumber" name="430" href="#430">430</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="431" href="#431">431</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the VULN_SUMMARY node.</em>
|
||||
<a class="jxr_linenumber" name="432" href="#432">432</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="433" href="#433">433</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="434" href="#434">434</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="435" href="#435">435</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnSummaryNode() {
|
||||
<a class="jxr_linenumber" name="436" href="#436">436</a> <strong class="jxr_keyword">return</strong> VULN_SUMMARY.equals(node);
|
||||
<a class="jxr_linenumber" name="437" href="#437">437</a> }
|
||||
<a class="jxr_linenumber" name="438" href="#438">438</a>
|
||||
<a class="jxr_linenumber" name="439" href="#439">439</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="440" href="#440">440</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the VULN_CWE node.</em>
|
||||
<a class="jxr_linenumber" name="441" href="#441">441</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="442" href="#442">442</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="443" href="#443">443</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="444" href="#444">444</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isVulnCWENode() {
|
||||
<a class="jxr_linenumber" name="445" href="#445">445</a> <strong class="jxr_keyword">return</strong> VULN_CWE.equals(node);
|
||||
<a class="jxr_linenumber" name="446" href="#446">446</a> }
|
||||
<a class="jxr_linenumber" name="447" href="#447">447</a>
|
||||
<a class="jxr_linenumber" name="448" href="#448">448</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="449" href="#449">449</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_SCORE node.</em>
|
||||
<a class="jxr_linenumber" name="450" href="#450">450</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="451" href="#451">451</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="452" href="#452">452</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="453" href="#453">453</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSScoreNode() {
|
||||
<a class="jxr_linenumber" name="454" href="#454">454</a> <strong class="jxr_keyword">return</strong> CVSS_SCORE.equals(node);
|
||||
<a class="jxr_linenumber" name="455" href="#455">455</a> }
|
||||
<a class="jxr_linenumber" name="456" href="#456">456</a>
|
||||
<a class="jxr_linenumber" name="457" href="#457">457</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="458" href="#458">458</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_ACCESS_VECTOR node.</em>
|
||||
<a class="jxr_linenumber" name="459" href="#459">459</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="460" href="#460">460</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="461" href="#461">461</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="462" href="#462">462</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSAccessVectorNode() {
|
||||
<a class="jxr_linenumber" name="463" href="#463">463</a> <strong class="jxr_keyword">return</strong> CVSS_ACCESS_VECTOR.equals(node);
|
||||
<a class="jxr_linenumber" name="464" href="#464">464</a> }
|
||||
<a class="jxr_linenumber" name="465" href="#465">465</a>
|
||||
<a class="jxr_linenumber" name="466" href="#466">466</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="467" href="#467">467</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_ACCESS_COMPLEXITY node.</em>
|
||||
<a class="jxr_linenumber" name="468" href="#468">468</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="469" href="#469">469</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="470" href="#470">470</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="471" href="#471">471</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSAccessComplexityNode() {
|
||||
<a class="jxr_linenumber" name="472" href="#472">472</a> <strong class="jxr_keyword">return</strong> CVSS_ACCESS_COMPLEXITY.equals(node);
|
||||
<a class="jxr_linenumber" name="473" href="#473">473</a> }
|
||||
<a class="jxr_linenumber" name="474" href="#474">474</a>
|
||||
<a class="jxr_linenumber" name="475" href="#475">475</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="476" href="#476">476</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_AUTHENTICATION node.</em>
|
||||
<a class="jxr_linenumber" name="477" href="#477">477</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="478" href="#478">478</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="479" href="#479">479</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="480" href="#480">480</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSAuthenticationNode() {
|
||||
<a class="jxr_linenumber" name="481" href="#481">481</a> <strong class="jxr_keyword">return</strong> CVSS_AUTHENTICATION.equals(node);
|
||||
<a class="jxr_linenumber" name="482" href="#482">482</a> }
|
||||
<a class="jxr_linenumber" name="483" href="#483">483</a>
|
||||
<a class="jxr_linenumber" name="484" href="#484">484</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="485" href="#485">485</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_CONFIDENTIALITY_IMPACT node.</em>
|
||||
<a class="jxr_linenumber" name="486" href="#486">486</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="487" href="#487">487</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="488" href="#488">488</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="489" href="#489">489</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSConfidentialityImpactNode() {
|
||||
<a class="jxr_linenumber" name="490" href="#490">490</a> <strong class="jxr_keyword">return</strong> CVSS_CONFIDENTIALITY_IMPACT.equals(node);
|
||||
<a class="jxr_linenumber" name="491" href="#491">491</a> }
|
||||
<a class="jxr_linenumber" name="492" href="#492">492</a>
|
||||
<a class="jxr_linenumber" name="493" href="#493">493</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="494" href="#494">494</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_INTEGRITY_IMPACT node.</em>
|
||||
<a class="jxr_linenumber" name="495" href="#495">495</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="496" href="#496">496</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="497" href="#497">497</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="498" href="#498">498</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSIntegrityImpactNode() {
|
||||
<a class="jxr_linenumber" name="499" href="#499">499</a> <strong class="jxr_keyword">return</strong> CVSS_INTEGRITY_IMPACT.equals(node);
|
||||
<a class="jxr_linenumber" name="500" href="#500">500</a> }
|
||||
<a class="jxr_linenumber" name="501" href="#501">501</a>
|
||||
<a class="jxr_linenumber" name="502" href="#502">502</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="503" href="#503">503</a> <em class="jxr_javadoccomment"> * Checks if the handler is at the CVSS_AVAILABILITY_IMPACT node.</em>
|
||||
<a class="jxr_linenumber" name="504" href="#504">504</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="505" href="#505">505</a> <em class="jxr_javadoccomment"> * @return true or false</em>
|
||||
<a class="jxr_linenumber" name="506" href="#506">506</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="507" href="#507">507</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isCVSSAvailabilityImpactNode() {
|
||||
<a class="jxr_linenumber" name="508" href="#508">508</a> <strong class="jxr_keyword">return</strong> CVSS_AVAILABILITY_IMPACT.equals(node);
|
||||
<a class="jxr_linenumber" name="509" href="#509">509</a> }
|
||||
<a class="jxr_linenumber" name="510" href="#510">510</a> }
|
||||
<a class="jxr_linenumber" name="511" href="#511">511</a> <em class="jxr_comment">// </editor-fold></em>
|
||||
<a class="jxr_linenumber" name="512" href="#512">512</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.nvdcve</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.nvdcve</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -25,7 +25,16 @@
|
||||
<a href="DatabaseException.html" target="classFrame">DatabaseException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="NvdCveAnalyzer.html" target="classFrame">NvdCveAnalyzer</a>
|
||||
<a href="NvdCve20Handler.html" target="classFrame">Element</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="InvalidDataException.html" target="classFrame">InvalidDataException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="NvdCve12Handler.html" target="classFrame">NvdCve12Handler</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="NvdCve20Handler.html" target="classFrame">NvdCve20Handler</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data.nvdcve</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.nvdcve</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -52,7 +52,22 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="NvdCveAnalyzer.html" target="classFrame">NvdCveAnalyzer</a>
|
||||
<a href="NvdCve20Handler.html" target="classFrame">Element</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="InvalidDataException.html" target="classFrame">InvalidDataException</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="NvdCve12Handler.html" target="classFrame">NvdCve12Handler</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="NvdCve20Handler.html" target="classFrame">NvdCve20Handler</a>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.data</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -0,0 +1,255 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>DataStoreMetaInfo xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.update;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.File;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.io.FileInputStream;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.io.FileNotFoundException;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.io.FileOutputStream;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.io.InputStream;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.io.OutputStream;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> java.io.OutputStreamWriter;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> java.util.Properties;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.UpdateException;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.CveDB;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/DataStoreMetaInfo.html">DataStoreMetaInfo</a> {
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * Batch key word, used as key to store information about batch mode.</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String BATCH = <span class="jxr_string">"batch"</span>;
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment"> * Modified key word, used as a key to store information about the modified</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> * file (i.e. the containing the last 8 days of updates)..</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String MODIFIED = <span class="jxr_string">"modified"</span>;
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * The name of the properties file containing the timestamp of the last</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * update.</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String UPDATE_PROPERTIES_FILE = <span class="jxr_string">"data.properties"</span>;
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * The properties file key for the last updated field - used to store the</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> * last updated time of the Modified NVD CVE xml file.</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String LAST_UPDATED = <span class="jxr_string">"lastupdated.modified"</span>;
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> * Stores the last updated time for each of the NVD CVE files. These</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> * timestamps should be updated if we process the modified file within 7</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * days of the last update.</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String LAST_UPDATED_BASE = <span class="jxr_string">"lastupdated."</span>;
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> * A collection of properties about the data.</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <strong class="jxr_keyword">private</strong> Properties properties = <strong class="jxr_keyword">new</strong> Properties();
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * Indicates whether or not the updates are using a batch update mode or</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * not.</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> batchUpdateMode;
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> * Get the value of batchUpdateMode.</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> * @return the value of batchUpdateMode</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">boolean</strong> isBatchUpdateMode() {
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <strong class="jxr_keyword">return</strong> batchUpdateMode;
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> }
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> * Set the value of batchUpdateMode.</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> * @param batchUpdateMode new value of batchUpdateMode</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> setBatchUpdateMode(<strong class="jxr_keyword">boolean</strong> batchUpdateMode) {
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">this</strong>.batchUpdateMode = batchUpdateMode;
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> }
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> * Constructs a new data properties object.</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <strong class="jxr_keyword">public</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/DataStoreMetaInfo.html">DataStoreMetaInfo</a>() {
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> batchUpdateMode = !Settings.getString(Settings.KEYS.BATCH_UPDATE_URL, <span class="jxr_string">""</span>).isEmpty();
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> loadProperties();
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> }
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <em class="jxr_javadoccomment"> * Loads the data's meta properties.</em>
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> loadProperties() {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <strong class="jxr_keyword">final</strong> File file = getPropertiesFile();
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <strong class="jxr_keyword">if</strong> (file.exists()) {
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> InputStream is = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> is = <strong class="jxr_keyword">new</strong> FileInputStream(file);
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ignore) {
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <em class="jxr_comment">//we will never get here as we check for existence above.</em>
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ignore);
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> }
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> properties.load(is);
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to load properties file '%s'"</span>, file.getPath());
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, msg);
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <strong class="jxr_keyword">if</strong> (is != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> is.close();
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to close properties file '%s'"</span>, file.getPath());
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, msg);
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> }
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> }
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> }
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> }
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> }
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a>
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_javadoccomment"> * Returns whether or not any properties are set.</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_javadoccomment"> * @return whether or not any properties are set</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isEmpty() {
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <strong class="jxr_keyword">return</strong> properties.isEmpty();
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> }
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a>
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> * Writes a properties file containing the last updated date to the</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <em class="jxr_javadoccomment"> * VULNERABLE_CPE directory.</em>
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> <em class="jxr_javadoccomment"> * @param updatedValue the updated nvdcve entry</em>
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> <em class="jxr_javadoccomment"> * @throws UpdateException is thrown if there is an update exception</em>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> save(<a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a> updatedValue) <strong class="jxr_keyword">throws</strong> UpdateException {
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <strong class="jxr_keyword">if</strong> (updatedValue == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <strong class="jxr_keyword">return</strong>;
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> }
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <strong class="jxr_keyword">final</strong> File cveProp = getPropertiesFile();
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <strong class="jxr_keyword">final</strong> Properties prop = <strong class="jxr_keyword">new</strong> Properties();
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <strong class="jxr_keyword">if</strong> (cveProp.exists()) {
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> FileInputStream in = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> in = <strong class="jxr_keyword">new</strong> FileInputStream(cveProp);
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> prop.load(in);
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> } <strong class="jxr_keyword">catch</strong> (Exception ignoreMe) {
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ignoreMe);
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <strong class="jxr_keyword">if</strong> (in != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> in.close();
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> } <strong class="jxr_keyword">catch</strong> (Exception ignoreMeToo) {
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ignoreMeToo);
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> }
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> }
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> }
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> }
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> prop.put(<span class="jxr_string">"version"</span>, CveDB.DB_SCHEMA_VERSION);
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> prop.put(LAST_UPDATED_BASE + updatedValue.getId(), String.valueOf(updatedValue.getTimestamp()));
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> OutputStream os = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> OutputStreamWriter out = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> os = <strong class="jxr_keyword">new</strong> FileOutputStream(cveProp);
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> out = <strong class="jxr_keyword">new</strong> OutputStreamWriter(os, <span class="jxr_string">"UTF-8"</span>);
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> prop.store(out, <span class="jxr_string">"Meta data about data and data sources used by dependency-check"</span>);
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Unable to find last updated properties file."</span>, ex);
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Unable to update last updated properties file."</span>, ex);
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> <strong class="jxr_keyword">if</strong> (out != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> out.close();
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> }
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> }
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <strong class="jxr_keyword">if</strong> (os != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> os.close();
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> }
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> }
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> }
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> }
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a>
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <em class="jxr_javadoccomment"> * Returns the property value for the given key. If the key is not contained</em>
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <em class="jxr_javadoccomment"> * in the underlying properties null is returned.</em>
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <em class="jxr_javadoccomment"> * @param key the property key</em>
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <em class="jxr_javadoccomment"> * @return the value of the property</em>
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <strong class="jxr_keyword">public</strong> String getProperty(String key) {
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> <strong class="jxr_keyword">return</strong> properties.getProperty(key);
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> }
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * Returns the property value for the given key. If the key is not contained</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> * in the underlying properties the default value is returned.</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> * @param key the property key</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <em class="jxr_javadoccomment"> * @param defaultValue the default value</em>
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <em class="jxr_javadoccomment"> * @return the value of the property</em>
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <strong class="jxr_keyword">public</strong> String getProperty(String key, String defaultValue) {
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <strong class="jxr_keyword">return</strong> properties.getProperty(key, defaultValue);
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> }
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment"> * Retrieves the properties file.</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <em class="jxr_javadoccomment"> * @return the properties file</em>
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getPropertiesFile() {
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <strong class="jxr_keyword">final</strong> File dataDirectory = Settings.getFile(Settings.KEYS.DATA_DIRECTORY);
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <strong class="jxr_keyword">final</strong> File file = <strong class="jxr_keyword">new</strong> File(dataDirectory, UPDATE_PROPERTIES_FILE);
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <strong class="jxr_keyword">return</strong> file;
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> }
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,586 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>DatabaseUpdater xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/update/DatabaseUpdater.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.update;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.NvdCve12Handler;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.NvdCve20Handler;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.InvalidDataException;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.io.File;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.io.FileNotFoundException;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> javax.xml.parsers.ParserConfigurationException;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.xml.sax.SAXException;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.CachedWebDataSource;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.net.MalformedURLException;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.net.URISyntaxException;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> java.net.URL;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> java.sql.SQLException;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> java.util.Calendar;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> java.util.Date;
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> java.util.Map;
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> java.util.TreeMap;
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">import</strong> javax.xml.parsers.SAXParser;
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <strong class="jxr_keyword">import</strong> javax.xml.parsers.SAXParserFactory;
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.UpdateException;
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.CpeIndexWriter;
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.CveDB;
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.VulnerableSoftware;
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.DownloadFailedException;
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Downloader;
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.FileUtils;
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.InvalidSettingException;
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.owasp.dependencycheck.data.update.DataStoreMetaInfo.BATCH;
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.owasp.dependencycheck.data.update.DataStoreMetaInfo.MODIFIED;
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * Class responsible for updating the CPE and NVDCVE data stores.</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/DatabaseUpdater.html">DatabaseUpdater</a> <strong class="jxr_keyword">implements</strong> <a href="../../../../../org/owasp/dependencycheck/data/CachedWebDataSource.html">CachedWebDataSource</a> {
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * Utility to read and write meta-data about the data.</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/DataStoreMetaInfo.html">DataStoreMetaInfo</a> properties = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> * Reference to the Cve Database.</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a> cveDB = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * Reference to the Cpe Index.</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <strong class="jxr_keyword">private</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html">CpeIndexWriter</a> cpeIndex = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * A flag indicating whether or not the batch update should be performed.</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> doBatchUpdate;
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * Get the value of doBatchUpdate</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> * @return the value of doBatchUpdate</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">boolean</strong> isDoBatchUpdate() {
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <strong class="jxr_keyword">return</strong> doBatchUpdate;
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> }
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> * Set the value of doBatchUpdate</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> * @param doBatchUpdate new value of doBatchUpdate</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> setDoBatchUpdate(<strong class="jxr_keyword">boolean</strong> doBatchUpdate) {
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <strong class="jxr_keyword">this</strong>.doBatchUpdate = doBatchUpdate;
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> }
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> * <p>Downloads the latest NVD CVE XML file from the web and imports it into</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * the current CVE Database.</p></em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> * @throws UpdateException is thrown if there is an error updating the</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment"> * database</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> @Override
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> update() <strong class="jxr_keyword">throws</strong> UpdateException {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> doBatchUpdate = false;
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> properties = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/DataStoreMetaInfo.html">DataStoreMetaInfo</a>();
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">final</strong> Map<String, NvdCveInfo> update = updateNeeded();
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <strong class="jxr_keyword">int</strong> maxUpdates = 0;
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <strong class="jxr_keyword">for</strong> (NvdCveInfo cve : update.values()) {
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">if</strong> (cve.getNeedsUpdate()) {
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> maxUpdates += 1;
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> }
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> }
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <strong class="jxr_keyword">if</strong> (maxUpdates > 3 && !properties.isBatchUpdateMode()) {
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO,
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <span class="jxr_string">"NVD CVE requires several updates; this could take a couple of minutes."</span>);
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> }
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <strong class="jxr_keyword">if</strong> (maxUpdates > 0 && !isDoBatchUpdate()) {
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> openDataStores();
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> }
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <strong class="jxr_keyword">if</strong> (properties.isBatchUpdateMode() && isDoBatchUpdate()) {
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> performBatchUpdate();
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> openDataStores();
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Unable to perform batch update"</span>, ex);
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> }
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> }
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <strong class="jxr_keyword">int</strong> count = 0;
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">for</strong> (NvdCveInfo cve : update.values()) {
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <strong class="jxr_keyword">if</strong> (cve.getNeedsUpdate()) {
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> count += 1;
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO,
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <span class="jxr_string">"Updating NVD CVE ({0} of {1})"</span>, <strong class="jxr_keyword">new</strong> Object[]{count, maxUpdates});
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> URL url = <strong class="jxr_keyword">new</strong> URL(cve.getUrl());
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> File outputPath = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> File outputPath12 = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO,
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <span class="jxr_string">"Downloading {0}"</span>, cve.getUrl());
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> outputPath = File.createTempFile(<span class="jxr_string">"cve"</span> + cve.getId() + <span class="jxr_string">"_"</span>, <span class="jxr_string">".xml"</span>);
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> Downloader.fetchFile(url, outputPath);
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a>
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> url = <strong class="jxr_keyword">new</strong> URL(cve.getOldSchemaVersionUrl());
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> outputPath12 = File.createTempFile(<span class="jxr_string">"cve_1_2_"</span> + cve.getId() + <span class="jxr_string">"_"</span>, <span class="jxr_string">".xml"</span>);
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> Downloader.fetchFile(url, outputPath12);
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO,
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <span class="jxr_string">"Processing {0}"</span>, cve.getUrl());
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> importXML(outputPath, outputPath12);
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a>
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> cveDB.commit();
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> cpeIndex.commit();
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> properties.save(cve);
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a>
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO,
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <span class="jxr_string">"Completed update {0} of {1}"</span>, <strong class="jxr_keyword">new</strong> Object[]{count, maxUpdates});
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> } <strong class="jxr_keyword">catch</strong> (ParserConfigurationException ex) {
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> } <strong class="jxr_keyword">catch</strong> (SAXException ex) {
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> } <strong class="jxr_keyword">catch</strong> (SQLException ex) {
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> } <strong class="jxr_keyword">catch</strong> (DatabaseException ex) {
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> } <strong class="jxr_keyword">catch</strong> (ClassNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <strong class="jxr_keyword">boolean</strong> deleted = false;
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <strong class="jxr_keyword">if</strong> (outputPath != <strong class="jxr_keyword">null</strong> && outputPath.exists()) {
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> deleted = outputPath.delete();
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> }
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <strong class="jxr_keyword">if</strong> (outputPath != <strong class="jxr_keyword">null</strong> && (outputPath.exists() || !deleted)) {
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> outputPath.deleteOnExit();
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> }
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> }
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> deleted = false;
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <strong class="jxr_keyword">if</strong> (outputPath12 != <strong class="jxr_keyword">null</strong> && outputPath12.exists()) {
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> deleted = outputPath12.delete();
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> }
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> <strong class="jxr_keyword">if</strong> (outputPath12 != <strong class="jxr_keyword">null</strong> && (outputPath12.exists() || !deleted)) {
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> outputPath12.deleteOnExit();
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> }
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> }
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> }
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> }
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> }
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <strong class="jxr_keyword">if</strong> (maxUpdates >= 1) { <em class="jxr_comment">//ensure the modified file date gets written</em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> properties.save(update.get(MODIFIED));
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> cveDB.cleanupDatabase();
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> }
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">if</strong> (update.get(BATCH) != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> properties.save(update.get(BATCH));
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> }
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> } <strong class="jxr_keyword">catch</strong> (MalformedURLException ex) {
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> } <strong class="jxr_keyword">catch</strong> (DownloadFailedException ex) {
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(ex);
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> closeDataStores();
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> }
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> }
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * Imports the NVD CVE XML File into the Lucene Index.</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> * @param file the file containing the NVD CVE XML</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> * @param oldVersion contains the file containing the NVD CVE XML 1.2</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <em class="jxr_javadoccomment"> * @throws ParserConfigurationException is thrown if there is a parser</em>
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <em class="jxr_javadoccomment"> * configuration exception</em>
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> <em class="jxr_javadoccomment"> * @throws SAXException is thrown if there is a SAXException</em>
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if there is a IO Exception</em>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <em class="jxr_javadoccomment"> * @throws SQLException is thrown if there is a SQL exception</em>
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <em class="jxr_javadoccomment"> * @throws DatabaseException is thrown if there is a database exception</em>
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <em class="jxr_javadoccomment"> * @throws ClassNotFoundException thrown if the h2 database driver cannot be</em>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <em class="jxr_javadoccomment"> * loaded</em>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> importXML(File file, File oldVersion)
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <strong class="jxr_keyword">throws</strong> ParserConfigurationException, SAXException, IOException, SQLException, DatabaseException, ClassNotFoundException {
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a>
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <strong class="jxr_keyword">final</strong> SAXParserFactory factory = SAXParserFactory.newInstance();
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <strong class="jxr_keyword">final</strong> SAXParser saxParser = factory.newSAXParser();
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a>
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve12Handler.html">NvdCve12Handler</a> cve12Handler = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve12Handler.html">NvdCve12Handler</a>();
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> saxParser.parse(oldVersion, cve12Handler);
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> <strong class="jxr_keyword">final</strong> Map<String, List<VulnerableSoftware>> prevVersionVulnMap = cve12Handler.getVulnerabilities();
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a>
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">NvdCve20Handler</a> cve20Handler = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.html">NvdCve20Handler</a>();
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> cve20Handler.setCveDB(cveDB);
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> cve20Handler.setPrevVersionVulnMap(prevVersionVulnMap);
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> cve20Handler.setCpeIndex(cpeIndex);
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> saxParser.parse(file, cve20Handler);
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> }
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a>
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> <em class="jxr_javadoccomment"> * Deletes the existing data directories.</em>
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> <em class="jxr_javadoccomment"> * @throws IOException thrown if the directory cannot be deleted</em>
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> deleteExistingData() <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> File data = Settings.getFile(Settings.KEYS.CVE_DATA_DIRECTORY);
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> <strong class="jxr_keyword">if</strong> (data.exists()) {
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> FileUtils.delete(data);
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> }
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> data = Settings.getFile(Settings.KEYS.CPE_DATA_DIRECTORY);
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> <strong class="jxr_keyword">if</strong> (data.exists()) {
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> FileUtils.delete(data);
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> }
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> data = DataStoreMetaInfo.getPropertiesFile();
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <strong class="jxr_keyword">if</strong> (data.exists()) {
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> FileUtils.delete(data);
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> }
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> }
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a>
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a> <em class="jxr_javadoccomment"> * Performs the batch update based on the configured batch update URL.</em>
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> <em class="jxr_javadoccomment"> * @throws UpdateException thrown if there is an exception during the update</em>
|
||||
<a class="jxr_linenumber" name="274" href="#274">274</a> <em class="jxr_javadoccomment"> * process</em>
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> performBatchUpdate() <strong class="jxr_keyword">throws</strong> UpdateException {
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a> <strong class="jxr_keyword">if</strong> (properties.isBatchUpdateMode() && doBatchUpdate) {
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> <strong class="jxr_keyword">final</strong> String batchSrc = Settings.getString(Settings.KEYS.BATCH_UPDATE_URL);
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> File tmp = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> deleteExistingData();
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> <strong class="jxr_keyword">final</strong> File dataDirectory = CveDB.getDataDirectory().getParentFile();
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a> <strong class="jxr_keyword">final</strong> URL batchUrl = <strong class="jxr_keyword">new</strong> URL(batchSrc);
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"file"</span>.equals(batchUrl.getProtocol())) {
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> tmp = <strong class="jxr_keyword">new</strong> File(batchUrl.toURI());
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> } <strong class="jxr_keyword">catch</strong> (URISyntaxException ex) {
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Invalid batch update URI: %s"</span>, batchSrc);
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> }
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"http"</span>.equals(batchUrl.getProtocol())
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a> || <span class="jxr_string">"https"</span>.equals(batchUrl.getProtocol())) {
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> tmp = File.createTempFile(<span class="jxr_string">"batch_"</span>, <span class="jxr_string">".zip"</span>);
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a> Downloader.fetchFile(batchUrl, tmp);
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> }
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> <em class="jxr_comment">//TODO add FTP?</em>
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> FileUtils.extractFiles(tmp, dataDirectory);
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a>
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"IO Exception Occured performing batch update using: %s"</span>, batchSrc);
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> <strong class="jxr_keyword">if</strong> (tmp != <strong class="jxr_keyword">null</strong> && !tmp.delete()) {
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> tmp.deleteOnExit();
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> }
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> }
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a> }
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> }
|
||||
<a class="jxr_linenumber" name="309" href="#309">309</a>
|
||||
<a class="jxr_linenumber" name="310" href="#310">310</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="311" href="#311">311</a> <em class="jxr_javadoccomment"> * Closes the CVE and CPE data stores.</em>
|
||||
<a class="jxr_linenumber" name="312" href="#312">312</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="313" href="#313">313</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> closeDataStores() {
|
||||
<a class="jxr_linenumber" name="314" href="#314">314</a> <strong class="jxr_keyword">if</strong> (cveDB != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="315" href="#315">315</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="316" href="#316">316</a> cveDB.close();
|
||||
<a class="jxr_linenumber" name="317" href="#317">317</a> } <strong class="jxr_keyword">catch</strong> (Exception ignore) {
|
||||
<a class="jxr_linenumber" name="318" href="#318">318</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <span class="jxr_string">"Error closing the cveDB"</span>, ignore);
|
||||
<a class="jxr_linenumber" name="319" href="#319">319</a> }
|
||||
<a class="jxr_linenumber" name="320" href="#320">320</a> }
|
||||
<a class="jxr_linenumber" name="321" href="#321">321</a> <strong class="jxr_keyword">if</strong> (cpeIndex != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="322" href="#322">322</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="323" href="#323">323</a> cpeIndex.close();
|
||||
<a class="jxr_linenumber" name="324" href="#324">324</a> } <strong class="jxr_keyword">catch</strong> (Exception ignore) {
|
||||
<a class="jxr_linenumber" name="325" href="#325">325</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <span class="jxr_string">"Error closing the cpeIndex"</span>, ignore);
|
||||
<a class="jxr_linenumber" name="326" href="#326">326</a> }
|
||||
<a class="jxr_linenumber" name="327" href="#327">327</a> }
|
||||
<a class="jxr_linenumber" name="328" href="#328">328</a> }
|
||||
<a class="jxr_linenumber" name="329" href="#329">329</a>
|
||||
<a class="jxr_linenumber" name="330" href="#330">330</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="331" href="#331">331</a> <em class="jxr_javadoccomment"> * Opens the CVE and CPE data stores.</em>
|
||||
<a class="jxr_linenumber" name="332" href="#332">332</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="333" href="#333">333</a> <em class="jxr_javadoccomment"> * @throws UpdateException thrown if a data store cannot be opened</em>
|
||||
<a class="jxr_linenumber" name="334" href="#334">334</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="335" href="#335">335</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> openDataStores() <strong class="jxr_keyword">throws</strong> UpdateException {
|
||||
<a class="jxr_linenumber" name="336" href="#336">336</a> <em class="jxr_comment">//open the cve and cpe data stores</em>
|
||||
<a class="jxr_linenumber" name="337" href="#337">337</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="338" href="#338">338</a> cveDB = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/CveDB.html">CveDB</a>();
|
||||
<a class="jxr_linenumber" name="339" href="#339">339</a> cveDB.open();
|
||||
<a class="jxr_linenumber" name="340" href="#340">340</a> cpeIndex = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/cpe/CpeIndexWriter.html">CpeIndexWriter</a>();
|
||||
<a class="jxr_linenumber" name="341" href="#341">341</a> cpeIndex.open();
|
||||
<a class="jxr_linenumber" name="342" href="#342">342</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="343" href="#343">343</a> closeDataStores();
|
||||
<a class="jxr_linenumber" name="344" href="#344">344</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <span class="jxr_string">"IO Error opening databases"</span>, ex);
|
||||
<a class="jxr_linenumber" name="345" href="#345">345</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Error updating the CPE/CVE data, please see the log file for more details."</span>);
|
||||
<a class="jxr_linenumber" name="346" href="#346">346</a> } <strong class="jxr_keyword">catch</strong> (SQLException ex) {
|
||||
<a class="jxr_linenumber" name="347" href="#347">347</a> closeDataStores();
|
||||
<a class="jxr_linenumber" name="348" href="#348">348</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <span class="jxr_string">"SQL Exception opening databases"</span>, ex);
|
||||
<a class="jxr_linenumber" name="349" href="#349">349</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Error updating the CPE/CVE data, please see the log file for more details."</span>);
|
||||
<a class="jxr_linenumber" name="350" href="#350">350</a> } <strong class="jxr_keyword">catch</strong> (DatabaseException ex) {
|
||||
<a class="jxr_linenumber" name="351" href="#351">351</a> closeDataStores();
|
||||
<a class="jxr_linenumber" name="352" href="#352">352</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <span class="jxr_string">"Database Exception opening databases"</span>, ex);
|
||||
<a class="jxr_linenumber" name="353" href="#353">353</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Error updating the CPE/CVE data, please see the log file for more details."</span>);
|
||||
<a class="jxr_linenumber" name="354" href="#354">354</a> } <strong class="jxr_keyword">catch</strong> (ClassNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="355" href="#355">355</a> closeDataStores();
|
||||
<a class="jxr_linenumber" name="356" href="#356">356</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <span class="jxr_string">"Class not found exception opening databases"</span>, ex);
|
||||
<a class="jxr_linenumber" name="357" href="#357">357</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/UpdateException.html">UpdateException</a>(<span class="jxr_string">"Error updating the CPE/CVE data, please see the log file for more details."</span>);
|
||||
<a class="jxr_linenumber" name="358" href="#358">358</a> }
|
||||
<a class="jxr_linenumber" name="359" href="#359">359</a> }
|
||||
<a class="jxr_linenumber" name="360" href="#360">360</a>
|
||||
<a class="jxr_linenumber" name="361" href="#361">361</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="362" href="#362">362</a> <em class="jxr_javadoccomment"> * Determines if the index needs to be updated. This is done by fetching the</em>
|
||||
<a class="jxr_linenumber" name="363" href="#363">363</a> <em class="jxr_javadoccomment"> * NVD CVE meta data and checking the last update date. If the data needs to</em>
|
||||
<a class="jxr_linenumber" name="364" href="#364">364</a> <em class="jxr_javadoccomment"> * be refreshed this method will return the NvdCveUrl for the files that</em>
|
||||
<a class="jxr_linenumber" name="365" href="#365">365</a> <em class="jxr_javadoccomment"> * need to be updated.</em>
|
||||
<a class="jxr_linenumber" name="366" href="#366">366</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="367" href="#367">367</a> <em class="jxr_javadoccomment"> * @return the NvdCveUrl of the files that need to be updated.</em>
|
||||
<a class="jxr_linenumber" name="368" href="#368">368</a> <em class="jxr_javadoccomment"> * @throws MalformedURLException is thrown if the URL for the NVD CVE Meta</em>
|
||||
<a class="jxr_linenumber" name="369" href="#369">369</a> <em class="jxr_javadoccomment"> * data is incorrect.</em>
|
||||
<a class="jxr_linenumber" name="370" href="#370">370</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if there is an error.</em>
|
||||
<a class="jxr_linenumber" name="371" href="#371">371</a> <em class="jxr_javadoccomment"> * downloading the NVD CVE download data file.</em>
|
||||
<a class="jxr_linenumber" name="372" href="#372">372</a> <em class="jxr_javadoccomment"> * @throws UpdateException Is thrown if there is an issue with the last</em>
|
||||
<a class="jxr_linenumber" name="373" href="#373">373</a> <em class="jxr_javadoccomment"> * updated properties file.</em>
|
||||
<a class="jxr_linenumber" name="374" href="#374">374</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="375" href="#375">375</a> <strong class="jxr_keyword">private</strong> Map<String, NvdCveInfo> updateNeeded() <strong class="jxr_keyword">throws</strong> MalformedURLException, DownloadFailedException, UpdateException {
|
||||
<a class="jxr_linenumber" name="376" href="#376">376</a>
|
||||
<a class="jxr_linenumber" name="377" href="#377">377</a> Map<String, NvdCveInfo> currentlyPublished;
|
||||
<a class="jxr_linenumber" name="378" href="#378">378</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="379" href="#379">379</a> currentlyPublished = retrieveCurrentTimestampsFromWeb();
|
||||
<a class="jxr_linenumber" name="380" href="#380">380</a> } <strong class="jxr_keyword">catch</strong> (InvalidDataException ex) {
|
||||
<a class="jxr_linenumber" name="381" href="#381">381</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to retrieve valid timestamp from nvd cve downloads page"</span>;
|
||||
<a class="jxr_linenumber" name="382" href="#382">382</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, msg, ex);
|
||||
<a class="jxr_linenumber" name="383" href="#383">383</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="384" href="#384">384</a> } <strong class="jxr_keyword">catch</strong> (InvalidSettingException ex) {
|
||||
<a class="jxr_linenumber" name="385" href="#385">385</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <span class="jxr_string">"Invalid setting found when retrieving timestamps"</span>, ex);
|
||||
<a class="jxr_linenumber" name="386" href="#386">386</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Invalid settings"</span>, ex);
|
||||
<a class="jxr_linenumber" name="387" href="#387">387</a> }
|
||||
<a class="jxr_linenumber" name="388" href="#388">388</a>
|
||||
<a class="jxr_linenumber" name="389" href="#389">389</a> <strong class="jxr_keyword">if</strong> (currentlyPublished == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="390" href="#390">390</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Unable to retrieve the timestamps of the currently published NVD CVE data"</span>);
|
||||
<a class="jxr_linenumber" name="391" href="#391">391</a> }
|
||||
<a class="jxr_linenumber" name="392" href="#392">392</a>
|
||||
<a class="jxr_linenumber" name="393" href="#393">393</a> <em class="jxr_comment">// final File cpeDataDirectory;</em>
|
||||
<a class="jxr_linenumber" name="394" href="#394">394</a> <em class="jxr_comment">// try {</em>
|
||||
<a class="jxr_linenumber" name="395" href="#395">395</a> <em class="jxr_comment">// cpeDataDirectory = CveDB.getDataDirectory();</em>
|
||||
<a class="jxr_linenumber" name="396" href="#396">396</a> <em class="jxr_comment">// } catch (IOException ex) {</em>
|
||||
<a class="jxr_linenumber" name="397" href="#397">397</a> <em class="jxr_comment">// String msg;</em>
|
||||
<a class="jxr_linenumber" name="398" href="#398">398</a> <em class="jxr_comment">// try {</em>
|
||||
<a class="jxr_linenumber" name="399" href="#399">399</a> <em class="jxr_comment">// msg = String.format("Unable to create the CVE Data Directory '%s'",</em>
|
||||
<a class="jxr_linenumber" name="400" href="#400">400</a> <em class="jxr_comment">// Settings.getFile(Settings.KEYS.CVE_DATA_DIRECTORY).getCanonicalPath());</em>
|
||||
<a class="jxr_linenumber" name="401" href="#401">401</a> <em class="jxr_comment">// } catch (IOException ex1) {</em>
|
||||
<a class="jxr_linenumber" name="402" href="#402">402</a> <em class="jxr_comment">// msg = String.format("Unable to create the CVE Data Directory, this is likely a configuration issue: '%s%s%s'",</em>
|
||||
<a class="jxr_linenumber" name="403" href="#403">403</a> <em class="jxr_comment">// Settings.getString(Settings.KEYS.DATA_DIRECTORY, ""),</em>
|
||||
<a class="jxr_linenumber" name="404" href="#404">404</a> <em class="jxr_comment">// File.separator,</em>
|
||||
<a class="jxr_linenumber" name="405" href="#405">405</a> <em class="jxr_comment">// Settings.getString(Settings.KEYS.CVE_DATA_DIRECTORY, ""));</em>
|
||||
<a class="jxr_linenumber" name="406" href="#406">406</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="407" href="#407">407</a> <em class="jxr_comment">// throw new UpdateException(msg, ex);</em>
|
||||
<a class="jxr_linenumber" name="408" href="#408">408</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="409" href="#409">409</a>
|
||||
<a class="jxr_linenumber" name="410" href="#410">410</a> <strong class="jxr_keyword">if</strong> (!properties.isEmpty()) {
|
||||
<a class="jxr_linenumber" name="411" href="#411">411</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="412" href="#412">412</a> <strong class="jxr_keyword">boolean</strong> deleteAndRecreate = false;
|
||||
<a class="jxr_linenumber" name="413" href="#413">413</a> <strong class="jxr_keyword">float</strong> version;
|
||||
<a class="jxr_linenumber" name="414" href="#414">414</a>
|
||||
<a class="jxr_linenumber" name="415" href="#415">415</a> <strong class="jxr_keyword">if</strong> (properties.getProperty(<span class="jxr_string">"version"</span>) == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="416" href="#416">416</a> deleteAndRecreate = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="417" href="#417">417</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="418" href="#418">418</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="419" href="#419">419</a> version = Float.parseFloat(properties.getProperty(<span class="jxr_string">"version"</span>));
|
||||
<a class="jxr_linenumber" name="420" href="#420">420</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">float</strong> currentVersion = Float.parseFloat(CveDB.DB_SCHEMA_VERSION);
|
||||
<a class="jxr_linenumber" name="421" href="#421">421</a> <strong class="jxr_keyword">if</strong> (currentVersion > version) {
|
||||
<a class="jxr_linenumber" name="422" href="#422">422</a> deleteAndRecreate = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="423" href="#423">423</a> }
|
||||
<a class="jxr_linenumber" name="424" href="#424">424</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="425" href="#425">425</a> deleteAndRecreate = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="426" href="#426">426</a> }
|
||||
<a class="jxr_linenumber" name="427" href="#427">427</a> }
|
||||
<a class="jxr_linenumber" name="428" href="#428">428</a>
|
||||
<a class="jxr_linenumber" name="429" href="#429">429</a> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a> batchInfo = currentlyPublished.get(BATCH);
|
||||
<a class="jxr_linenumber" name="430" href="#430">430</a> <strong class="jxr_keyword">if</strong> (properties.isBatchUpdateMode() && batchInfo != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="431" href="#431">431</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">long</strong> lastUpdated = Long.parseLong(properties.getProperty(DataStoreMetaInfo.BATCH, <span class="jxr_string">"0"</span>));
|
||||
<a class="jxr_linenumber" name="432" href="#432">432</a> <strong class="jxr_keyword">if</strong> (lastUpdated != batchInfo.getTimestamp()) {
|
||||
<a class="jxr_linenumber" name="433" href="#433">433</a> deleteAndRecreate = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="434" href="#434">434</a> }
|
||||
<a class="jxr_linenumber" name="435" href="#435">435</a> }
|
||||
<a class="jxr_linenumber" name="436" href="#436">436</a>
|
||||
<a class="jxr_linenumber" name="437" href="#437">437</a> <strong class="jxr_keyword">if</strong> (deleteAndRecreate) {
|
||||
<a class="jxr_linenumber" name="438" href="#438">438</a> setDoBatchUpdate(properties.isBatchUpdateMode());
|
||||
<a class="jxr_linenumber" name="439" href="#439">439</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="440" href="#440">440</a> deleteExistingData();
|
||||
<a class="jxr_linenumber" name="441" href="#441">441</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="442" href="#442">442</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Unable to delete existing data"</span>;
|
||||
<a class="jxr_linenumber" name="443" href="#443">443</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, msg);
|
||||
<a class="jxr_linenumber" name="444" href="#444">444</a> Logger.getLogger(DatabaseUpdater.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="445" href="#445">445</a> }
|
||||
<a class="jxr_linenumber" name="446" href="#446">446</a> <strong class="jxr_keyword">return</strong> currentlyPublished;
|
||||
<a class="jxr_linenumber" name="447" href="#447">447</a> }
|
||||
<a class="jxr_linenumber" name="448" href="#448">448</a>
|
||||
<a class="jxr_linenumber" name="449" href="#449">449</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">long</strong> lastUpdated = Long.parseLong(properties.getProperty(DataStoreMetaInfo.LAST_UPDATED, <span class="jxr_string">"0"</span>));
|
||||
<a class="jxr_linenumber" name="450" href="#450">450</a> <strong class="jxr_keyword">final</strong> Date now = <strong class="jxr_keyword">new</strong> Date();
|
||||
<a class="jxr_linenumber" name="451" href="#451">451</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> days = Settings.getInt(Settings.KEYS.CVE_MODIFIED_VALID_FOR_DAYS, 7);
|
||||
<a class="jxr_linenumber" name="452" href="#452">452</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> start = Settings.getInt(Settings.KEYS.CVE_START_YEAR, 2002);
|
||||
<a class="jxr_linenumber" name="453" href="#453">453</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> end = Calendar.getInstance().get(Calendar.YEAR);
|
||||
<a class="jxr_linenumber" name="454" href="#454">454</a> <strong class="jxr_keyword">if</strong> (lastUpdated == currentlyPublished.get(MODIFIED).getTimestamp()) {
|
||||
<a class="jxr_linenumber" name="455" href="#455">455</a> currentlyPublished.clear(); <em class="jxr_comment">//we don't need to update anything.</em>
|
||||
<a class="jxr_linenumber" name="456" href="#456">456</a> setDoBatchUpdate(properties.isBatchUpdateMode());
|
||||
<a class="jxr_linenumber" name="457" href="#457">457</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (withinRange(lastUpdated, now.getTime(), days)) {
|
||||
<a class="jxr_linenumber" name="458" href="#458">458</a> currentlyPublished.get(MODIFIED).setNeedsUpdate(<strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="459" href="#459">459</a> <strong class="jxr_keyword">if</strong> (properties.isBatchUpdateMode()) {
|
||||
<a class="jxr_linenumber" name="460" href="#460">460</a> setDoBatchUpdate(false);
|
||||
<a class="jxr_linenumber" name="461" href="#461">461</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="462" href="#462">462</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = start; i <= end; i++) {
|
||||
<a class="jxr_linenumber" name="463" href="#463">463</a> currentlyPublished.get(String.valueOf(i)).setNeedsUpdate(false);
|
||||
<a class="jxr_linenumber" name="464" href="#464">464</a> }
|
||||
<a class="jxr_linenumber" name="465" href="#465">465</a> }
|
||||
<a class="jxr_linenumber" name="466" href="#466">466</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (properties.isBatchUpdateMode()) {
|
||||
<a class="jxr_linenumber" name="467" href="#467">467</a> currentlyPublished.get(MODIFIED).setNeedsUpdate(<strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="468" href="#468">468</a> setDoBatchUpdate(<strong class="jxr_keyword">true</strong>);
|
||||
<a class="jxr_linenumber" name="469" href="#469">469</a> } <strong class="jxr_keyword">else</strong> { <em class="jxr_comment">//we figure out which of the several XML files need to be downloaded.</em>
|
||||
<a class="jxr_linenumber" name="470" href="#470">470</a> currentlyPublished.get(MODIFIED).setNeedsUpdate(false);
|
||||
<a class="jxr_linenumber" name="471" href="#471">471</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = start; i <= end; i++) {
|
||||
<a class="jxr_linenumber" name="472" href="#472">472</a> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a> cve = currentlyPublished.get(String.valueOf(i));
|
||||
<a class="jxr_linenumber" name="473" href="#473">473</a> <strong class="jxr_keyword">long</strong> currentTimestamp = 0;
|
||||
<a class="jxr_linenumber" name="474" href="#474">474</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="475" href="#475">475</a> currentTimestamp = Long.parseLong(properties.getProperty(DataStoreMetaInfo.LAST_UPDATED_BASE + String.valueOf(i), <span class="jxr_string">"0"</span>));
|
||||
<a class="jxr_linenumber" name="476" href="#476">476</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="477" href="#477">477</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Error parsing '%s' '%s' from nvdcve.lastupdated"</span>,
|
||||
<a class="jxr_linenumber" name="478" href="#478">478</a> DataStoreMetaInfo.LAST_UPDATED_BASE, String.valueOf(i));
|
||||
<a class="jxr_linenumber" name="479" href="#479">479</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, msg, ex);
|
||||
<a class="jxr_linenumber" name="480" href="#480">480</a> }
|
||||
<a class="jxr_linenumber" name="481" href="#481">481</a> <strong class="jxr_keyword">if</strong> (currentTimestamp == cve.getTimestamp()) {
|
||||
<a class="jxr_linenumber" name="482" href="#482">482</a> cve.setNeedsUpdate(false); <em class="jxr_comment">//they default to true.</em>
|
||||
<a class="jxr_linenumber" name="483" href="#483">483</a> }
|
||||
<a class="jxr_linenumber" name="484" href="#484">484</a> }
|
||||
<a class="jxr_linenumber" name="485" href="#485">485</a> }
|
||||
<a class="jxr_linenumber" name="486" href="#486">486</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="487" href="#487">487</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"An invalid schema version or timestamp exists in the data.properties file."</span>;
|
||||
<a class="jxr_linenumber" name="488" href="#488">488</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, msg);
|
||||
<a class="jxr_linenumber" name="489" href="#489">489</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="490" href="#490">490</a> setDoBatchUpdate(properties.isBatchUpdateMode());
|
||||
<a class="jxr_linenumber" name="491" href="#491">491</a> }
|
||||
<a class="jxr_linenumber" name="492" href="#492">492</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="493" href="#493">493</a> setDoBatchUpdate(properties.isBatchUpdateMode());
|
||||
<a class="jxr_linenumber" name="494" href="#494">494</a> }
|
||||
<a class="jxr_linenumber" name="495" href="#495">495</a> <strong class="jxr_keyword">return</strong> currentlyPublished;
|
||||
<a class="jxr_linenumber" name="496" href="#496">496</a> }
|
||||
<a class="jxr_linenumber" name="497" href="#497">497</a>
|
||||
<a class="jxr_linenumber" name="498" href="#498">498</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="499" href="#499">499</a> <em class="jxr_javadoccomment"> * Determines if the epoch date is within the range specified of the</em>
|
||||
<a class="jxr_linenumber" name="500" href="#500">500</a> <em class="jxr_javadoccomment"> * compareTo epoch time. This takes the (compareTo-date)/1000/60/60/24 to</em>
|
||||
<a class="jxr_linenumber" name="501" href="#501">501</a> <em class="jxr_javadoccomment"> * get the number of days. If the calculated days is less then the range the</em>
|
||||
<a class="jxr_linenumber" name="502" href="#502">502</a> <em class="jxr_javadoccomment"> * date is considered valid.</em>
|
||||
<a class="jxr_linenumber" name="503" href="#503">503</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="504" href="#504">504</a> <em class="jxr_javadoccomment"> * @param date the date to be checked.</em>
|
||||
<a class="jxr_linenumber" name="505" href="#505">505</a> <em class="jxr_javadoccomment"> * @param compareTo the date to compare to.</em>
|
||||
<a class="jxr_linenumber" name="506" href="#506">506</a> <em class="jxr_javadoccomment"> * @param range the range in days to be considered valid.</em>
|
||||
<a class="jxr_linenumber" name="507" href="#507">507</a> <em class="jxr_javadoccomment"> * @return whether or not the date is within the range.</em>
|
||||
<a class="jxr_linenumber" name="508" href="#508">508</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="509" href="#509">509</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> withinRange(<strong class="jxr_keyword">long</strong> date, <strong class="jxr_keyword">long</strong> compareTo, <strong class="jxr_keyword">int</strong> range) {
|
||||
<a class="jxr_linenumber" name="510" href="#510">510</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">double</strong> differenceInDays = (compareTo - date) / 1000.0 / 60.0 / 60.0 / 24.0;
|
||||
<a class="jxr_linenumber" name="511" href="#511">511</a> <strong class="jxr_keyword">return</strong> differenceInDays < range;
|
||||
<a class="jxr_linenumber" name="512" href="#512">512</a> }
|
||||
<a class="jxr_linenumber" name="513" href="#513">513</a>
|
||||
<a class="jxr_linenumber" name="514" href="#514">514</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="515" href="#515">515</a> <em class="jxr_javadoccomment"> * Retrieves the timestamps from the NVD CVE meta data file.</em>
|
||||
<a class="jxr_linenumber" name="516" href="#516">516</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="517" href="#517">517</a> <em class="jxr_javadoccomment"> * @return the timestamp from the currently published nvdcve downloads page</em>
|
||||
<a class="jxr_linenumber" name="518" href="#518">518</a> <em class="jxr_javadoccomment"> * @throws MalformedURLException thrown if the URL for the NVD CCE Meta data</em>
|
||||
<a class="jxr_linenumber" name="519" href="#519">519</a> <em class="jxr_javadoccomment"> * is incorrect.</em>
|
||||
<a class="jxr_linenumber" name="520" href="#520">520</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException thrown if there is an error downloading</em>
|
||||
<a class="jxr_linenumber" name="521" href="#521">521</a> <em class="jxr_javadoccomment"> * the nvd cve meta data file</em>
|
||||
<a class="jxr_linenumber" name="522" href="#522">522</a> <em class="jxr_javadoccomment"> * @throws InvalidDataException thrown if there is an exception parsing the</em>
|
||||
<a class="jxr_linenumber" name="523" href="#523">523</a> <em class="jxr_javadoccomment"> * timestamps</em>
|
||||
<a class="jxr_linenumber" name="524" href="#524">524</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException thrown if the settings are invalid</em>
|
||||
<a class="jxr_linenumber" name="525" href="#525">525</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="526" href="#526">526</a> <strong class="jxr_keyword">private</strong> Map<String, NvdCveInfo> retrieveCurrentTimestampsFromWeb()
|
||||
<a class="jxr_linenumber" name="527" href="#527">527</a> <strong class="jxr_keyword">throws</strong> MalformedURLException, DownloadFailedException, InvalidDataException, <a href="../../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a> {
|
||||
<a class="jxr_linenumber" name="528" href="#528">528</a>
|
||||
<a class="jxr_linenumber" name="529" href="#529">529</a> <strong class="jxr_keyword">final</strong> Map<String, NvdCveInfo> map = <strong class="jxr_keyword">new</strong> TreeMap<String, NvdCveInfo>();
|
||||
<a class="jxr_linenumber" name="530" href="#530">530</a> String retrieveUrl = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
|
||||
<a class="jxr_linenumber" name="531" href="#531">531</a> <strong class="jxr_keyword">if</strong> (retrieveUrl == <strong class="jxr_keyword">null</strong> && properties.isBatchUpdateMode()) {
|
||||
<a class="jxr_linenumber" name="532" href="#532">532</a> <strong class="jxr_keyword">final</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a> item = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a>();
|
||||
<a class="jxr_linenumber" name="533" href="#533">533</a> retrieveUrl = Settings.getString(Settings.KEYS.BATCH_UPDATE_URL);
|
||||
<a class="jxr_linenumber" name="534" href="#534">534</a> <strong class="jxr_keyword">if</strong> (retrieveUrl == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="535" href="#535">535</a> <strong class="jxr_keyword">final</strong> String msg = <span class="jxr_string">"Invalid configuration - neither the modified or batch update URLs are specified in the configuration."</span>;
|
||||
<a class="jxr_linenumber" name="536" href="#536">536</a> Logger.getLogger(DataStoreMetaInfo.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, msg);
|
||||
<a class="jxr_linenumber" name="537" href="#537">537</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(msg);
|
||||
<a class="jxr_linenumber" name="538" href="#538">538</a> }
|
||||
<a class="jxr_linenumber" name="539" href="#539">539</a> item.setTimestamp(Downloader.getLastModified(<strong class="jxr_keyword">new</strong> URL(retrieveUrl)));
|
||||
<a class="jxr_linenumber" name="540" href="#540">540</a> item.setId(BATCH);
|
||||
<a class="jxr_linenumber" name="541" href="#541">541</a> item.setNeedsUpdate(false);
|
||||
<a class="jxr_linenumber" name="542" href="#542">542</a> map.put(BATCH, item);
|
||||
<a class="jxr_linenumber" name="543" href="#543">543</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="544" href="#544">544</a> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a> item = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a>();
|
||||
<a class="jxr_linenumber" name="545" href="#545">545</a> item.setNeedsUpdate(false); <em class="jxr_comment">//the others default to true, to make life easier later this should default to false.</em>
|
||||
<a class="jxr_linenumber" name="546" href="#546">546</a> item.setId(MODIFIED);
|
||||
<a class="jxr_linenumber" name="547" href="#547">547</a> item.setUrl(retrieveUrl);
|
||||
<a class="jxr_linenumber" name="548" href="#548">548</a> item.setOldSchemaVersionUrl(Settings.getString(Settings.KEYS.CVE_MODIFIED_12_URL));
|
||||
<a class="jxr_linenumber" name="549" href="#549">549</a>
|
||||
<a class="jxr_linenumber" name="550" href="#550">550</a> item.setTimestamp(Downloader.getLastModified(<strong class="jxr_keyword">new</strong> URL(retrieveUrl)));
|
||||
<a class="jxr_linenumber" name="551" href="#551">551</a> map.put(MODIFIED, item);
|
||||
<a class="jxr_linenumber" name="552" href="#552">552</a>
|
||||
<a class="jxr_linenumber" name="553" href="#553">553</a> <em class="jxr_comment">//only add these urls if we are not in batch mode</em>
|
||||
<a class="jxr_linenumber" name="554" href="#554">554</a> <strong class="jxr_keyword">if</strong> (!properties.isBatchUpdateMode()) {
|
||||
<a class="jxr_linenumber" name="555" href="#555">555</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> start = Settings.getInt(Settings.KEYS.CVE_START_YEAR);
|
||||
<a class="jxr_linenumber" name="556" href="#556">556</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> end = Calendar.getInstance().get(Calendar.YEAR);
|
||||
<a class="jxr_linenumber" name="557" href="#557">557</a> <strong class="jxr_keyword">final</strong> String baseUrl20 = Settings.getString(Settings.KEYS.CVE_SCHEMA_2_0);
|
||||
<a class="jxr_linenumber" name="558" href="#558">558</a> <strong class="jxr_keyword">final</strong> String baseUrl12 = Settings.getString(Settings.KEYS.CVE_SCHEMA_1_2);
|
||||
<a class="jxr_linenumber" name="559" href="#559">559</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = start; i <= end; i++) {
|
||||
<a class="jxr_linenumber" name="560" href="#560">560</a> retrieveUrl = String.format(baseUrl20, i);
|
||||
<a class="jxr_linenumber" name="561" href="#561">561</a> item = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a>();
|
||||
<a class="jxr_linenumber" name="562" href="#562">562</a> item.setId(Integer.toString(i));
|
||||
<a class="jxr_linenumber" name="563" href="#563">563</a> item.setUrl(retrieveUrl);
|
||||
<a class="jxr_linenumber" name="564" href="#564">564</a> item.setOldSchemaVersionUrl(String.format(baseUrl12, i));
|
||||
<a class="jxr_linenumber" name="565" href="#565">565</a> item.setTimestamp(Downloader.getLastModified(<strong class="jxr_keyword">new</strong> URL(retrieveUrl)));
|
||||
<a class="jxr_linenumber" name="566" href="#566">566</a> map.put(item.getId(), item);
|
||||
<a class="jxr_linenumber" name="567" href="#567">567</a> }
|
||||
<a class="jxr_linenumber" name="568" href="#568">568</a> }
|
||||
<a class="jxr_linenumber" name="569" href="#569">569</a> }
|
||||
<a class="jxr_linenumber" name="570" href="#570">570</a> <strong class="jxr_keyword">return</strong> map;
|
||||
<a class="jxr_linenumber" name="571" href="#571">571</a> }
|
||||
<a class="jxr_linenumber" name="572" href="#572">572</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,152 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>NvdCveInfo xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../../apidocs/org/owasp/dependencycheck/data/update/NvdCveInfo.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.update;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <em class="jxr_javadoccomment"> * A pojo that contains the Url and timestamp of the current NvdCve XML files.</em>
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/update/NvdCveInfo.html">NvdCveInfo</a> {
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a>
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment"> * an id.</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">private</strong> String id;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment"> * Get the value of id.</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> * @return the value of id</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">public</strong> String getId() {
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">return</strong> id;
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> }
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * Set the value of id.</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> * @param id new value of id</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setId(String id) {
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">this</strong>.id = id;
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> }
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * a url.</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <strong class="jxr_keyword">private</strong> String url;
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * Get the value of url.</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> * @return the value of url</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <strong class="jxr_keyword">public</strong> String getUrl() {
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <strong class="jxr_keyword">return</strong> url;
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> }
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> * Set the value of url.</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment"> * @param url new value of url</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setUrl(String url) {
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <strong class="jxr_keyword">this</strong>.url = url;
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> }
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * The 1.2 schema URL.</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <strong class="jxr_keyword">private</strong> String oldSchemaVersionUrl;
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> * Get the value of oldSchemaVersionUrl.</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> * @return the value of oldSchemaVersionUrl</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <strong class="jxr_keyword">public</strong> String getOldSchemaVersionUrl() {
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <strong class="jxr_keyword">return</strong> oldSchemaVersionUrl;
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> }
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> * Set the value of oldSchemaVersionUrl.</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> * @param oldSchemaVersionUrl new value of oldSchemaVersionUrl</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setOldSchemaVersionUrl(String oldSchemaVersionUrl) {
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">this</strong>.oldSchemaVersionUrl = oldSchemaVersionUrl;
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> }
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * a timestamp - epoch time.</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">long</strong> timestamp;
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * Get the value of timestamp - epoch time.</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> * @return the value of timestamp - epoch time</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">long</strong> getTimestamp() {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">return</strong> timestamp;
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> }
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <em class="jxr_javadoccomment"> * Set the value of timestamp - epoch time.</em>
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <em class="jxr_javadoccomment"> * @param timestamp new value of timestamp - epoch time</em>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setTimestamp(<strong class="jxr_keyword">long</strong> timestamp) {
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <strong class="jxr_keyword">this</strong>.timestamp = timestamp;
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> }
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment"> * indicates whether or not this item should be updated.</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> needsUpdate = <strong class="jxr_keyword">true</strong>;
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <em class="jxr_javadoccomment"> * Get the value of needsUpdate.</em>
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment"> * @return the value of needsUpdate</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> getNeedsUpdate() {
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <strong class="jxr_keyword">return</strong> needsUpdate;
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> }
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment"> * Set the value of needsUpdate.</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment"> * @param needsUpdate new value of needsUpdate</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setNeedsUpdate(<strong class="jxr_keyword">boolean</strong> needsUpdate) {
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <strong class="jxr_keyword">this</strong>.needsUpdate = needsUpdate;
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> }
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.update</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<h3>
|
||||
<a href="package-summary.html" target="classFrame">org.owasp.dependencycheck.data.update</a>
|
||||
</h3>
|
||||
|
||||
<h3>Classes</h3>
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
<a href="DataStoreMetaInfo.html" target="classFrame">DataStoreMetaInfo</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="DatabaseUpdater.html" target="classFrame">DatabaseUpdater</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="NvdCveInfo.html" target="classFrame">NvdCveInfo</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,77 @@
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.data.update</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
<div class="overview">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../../overview-summary.html">Overview</a>
|
||||
</li>
|
||||
<li class="selected">Package</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="framenoframe">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../../index.html" target="_top">FRAMES</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="package-summary.html" target="_top">NO FRAMES</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<h2>Package org.owasp.dependencycheck.data.update</h2>
|
||||
|
||||
<table class="summary">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Class Summary</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="DataStoreMetaInfo.html" target="classFrame">DataStoreMetaInfo</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="DatabaseUpdater.html" target="classFrame">DatabaseUpdater</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="NvdCveInfo.html" target="classFrame">NvdCveInfo</a>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<div class="overview">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../../overview-summary.html">Overview</a>
|
||||
</li>
|
||||
<li class="selected">Package</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="framenoframe">
|
||||
<ul>
|
||||
<li>
|
||||
<a href="../../../../../index.html" target="_top">FRAMES</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="package-summary.html" target="_top">NO FRAMES</a>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
<hr />
|
||||
Copyright © 2012-2013 OWASP. All Rights Reserved.
|
||||
</body>
|
||||
</html>
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.dependency</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.dependency</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.dependency</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.dependency</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.jaxb.pom.generated</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.jaxb.pom.generated</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.jaxb.pom.generated</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.jaxb.pom.generated</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.jaxb.pom</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.jaxb.pom</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.jaxb.pom</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.jaxb.pom</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.reporting</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.reporting</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.reporting</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.reporting</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
@@ -37,210 +37,186 @@
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.net.InetSocketAddress;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> java.net.Proxy;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> java.net.SocketAddress;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.net.URL;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> java.util.zip.GZIPInputStream;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> java.util.zip.InflaterInputStream;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * A utility to download files from the Internet.</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/Downloader.html">Downloader</a> {
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * Private constructor for utility class.</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/Downloader.html">Downloader</a>() {
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> }
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * Retrieves a file from a given URL and saves it to the outputPath.</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * @param url the URL of the file to download.</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * @param outputPath the path to the save the file to.</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if there is an error</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * downloading the file.</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> fetchFile(URL url, String outputPath) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> fetchFile(url, outputPath, false);
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> }
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> * Retrieves a file from a given URL and saves it to the outputPath.</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * @param url the URL of the file to download.</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> * @param outputPath the path to the save the file to.</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <em class="jxr_javadoccomment"> * @param unzip true/false indicating that the file being retrieved is</em>
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <em class="jxr_javadoccomment"> * gzipped and if true, should be uncompressed before writing to the file.</em>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if there is an error</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> * downloading the file.</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> fetchFile(URL url, String outputPath, <strong class="jxr_keyword">boolean</strong> unzip) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <strong class="jxr_keyword">final</strong> File f = <strong class="jxr_keyword">new</strong> File(outputPath);
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> fetchFile(url, f, unzip);
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> }
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.net.URISyntaxException;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.net.URL;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> java.util.zip.GZIPInputStream;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> java.util.zip.InflaterInputStream;
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> * A utility to download files from the Internet.</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/Downloader.html">Downloader</a> {
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> * Private constructor for utility class.</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/Downloader.html">Downloader</a>() {
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> }
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * Retrieves a file from a given URL and saves it to the outputPath.</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * @param url the URL of the file to download.</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * @param outputPath the path to the save the file to.</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if there is an error</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * downloading the file.</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> fetchFile(URL url, File outputPath) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> HttpURLConnection conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> conn = Downloader.getConnection(url);
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> conn.setRequestProperty(<span class="jxr_string">"Accept-Encoding"</span>, <span class="jxr_string">"gzip, deflate"</span>);
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> conn.connect();
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">if</strong> (conn != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> }
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> }
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error downloading file."</span>, ex);
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> }
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <strong class="jxr_keyword">final</strong> String encoding = conn.getContentEncoding();
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * Retrieves a file from a given URL and saves it to the outputPath.</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> * @param url the URL of the file to download.</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> * @param outputPath the path to the save the file to.</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if there is an error</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * downloading the file.</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> fetchFile(URL url, File outputPath) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> fetchFile(url, outputPath, false);
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> }
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> * Retrieves a file from a given URL and saves it to the outputPath.</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> * @param url the URL of the file to download.</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> * @param outputPath the path to the save the file to.</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> * @param unzip true/false indicating that the file being retrieved is</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment"> * gzipped and if true, should be uncompressed before writing to the file.</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if there is an error</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> * downloading the file.</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> fetchFile(URL url, File outputPath, <strong class="jxr_keyword">boolean</strong> unzip) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> HttpURLConnection conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> conn = Downloader.getConnection(url);
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> conn.setRequestProperty(<span class="jxr_string">"Accept-Encoding"</span>, <span class="jxr_string">"gzip, deflate"</span>);
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> conn.connect();
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">if</strong> (conn != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> }
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> BufferedOutputStream writer = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> InputStream reader = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <strong class="jxr_keyword">if</strong> (encoding != <strong class="jxr_keyword">null</strong> && <span class="jxr_string">"gzip"</span>.equalsIgnoreCase(encoding)) {
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> reader = <strong class="jxr_keyword">new</strong> GZIPInputStream(conn.getInputStream());
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (encoding != <strong class="jxr_keyword">null</strong> && <span class="jxr_string">"deflate"</span>.equalsIgnoreCase(encoding)) {
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> reader = <strong class="jxr_keyword">new</strong> InflaterInputStream(conn.getInputStream());
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> reader = conn.getInputStream();
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> }
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> writer = <strong class="jxr_keyword">new</strong> BufferedOutputStream(<strong class="jxr_keyword">new</strong> FileOutputStream(outputPath));
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <strong class="jxr_keyword">final</strong> byte[] buffer = <strong class="jxr_keyword">new</strong> byte[4096];
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">int</strong> bytesRead;
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <strong class="jxr_keyword">while</strong> ((bytesRead = reader.read(buffer)) > 0) {
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> writer.write(buffer, 0, bytesRead);
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> }
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error saving downloaded file."</span>, ex);
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <strong class="jxr_keyword">if</strong> (writer != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> writer.close();
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> Logger.getLogger(Downloader.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST,
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <span class="jxr_string">"Error closing the writer in Downloader."</span>, ex);
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> }
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> }
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">if</strong> (reader != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> reader.close();
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> Logger.getLogger(Downloader.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST,
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <span class="jxr_string">"Error closing the reader in Downloader."</span>, ex);
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> }
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> }
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error downloading file."</span>, ex);
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> }
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <strong class="jxr_keyword">final</strong> String encoding = conn.getContentEncoding();
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> BufferedOutputStream writer = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> InputStream reader = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <strong class="jxr_keyword">if</strong> (unzip || (encoding != <strong class="jxr_keyword">null</strong> && <span class="jxr_string">"gzip"</span>.equalsIgnoreCase(encoding))) {
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> reader = <strong class="jxr_keyword">new</strong> GZIPInputStream(conn.getInputStream());
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (encoding != <strong class="jxr_keyword">null</strong> && <span class="jxr_string">"deflate"</span>.equalsIgnoreCase(encoding)) {
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> reader = <strong class="jxr_keyword">new</strong> InflaterInputStream(conn.getInputStream());
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> reader = conn.getInputStream();
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> }
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> writer = <strong class="jxr_keyword">new</strong> BufferedOutputStream(<strong class="jxr_keyword">new</strong> FileOutputStream(outputPath));
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <strong class="jxr_keyword">final</strong> byte[] buffer = <strong class="jxr_keyword">new</strong> byte[4096];
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <strong class="jxr_keyword">int</strong> bytesRead;
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <strong class="jxr_keyword">while</strong> ((bytesRead = reader.read(buffer)) > 0) {
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> writer.write(buffer, 0, bytesRead);
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> }
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error saving downloaded file."</span>, ex);
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <strong class="jxr_keyword">if</strong> (writer != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> writer.close();
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> writer = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> Logger.getLogger(Downloader.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST,
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <span class="jxr_string">"Error closing the writer in Downloader."</span>, ex);
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> }
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> }
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <strong class="jxr_keyword">if</strong> (reader != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> reader.close();
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> reader = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> Logger.getLogger(Downloader.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST,
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <span class="jxr_string">"Error closing the reader in Downloader."</span>, ex);
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> }
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> }
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> }
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> }
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> }
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a>
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <em class="jxr_javadoccomment"> * Makes an HTTP Head request to retrieve the last modified date of the</em>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <em class="jxr_javadoccomment"> * given URL.</em>
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <em class="jxr_javadoccomment"> * @param url the URL to retrieve the timestamp from</em>
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <em class="jxr_javadoccomment"> * @return an epoch timestamp</em>
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if an exception occurs making</em>
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <em class="jxr_javadoccomment"> * the HTTP request</em>
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">long</strong> getLastModified(URL url) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> HttpURLConnection conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <strong class="jxr_keyword">long</strong> timestamp = 0;
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> conn = Downloader.getConnection(url);
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> conn.setRequestMethod(<span class="jxr_string">"HEAD"</span>);
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> conn.connect();
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> timestamp = conn.getLastModified();
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error making HTTP HEAD request."</span>, ex);
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <strong class="jxr_keyword">if</strong> (conn != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> }
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> }
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> }
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> <strong class="jxr_keyword">return</strong> timestamp;
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> }
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a>
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> <em class="jxr_javadoccomment"> * Utility method to get an HttpURLConnection. If the app is configured to</em>
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> <em class="jxr_javadoccomment"> * use a proxy this method will retrieve the proxy settings and use them</em>
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <em class="jxr_javadoccomment"> * when setting up the connection.</em>
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <em class="jxr_javadoccomment"> * @param url the url to connect to</em>
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> <em class="jxr_javadoccomment"> * @return an HttpURLConnection</em>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException thrown if there is an exception</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> HttpURLConnection getConnection(URL url) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> HttpURLConnection conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> Proxy proxy = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <strong class="jxr_keyword">final</strong> String proxyUrl = Settings.getString(Settings.KEYS.PROXY_URL);
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> <strong class="jxr_keyword">if</strong> (proxyUrl != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> proxyPort = Settings.getInt(Settings.KEYS.PROXY_PORT);
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <strong class="jxr_keyword">final</strong> SocketAddress addr = <strong class="jxr_keyword">new</strong> InetSocketAddress(proxyUrl, proxyPort);
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> proxy = <strong class="jxr_keyword">new</strong> Proxy(Proxy.Type.HTTP, addr);
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> conn = (HttpURLConnection) url.openConnection(proxy);
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> conn = (HttpURLConnection) url.openConnection();
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> }
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> <em class="jxr_comment">//added a default timeout of 20000</em>
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> <em class="jxr_comment">//if (Settings.getString(Settings.KEYS.CONNECTION_TIMEOUT) != null) {</em>
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> timeout = Settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 60000);
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> conn.setConnectTimeout(timeout);
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_comment">//}</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <strong class="jxr_keyword">if</strong> (conn != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> }
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> }
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error getting connection."</span>, ex);
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> }
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <strong class="jxr_keyword">return</strong> conn;
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> }
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> }
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> }
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> }
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> }
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <em class="jxr_javadoccomment"> * Makes an HTTP Head request to retrieve the last modified date of the</em>
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <em class="jxr_javadoccomment"> * given URL. If the file:// protocol is specified, then the lastTimestamp</em>
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <em class="jxr_javadoccomment"> * of the file is returned.</em>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment"> * @param url the URL to retrieve the timestamp from</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment"> * @return an epoch timestamp</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException is thrown if an exception occurs making</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> * the HTTP request</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">long</strong> getLastModified(URL url) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <strong class="jxr_keyword">long</strong> timestamp = 0;
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_comment">//TODO add the FPR protocol?</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"file"</span>.equalsIgnoreCase(url.getProtocol())) {
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> File lastModifiedFile;
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_comment">// if (System.getProperty("os.name").toLowerCase().startsWith("windows")) {</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_comment">// String filePath = url.toString();</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <em class="jxr_comment">// if (filePath.matches("file://[a-zA-Z]:.*")) {</em>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_comment">// f = new File(filePath.substring(7));</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_comment">// } else {</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_comment">// f = new File(url.toURI());</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_comment">// } else {</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> lastModifiedFile = <strong class="jxr_keyword">new</strong> File(url.toURI());
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_comment">// }</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> } <strong class="jxr_keyword">catch</strong> (URISyntaxException ex) {
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to locate '%s'; is the cve.url-2.0.modified property set correctly?"</span>, url.toString());
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(msg);
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> }
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> timestamp = lastModifiedFile.lastModified();
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> HttpURLConnection conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> conn = Downloader.getConnection(url);
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> conn.setRequestMethod(<span class="jxr_string">"HEAD"</span>);
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> conn.connect();
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> timestamp = conn.getLastModified();
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error making HTTP HEAD request."</span>, ex);
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <strong class="jxr_keyword">if</strong> (conn != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> }
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> }
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> }
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> }
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> <strong class="jxr_keyword">return</strong> timestamp;
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> }
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a>
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment"> * Utility method to get an HttpURLConnection. If the app is configured to</em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment"> * use a proxy this method will retrieve the proxy settings and use them</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <em class="jxr_javadoccomment"> * when setting up the connection.</em>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment"> * @param url the url to connect to</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment"> * @return an HttpURLConnection</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <em class="jxr_javadoccomment"> * @throws DownloadFailedException thrown if there is an exception</em>
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> HttpURLConnection getConnection(URL url) <strong class="jxr_keyword">throws</strong> DownloadFailedException {
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> HttpURLConnection conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> Proxy proxy = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> <strong class="jxr_keyword">final</strong> String proxyUrl = Settings.getString(Settings.KEYS.PROXY_URL);
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <strong class="jxr_keyword">if</strong> (proxyUrl != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> proxyPort = Settings.getInt(Settings.KEYS.PROXY_PORT);
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> <strong class="jxr_keyword">final</strong> SocketAddress addr = <strong class="jxr_keyword">new</strong> InetSocketAddress(proxyUrl, proxyPort);
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> proxy = <strong class="jxr_keyword">new</strong> Proxy(Proxy.Type.HTTP, addr);
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> conn = (HttpURLConnection) url.openConnection(proxy);
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> conn = (HttpURLConnection) url.openConnection();
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> }
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> timeout = Settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 60000);
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> conn.setConnectTimeout(timeout);
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <strong class="jxr_keyword">if</strong> (conn != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> conn.disconnect();
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> conn = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> }
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> }
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/DownloadFailedException.html">DownloadFailedException</a>(<span class="jxr_string">"Error getting connection."</span>, ex);
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> }
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">return</strong> conn;
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> }
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,83 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>ExtractionException xref</title>
|
||||
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/utils/ExtractionException.html">View Javadoc</a></div><pre>
|
||||
|
||||
<a class="jxr_linenumber" name="1" href="#1">1</a> <em class="jxr_comment">/*</em>
|
||||
<a class="jxr_linenumber" name="2" href="#2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
|
||||
<a class="jxr_linenumber" name="3" href="#3">3</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="4" href="#4">4</a> <em class="jxr_comment"> * Dependency-check-core is free software: you can redistribute it and/or modify it</em>
|
||||
<a class="jxr_linenumber" name="5" href="#5">5</a> <em class="jxr_comment"> * under the terms of the GNU General Public License as published by the Free</em>
|
||||
<a class="jxr_linenumber" name="6" href="#6">6</a> <em class="jxr_comment"> * Software Foundation, either version 3 of the License, or (at your option) any</em>
|
||||
<a class="jxr_linenumber" name="7" href="#7">7</a> <em class="jxr_comment"> * later version.</em>
|
||||
<a class="jxr_linenumber" name="8" href="#8">8</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="9" href="#9">9</a> <em class="jxr_comment"> * Dependency-check-core is distributed in the hope that it will be useful, but</em>
|
||||
<a class="jxr_linenumber" name="10" href="#10">10</a> <em class="jxr_comment"> * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or</em>
|
||||
<a class="jxr_linenumber" name="11" href="#11">11</a> <em class="jxr_comment"> * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more</em>
|
||||
<a class="jxr_linenumber" name="12" href="#12">12</a> <em class="jxr_comment"> * details.</em>
|
||||
<a class="jxr_linenumber" name="13" href="#13">13</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="14" href="#14">14</a> <em class="jxr_comment"> * You should have received a copy of the GNU General Public License along with</em>
|
||||
<a class="jxr_linenumber" name="15" href="#15">15</a> <em class="jxr_comment"> * dependency-check-core. If not, see <a href="http://www.gnu.org/licenses/." target="alexandria_uri">http://www.gnu.org/licenses/.</a></em>
|
||||
<a class="jxr_linenumber" name="16" href="#16">16</a> <em class="jxr_comment"> *</em>
|
||||
<a class="jxr_linenumber" name="17" href="#17">17</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.utils;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a>
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <em class="jxr_javadoccomment"> * An exception used when a file is unable to be un-zipped.</em>
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a> <strong class="jxr_keyword">extends</strong> IOException {
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <em class="jxr_javadoccomment"> * The serial version UID.</em>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">long</strong> serialVersionUID = 1L;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> * Creates a new ExtractionException.</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>() {
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">super</strong>();
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> }
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * Creates a new ExtractionException.</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> * @param msg a message for the exception.</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(String msg) {
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">super</strong>(msg);
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> }
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * Creates a new ExtractionException.</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * @param ex the cause of the download failure.</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(Throwable ex) {
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <strong class="jxr_keyword">super</strong>(ex);
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> }
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * Creates a new ExtractionException.</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> * @param msg a message for the exception.</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * @param ex the cause of the download failure.</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(String msg, Throwable ex) {
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <strong class="jxr_keyword">super</strong>(msg, ex);
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> }
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -28,103 +28,242 @@
|
||||
<a class="jxr_linenumber" name="18" href="#18">18</a> <em class="jxr_comment"> */</em>
|
||||
<a class="jxr_linenumber" name="19" href="#19">19</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.utils;
|
||||
<a class="jxr_linenumber" name="20" href="#20">20</a>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.File;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.io.FileNotFoundException;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.io.UnsupportedEncodingException;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.net.URLDecoder;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a>
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <em class="jxr_javadoccomment"> * A collection of utilities for processing information about files.</em>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/FileUtils.html">FileUtils</a> {
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> * Private constructor for a utility class.</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/FileUtils.html">FileUtils</a>() {
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> }
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> * Returns the (lowercase) file extension for a specified file.</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * @param fileName the file name to retrieve the file extension from.</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * @return the file extension.</em>
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.io.BufferedInputStream;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.io.BufferedOutputStream;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.io.File;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.io.FileInputStream;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.io.FileNotFoundException;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.io.FileOutputStream;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> java.io.UnsupportedEncodingException;
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> java.net.URLDecoder;
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> java.util.zip.ZipEntry;
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> java.util.zip.ZipInputStream;
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> * A collection of utilities for processing information about files.</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/FileUtils.html">FileUtils</a> {
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> * The buffer size to use when extracting files from the archive.</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> String getFileExtension(String fileName) {
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> String ret = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> pos = fileName.lastIndexOf(<span class="jxr_string">"."</span>);
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <strong class="jxr_keyword">if</strong> (pos >= 0) {
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> ret = fileName.substring(pos + 1, fileName.length()).toLowerCase();
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> }
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <strong class="jxr_keyword">return</strong> ret;
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> }
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> * Deletes a file. If the File is a directory it will recursively delete the</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * contents.</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * @param file the File to delete</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if the file could not be deleted</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> delete(File file) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <strong class="jxr_keyword">if</strong> (file.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <strong class="jxr_keyword">for</strong> (File c : file.listFiles()) {
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> delete(c);
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> }
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> }
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <strong class="jxr_keyword">if</strong> (!file.delete()) {
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> FileNotFoundException(<span class="jxr_string">"Failed to delete file: "</span> + file);
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> }
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> }
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> * Returns the data directory. If a path was specified in</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> * dependencycheck.properties or was specified using the Settings object,</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * and the path exists, that path will be returned as a File object. If it</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * does not exist, then a File object will be created based on the file</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> * location of the JAR containing the specified class.</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> * @param configuredFilePath the configured relative or absolute path</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * @param clazz the class whos path will be resolved</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * @return a File object</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if the path could not be decoded</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> * @deprecated This method should no longer be used. See the implementation</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> * in dependency-check-cli/App.java to see how the data directory should be</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> * set.</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> @java.lang.Deprecated
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getDataDirectory(String configuredFilePath, Class clazz) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <strong class="jxr_keyword">final</strong> File file = <strong class="jxr_keyword">new</strong> File(configuredFilePath);
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">if</strong> (file.isDirectory() && file.canWrite()) {
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(file.getCanonicalPath());
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">final</strong> File exePath = getPathToJar(clazz);
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(exePath, configuredFilePath);
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> }
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> }
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * Retrieves the physical path to the parent directory containing the</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> * provided class. For example, if a JAR file contained a class</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> * org.something.clazz this method would return the parent directory of the</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment"> * JAR file.</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <em class="jxr_javadoccomment"> * @param clazz the class to determine the parent directory of</em>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <em class="jxr_javadoccomment"> * @return the parent directory of the file containing the specified class.</em>
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <em class="jxr_javadoccomment"> * @throws UnsupportedEncodingException thrown if UTF-8 is not supported.</em>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <em class="jxr_javadoccomment"> * @deprecated this should no longer be used.</em>
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> @java.lang.Deprecated
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getPathToJar(Class clazz) <strong class="jxr_keyword">throws</strong> UnsupportedEncodingException {
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <strong class="jxr_keyword">final</strong> String filePath = clazz.getProtectionDomain().getCodeSource().getLocation().getPath();
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">final</strong> String decodedPath = URLDecoder.decode(filePath, <span class="jxr_string">"UTF-8"</span>);
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <strong class="jxr_keyword">final</strong> File jarPath = <strong class="jxr_keyword">new</strong> File(decodedPath);
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <strong class="jxr_keyword">return</strong> jarPath.getParentFile();
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> }
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> }
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> BUFFER_SIZE = 4096;
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> * Private constructor for a utility class.</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/FileUtils.html">FileUtils</a>() {
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> }
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> * Returns the (lowercase) file extension for a specified file.</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <em class="jxr_javadoccomment"> * @param fileName the file name to retrieve the file extension from.</em>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment"> * @return the file extension.</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> String getFileExtension(String fileName) {
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> String ret = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> pos = fileName.lastIndexOf(<span class="jxr_string">"."</span>);
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <strong class="jxr_keyword">if</strong> (pos >= 0) {
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> ret = fileName.substring(pos + 1, fileName.length()).toLowerCase();
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> }
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">return</strong> ret;
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> }
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> * Deletes a file. If the File is a directory it will recursively delete the</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * contents.</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * @param file the File to delete</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if the file could not be deleted</em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> delete(File file) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <strong class="jxr_keyword">if</strong> (file.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <strong class="jxr_keyword">for</strong> (File c : file.listFiles()) {
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> delete(c);
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> }
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> }
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <strong class="jxr_keyword">if</strong> (!org.apache.commons.io.FileUtils.deleteQuietly(file)) {
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_comment">//if (!file.delete()) {</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> FileNotFoundException(<span class="jxr_string">"Failed to delete file: "</span> + file);
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> file.deleteOnExit();
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> }
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> }
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> * Deletes a file. If the File is a directory it will recursively delete the</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> * contents.</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment"> * @param file the File to delete</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * @param deleteOnExit setting this to true will cause errors to be ignored</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> * and if there is an error deleting the file it will be setup to be deleted</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> * when the JVM exits.</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if the file could not be deleted</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> delete(File file, <strong class="jxr_keyword">boolean</strong> deleteOnExit) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <strong class="jxr_keyword">if</strong> (file.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <strong class="jxr_keyword">for</strong> (File c : file.listFiles()) {
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> delete(c);
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> }
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> }
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">if</strong> (!org.apache.commons.io.FileUtils.deleteQuietly(file)) {
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <em class="jxr_comment">//if (!file.delete()) {</em>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <strong class="jxr_keyword">if</strong> (deleteOnExit) {
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> file.deleteOnExit();
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> FileNotFoundException(<span class="jxr_string">"Failed to delete file: "</span> + file);
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> }
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> }
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> }
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment"> * Returns the data directory. If a path was specified in</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment"> * dependencycheck.properties or was specified using the Settings object,</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> * and the path exists, that path will be returned as a File object. If it</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> * does not exist, then a File object will be created based on the file</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <em class="jxr_javadoccomment"> * location of the JAR containing the specified class.</em>
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <em class="jxr_javadoccomment"> * @param configuredFilePath the configured relative or absolute path</em>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment"> * @param clazz the class whos path will be resolved</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment"> * @return a File object</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown if the path could not be decoded</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> * @deprecated This method should no longer be used. See the implementation</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> * in dependency-check-cli/App.java to see how the data directory should be</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> * set.</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> @java.lang.Deprecated
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getDataDirectory(String configuredFilePath, Class clazz) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <strong class="jxr_keyword">final</strong> File file = <strong class="jxr_keyword">new</strong> File(configuredFilePath);
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <strong class="jxr_keyword">if</strong> (file.isDirectory() && file.canWrite()) {
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(file.getCanonicalPath());
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <strong class="jxr_keyword">final</strong> File exePath = getPathToJar(clazz);
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(exePath, configuredFilePath);
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> }
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> }
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> * Retrieves the physical path to the parent directory containing the</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <em class="jxr_javadoccomment"> * provided class. For example, if a JAR file contained a class</em>
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment"> * org.something.clazz this method would return the parent directory of the</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> * JAR file.</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <em class="jxr_javadoccomment"> * @param clazz the class to determine the parent directory of</em>
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> <em class="jxr_javadoccomment"> * @return the parent directory of the file containing the specified class.</em>
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> <em class="jxr_javadoccomment"> * @throws UnsupportedEncodingException thrown if UTF-8 is not supported.</em>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <em class="jxr_javadoccomment"> * @deprecated this should no longer be used.</em>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> @java.lang.Deprecated
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getPathToJar(Class clazz) <strong class="jxr_keyword">throws</strong> UnsupportedEncodingException {
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <strong class="jxr_keyword">final</strong> String filePath = clazz.getProtectionDomain().getCodeSource().getLocation().getPath();
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <strong class="jxr_keyword">final</strong> String decodedPath = URLDecoder.decode(filePath, <span class="jxr_string">"UTF-8"</span>);
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <strong class="jxr_keyword">final</strong> File jarPath = <strong class="jxr_keyword">new</strong> File(decodedPath);
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> <strong class="jxr_keyword">return</strong> jarPath.getParentFile();
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> }
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a>
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> <em class="jxr_javadoccomment"> * Extracts the contents of an archive into the specified directory.</em>
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <em class="jxr_javadoccomment"> * @param archive an archive file such as a WAR or EAR</em>
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <em class="jxr_javadoccomment"> * @param extractTo a directory to extract the contents to</em>
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> <em class="jxr_javadoccomment"> * @throws ExtractionException thrown if an exception occurs while</em>
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <em class="jxr_javadoccomment"> * extracting the files</em>
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> extractFiles(File archive, File extractTo) <strong class="jxr_keyword">throws</strong> ExtractionException {
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> extractFiles(archive, extractTo, <strong class="jxr_keyword">null</strong>);
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> }
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a>
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment"> * Extracts the contents of an archive into the specified directory. The</em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment"> * files are only extracted if they are supported by the analyzers loaded</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <em class="jxr_javadoccomment"> * into the specified engine. If the engine is specified as null then all</em>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <em class="jxr_javadoccomment"> * files are extracted.</em>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment"> * @param archive an archive file such as a WAR or EAR</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <em class="jxr_javadoccomment"> * @param extractTo a directory to extract the contents to</em>
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <em class="jxr_javadoccomment"> * @param engine the scanning engine</em>
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <em class="jxr_javadoccomment"> * @throws ExtractionException thrown if there is an error extracting the</em>
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <em class="jxr_javadoccomment"> * files</em>
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> extractFiles(File archive, File extractTo, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine) <strong class="jxr_keyword">throws</strong> ExtractionException {
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <strong class="jxr_keyword">if</strong> (archive == <strong class="jxr_keyword">null</strong> || extractTo == <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <strong class="jxr_keyword">return</strong>;
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> }
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a>
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> FileInputStream fis = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> ZipInputStream zis = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a>
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> fis = <strong class="jxr_keyword">new</strong> FileInputStream(archive);
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> Logger.getLogger(FileUtils.<strong class="jxr_keyword">class</strong>.getName()).log(Level.INFO, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(<span class="jxr_string">"Archive file was not found."</span>, ex);
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> }
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> zis = <strong class="jxr_keyword">new</strong> ZipInputStream(<strong class="jxr_keyword">new</strong> BufferedInputStream(fis));
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> ZipEntry entry;
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <strong class="jxr_keyword">while</strong> ((entry = zis.getNextEntry()) != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <strong class="jxr_keyword">if</strong> (entry.isDirectory()) {
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <strong class="jxr_keyword">final</strong> File d = <strong class="jxr_keyword">new</strong> File(extractTo, entry.getName());
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <strong class="jxr_keyword">if</strong> (!d.exists() && !d.mkdirs()) {
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to create '%s'."</span>, d.getAbsolutePath());
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(msg);
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> }
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <strong class="jxr_keyword">final</strong> File file = <strong class="jxr_keyword">new</strong> File(extractTo, entry.getName());
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <strong class="jxr_keyword">final</strong> String ext = getFileExtension(file.getName());
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <strong class="jxr_keyword">if</strong> (engine == <strong class="jxr_keyword">null</strong> || engine.supportsExtension(ext)) {
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> BufferedOutputStream bos = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> FileOutputStream fos;
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> fos = <strong class="jxr_keyword">new</strong> FileOutputStream(file);
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> bos = <strong class="jxr_keyword">new</strong> BufferedOutputStream(fos, BUFFER_SIZE);
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> <strong class="jxr_keyword">int</strong> count;
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <strong class="jxr_keyword">final</strong> byte data[] = <strong class="jxr_keyword">new</strong> byte[BUFFER_SIZE];
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <strong class="jxr_keyword">while</strong> ((count = zis.read(data, 0, BUFFER_SIZE)) != -1) {
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> bos.write(data, 0, count);
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> }
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> bos.flush();
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> } <strong class="jxr_keyword">catch</strong> (FileNotFoundException ex) {
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> Logger.getLogger(FileUtils.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to find file '%s'."</span>, file.getName());
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> Logger.getLogger(FileUtils.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"IO Exception while parsing file '%s'."</span>, file.getName());
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <strong class="jxr_keyword">if</strong> (bos != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> bos.close();
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> Logger.getLogger(FileUtils.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> }
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> }
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> }
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> }
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> }
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> }
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Exception reading archive '%s'."</span>, archive.getName());
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> Logger.getLogger(FileUtils.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, msg, ex);
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/ExtractionException.html">ExtractionException</a>(msg, ex);
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> zis.close();
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> Logger.getLogger(FileUtils.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> }
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> }
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> }
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -78,351 +78,353 @@
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DATA_DIRECTORY = <span class="jxr_string">"data.directory"</span>;
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * The properties key for the path where the CPE Lucene Index will be</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * stored.</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * The location of the batch update URL. This is a zip file that</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * contains the contents of the data directory.</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CPE_DATA_DIRECTORY = <span class="jxr_string">"data.cpe"</span>;
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String BATCH_UPDATE_URL = <span class="jxr_string">"batch.update.url"</span>;
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * The properties key for the path where the CVE H2 database will be</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * The properties key for the path where the CPE Lucene Index will be</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * stored.</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_DATA_DIRECTORY = <span class="jxr_string">"data.cve"</span>;
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CPE_DATA_DIRECTORY = <span class="jxr_string">"data.cpe"</span>;
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * The properties key for the URL to the CPE.</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CPE_URL = <span class="jxr_string">"cpe.url"</span>;
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> * The properties key for the URL to the CPE.</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CPE_META_URL = <span class="jxr_string">"cpe.meta.url"</span>;
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the "meta" data from about</em>
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment"> * the CVE entries.</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_META_URL = <span class="jxr_string">"cve.url.meta"</span>;
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the recently modified and</em>
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment"> * added CVE entries (last 8 days) using the 2.0 schema.</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_MODIFIED_20_URL = <span class="jxr_string">"cve.url-2.0.modified"</span>;
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the recently modified and</em>
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment"> * added CVE entries (last 8 days) using the 1.2 schema.</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_MODIFIED_12_URL = <span class="jxr_string">"cve.url-1.2.modified"</span>;
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the recently modified and</em>
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <em class="jxr_javadoccomment"> * added CVE entries (last 8 days).</em>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_MODIFIED_VALID_FOR_DAYS = <span class="jxr_string">"cve.url.modified.validfordays"</span>;
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <em class="jxr_javadoccomment"> * The properties key for the telling us how many cvr.url.* URLs exists.</em>
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <em class="jxr_javadoccomment"> * This is used in combination with CVE_BASE_URL to be able to retrieve</em>
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <em class="jxr_javadoccomment"> * the URLs for all of the files that make up the NVD CVE listing.</em>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_START_YEAR = <span class="jxr_string">"cve.startyear"</span>;
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_javadoccomment"> * The properties key for the CVE schema version 1.2.</em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_SCHEMA_1_2 = <span class="jxr_string">"cve.url-1.2.base"</span>;
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment"> * The properties key for the CVE schema version 2.0.</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_SCHEMA_2_0 = <span class="jxr_string">"cve.url-2.0.base"</span>;
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <em class="jxr_javadoccomment"> * The properties key for the proxy url.</em>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROXY_URL = <span class="jxr_string">"proxy.url"</span>;
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <em class="jxr_javadoccomment"> * The properties key for the proxy port - this must be an integer</em>
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment"> * value.</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROXY_PORT = <span class="jxr_string">"proxy.port"</span>;
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment"> * The properties key for the connection timeout.</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CONNECTION_TIMEOUT = <span class="jxr_string">"connection.timeout"</span>;
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> <em class="jxr_javadoccomment"> * The location of the temporary directory.</em>
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TEMP_DIRECTORY = <span class="jxr_string">"temp.directory"</span>;
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> }
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_javadoccomment"> * The properties file location.</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROPERTIES_FILE = <span class="jxr_string">"dependencycheck.properties"</span>;
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment"> * The singleton instance variable.</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/utils/Settings.html">Settings</a> INSTANCE = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/Settings.html">Settings</a>();
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a> <em class="jxr_javadoccomment"> * The properties.</em>
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <strong class="jxr_keyword">private</strong> Properties props = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <em class="jxr_javadoccomment"> * Private constructor for the Settings class. This class loads the</em>
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> <em class="jxr_javadoccomment"> * properties files.</em>
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/Settings.html">Settings</a>() {
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> InputStream in = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> props = <strong class="jxr_keyword">new</strong> Properties();
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> in = <strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> props.load(in);
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <span class="jxr_string">"Unable to load default settings."</span>);
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> <strong class="jxr_keyword">if</strong> (in != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> in.close();
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> }
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a> }
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> }
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> }
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment"> * Sets a property value.</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <em class="jxr_javadoccomment"> * @param key the key for the property</em>
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> <em class="jxr_javadoccomment"> * @param value the value for the property</em>
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> setString(String key, String value) {
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> INSTANCE.props.setProperty(key, value);
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> }
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a>
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <em class="jxr_javadoccomment"> * Sets a property value.</em>
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> <em class="jxr_javadoccomment"> * @param key the key for the property</em>
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> <em class="jxr_javadoccomment"> * @param value the value for the property</em>
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> setBoolean(String key, <strong class="jxr_keyword">boolean</strong> value) {
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> <strong class="jxr_keyword">if</strong> (value) {
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> INSTANCE.props.setProperty(key, Boolean.TRUE.toString());
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a> INSTANCE.props.setProperty(key, Boolean.FALSE.toString());
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> }
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> }
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_javadoccomment"> * Merges a new properties file into the current properties. This method</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_javadoccomment"> * allows for the loading of a user provided properties file.<br/><br/></em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_javadoccomment"> * Note: even if using this method - system properties will be loaded before</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <em class="jxr_javadoccomment"> * properties loaded from files.</em>
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <em class="jxr_javadoccomment"> * @param filePath the path to the properties file to merge.</em>
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> <em class="jxr_javadoccomment"> * @throws FileNotFoundException is thrown when the filePath points to a</em>
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <em class="jxr_javadoccomment"> * non-existent file</em>
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown when there is an exception loading/merging</em>
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <em class="jxr_javadoccomment"> * the properties</em>
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> mergeProperties(String filePath) <strong class="jxr_keyword">throws</strong> FileNotFoundException, IOException {
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a> <strong class="jxr_keyword">final</strong> FileInputStream fis = <strong class="jxr_keyword">new</strong> FileInputStream(filePath);
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> mergeProperties(fis);
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> }
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a>
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment"> * Merges a new properties file into the current properties. This method</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> * allows for the loading of a user provided properties file.<br/><br/></em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> * Note: even if using this method - system properties will be loaded before</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> * properties loaded from files.</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <em class="jxr_javadoccomment"> * @param stream an Input Stream pointing at a properties file to merge</em>
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown when there is an exception loading/merging</em>
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> <em class="jxr_javadoccomment"> * the properties</em>
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> mergeProperties(InputStream stream) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> INSTANCE.props.load(stream);
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> }
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file as a File object. If the value</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <em class="jxr_javadoccomment"> * was specified as a system property or passed in via the -Dprop=value</em>
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <em class="jxr_javadoccomment"> * argument - this method will return the value from the system properties</em>
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <em class="jxr_javadoccomment"> * before the values in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * The properties key for the path where the CVE H2 database will be</em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> * stored.</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_DATA_DIRECTORY = <span class="jxr_string">"data.cve"</span>;
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the "meta" data from about</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <em class="jxr_javadoccomment"> * the CVE entries.</em>
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_META_URL = <span class="jxr_string">"cve.url.meta"</span>;
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the recently modified and</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <em class="jxr_javadoccomment"> * added CVE entries (last 8 days) using the 2.0 schema.</em>
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_MODIFIED_20_URL = <span class="jxr_string">"cve.url-2.0.modified"</span>;
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the recently modified and</em>
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> <em class="jxr_javadoccomment"> * added CVE entries (last 8 days) using the 1.2 schema.</em>
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_MODIFIED_12_URL = <span class="jxr_string">"cve.url-1.2.modified"</span>;
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <em class="jxr_javadoccomment"> * The properties key for the URL to retrieve the recently modified and</em>
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <em class="jxr_javadoccomment"> * added CVE entries (last 8 days).</em>
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_MODIFIED_VALID_FOR_DAYS = <span class="jxr_string">"cve.url.modified.validfordays"</span>;
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <em class="jxr_javadoccomment"> * The properties key for the telling us how many cvr.url.* URLs exists.</em>
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> <em class="jxr_javadoccomment"> * This is used in combination with CVE_BASE_URL to be able to retrieve</em>
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> <em class="jxr_javadoccomment"> * the URLs for all of the files that make up the NVD CVE listing.</em>
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_START_YEAR = <span class="jxr_string">"cve.startyear"</span>;
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="112" href="#112">112</a> <em class="jxr_javadoccomment"> * The properties key for the CVE schema version 1.2.</em>
|
||||
<a class="jxr_linenumber" name="113" href="#113">113</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="114" href="#114">114</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_SCHEMA_1_2 = <span class="jxr_string">"cve.url-1.2.base"</span>;
|
||||
<a class="jxr_linenumber" name="115" href="#115">115</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="116" href="#116">116</a> <em class="jxr_javadoccomment"> * The properties key for the CVE schema version 2.0.</em>
|
||||
<a class="jxr_linenumber" name="117" href="#117">117</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="118" href="#118">118</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CVE_SCHEMA_2_0 = <span class="jxr_string">"cve.url-2.0.base"</span>;
|
||||
<a class="jxr_linenumber" name="119" href="#119">119</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="120" href="#120">120</a> <em class="jxr_javadoccomment"> * The properties key for the proxy url.</em>
|
||||
<a class="jxr_linenumber" name="121" href="#121">121</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="122" href="#122">122</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROXY_URL = <span class="jxr_string">"proxy.url"</span>;
|
||||
<a class="jxr_linenumber" name="123" href="#123">123</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="124" href="#124">124</a> <em class="jxr_javadoccomment"> * The properties key for the proxy port - this must be an integer</em>
|
||||
<a class="jxr_linenumber" name="125" href="#125">125</a> <em class="jxr_javadoccomment"> * value.</em>
|
||||
<a class="jxr_linenumber" name="126" href="#126">126</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="127" href="#127">127</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROXY_PORT = <span class="jxr_string">"proxy.port"</span>;
|
||||
<a class="jxr_linenumber" name="128" href="#128">128</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="129" href="#129">129</a> <em class="jxr_javadoccomment"> * The properties key for the connection timeout.</em>
|
||||
<a class="jxr_linenumber" name="130" href="#130">130</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="131" href="#131">131</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String CONNECTION_TIMEOUT = <span class="jxr_string">"connection.timeout"</span>;
|
||||
<a class="jxr_linenumber" name="132" href="#132">132</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="133" href="#133">133</a> <em class="jxr_javadoccomment"> * The location of the temporary directory.</em>
|
||||
<a class="jxr_linenumber" name="134" href="#134">134</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="135" href="#135">135</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TEMP_DIRECTORY = <span class="jxr_string">"temp.directory"</span>;
|
||||
<a class="jxr_linenumber" name="136" href="#136">136</a> }
|
||||
<a class="jxr_linenumber" name="137" href="#137">137</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="138" href="#138">138</a> <em class="jxr_javadoccomment"> * The properties file location.</em>
|
||||
<a class="jxr_linenumber" name="139" href="#139">139</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="140" href="#140">140</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PROPERTIES_FILE = <span class="jxr_string">"dependencycheck.properties"</span>;
|
||||
<a class="jxr_linenumber" name="141" href="#141">141</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="142" href="#142">142</a> <em class="jxr_javadoccomment"> * The singleton instance variable.</em>
|
||||
<a class="jxr_linenumber" name="143" href="#143">143</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="144" href="#144">144</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/utils/Settings.html">Settings</a> INSTANCE = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/Settings.html">Settings</a>();
|
||||
<a class="jxr_linenumber" name="145" href="#145">145</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="146" href="#146">146</a> <em class="jxr_javadoccomment"> * The properties.</em>
|
||||
<a class="jxr_linenumber" name="147" href="#147">147</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="148" href="#148">148</a> <strong class="jxr_keyword">private</strong> Properties props = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="149" href="#149">149</a>
|
||||
<a class="jxr_linenumber" name="150" href="#150">150</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="151" href="#151">151</a> <em class="jxr_javadoccomment"> * Private constructor for the Settings class. This class loads the</em>
|
||||
<a class="jxr_linenumber" name="152" href="#152">152</a> <em class="jxr_javadoccomment"> * properties files.</em>
|
||||
<a class="jxr_linenumber" name="153" href="#153">153</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="154" href="#154">154</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/Settings.html">Settings</a>() {
|
||||
<a class="jxr_linenumber" name="155" href="#155">155</a> InputStream in = <strong class="jxr_keyword">null</strong>;
|
||||
<a class="jxr_linenumber" name="156" href="#156">156</a> props = <strong class="jxr_keyword">new</strong> Properties();
|
||||
<a class="jxr_linenumber" name="157" href="#157">157</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="158" href="#158">158</a> in = <strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
|
||||
<a class="jxr_linenumber" name="159" href="#159">159</a> props.load(in);
|
||||
<a class="jxr_linenumber" name="160" href="#160">160</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="161" href="#161">161</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <span class="jxr_string">"Unable to load default settings."</span>);
|
||||
<a class="jxr_linenumber" name="162" href="#162">162</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="163" href="#163">163</a> } <strong class="jxr_keyword">finally</strong> {
|
||||
<a class="jxr_linenumber" name="164" href="#164">164</a> <strong class="jxr_keyword">if</strong> (in != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="165" href="#165">165</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="166" href="#166">166</a> in.close();
|
||||
<a class="jxr_linenumber" name="167" href="#167">167</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
|
||||
<a class="jxr_linenumber" name="168" href="#168">168</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="169" href="#169">169</a> }
|
||||
<a class="jxr_linenumber" name="170" href="#170">170</a> }
|
||||
<a class="jxr_linenumber" name="171" href="#171">171</a> }
|
||||
<a class="jxr_linenumber" name="172" href="#172">172</a> }
|
||||
<a class="jxr_linenumber" name="173" href="#173">173</a>
|
||||
<a class="jxr_linenumber" name="174" href="#174">174</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="175" href="#175">175</a> <em class="jxr_javadoccomment"> * Sets a property value.</em>
|
||||
<a class="jxr_linenumber" name="176" href="#176">176</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="177" href="#177">177</a> <em class="jxr_javadoccomment"> * @param key the key for the property</em>
|
||||
<a class="jxr_linenumber" name="178" href="#178">178</a> <em class="jxr_javadoccomment"> * @param value the value for the property</em>
|
||||
<a class="jxr_linenumber" name="179" href="#179">179</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="180" href="#180">180</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> setString(String key, String value) {
|
||||
<a class="jxr_linenumber" name="181" href="#181">181</a> INSTANCE.props.setProperty(key, value);
|
||||
<a class="jxr_linenumber" name="182" href="#182">182</a> }
|
||||
<a class="jxr_linenumber" name="183" href="#183">183</a>
|
||||
<a class="jxr_linenumber" name="184" href="#184">184</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="185" href="#185">185</a> <em class="jxr_javadoccomment"> * Sets a property value.</em>
|
||||
<a class="jxr_linenumber" name="186" href="#186">186</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="187" href="#187">187</a> <em class="jxr_javadoccomment"> * @param key the key for the property</em>
|
||||
<a class="jxr_linenumber" name="188" href="#188">188</a> <em class="jxr_javadoccomment"> * @param value the value for the property</em>
|
||||
<a class="jxr_linenumber" name="189" href="#189">189</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="190" href="#190">190</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> setBoolean(String key, <strong class="jxr_keyword">boolean</strong> value) {
|
||||
<a class="jxr_linenumber" name="191" href="#191">191</a> <strong class="jxr_keyword">if</strong> (value) {
|
||||
<a class="jxr_linenumber" name="192" href="#192">192</a> INSTANCE.props.setProperty(key, Boolean.TRUE.toString());
|
||||
<a class="jxr_linenumber" name="193" href="#193">193</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="194" href="#194">194</a> INSTANCE.props.setProperty(key, Boolean.FALSE.toString());
|
||||
<a class="jxr_linenumber" name="195" href="#195">195</a> }
|
||||
<a class="jxr_linenumber" name="196" href="#196">196</a> }
|
||||
<a class="jxr_linenumber" name="197" href="#197">197</a>
|
||||
<a class="jxr_linenumber" name="198" href="#198">198</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="199" href="#199">199</a> <em class="jxr_javadoccomment"> * Merges a new properties file into the current properties. This method</em>
|
||||
<a class="jxr_linenumber" name="200" href="#200">200</a> <em class="jxr_javadoccomment"> * allows for the loading of a user provided properties file.<br/><br/></em>
|
||||
<a class="jxr_linenumber" name="201" href="#201">201</a> <em class="jxr_javadoccomment"> * Note: even if using this method - system properties will be loaded before</em>
|
||||
<a class="jxr_linenumber" name="202" href="#202">202</a> <em class="jxr_javadoccomment"> * properties loaded from files.</em>
|
||||
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_javadoccomment"> * @param filePath the path to the properties file to merge.</em>
|
||||
<a class="jxr_linenumber" name="205" href="#205">205</a> <em class="jxr_javadoccomment"> * @throws FileNotFoundException is thrown when the filePath points to a</em>
|
||||
<a class="jxr_linenumber" name="206" href="#206">206</a> <em class="jxr_javadoccomment"> * non-existent file</em>
|
||||
<a class="jxr_linenumber" name="207" href="#207">207</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown when there is an exception loading/merging</em>
|
||||
<a class="jxr_linenumber" name="208" href="#208">208</a> <em class="jxr_javadoccomment"> * the properties</em>
|
||||
<a class="jxr_linenumber" name="209" href="#209">209</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="210" href="#210">210</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> mergeProperties(String filePath) <strong class="jxr_keyword">throws</strong> FileNotFoundException, IOException {
|
||||
<a class="jxr_linenumber" name="211" href="#211">211</a> <strong class="jxr_keyword">final</strong> FileInputStream fis = <strong class="jxr_keyword">new</strong> FileInputStream(filePath);
|
||||
<a class="jxr_linenumber" name="212" href="#212">212</a> mergeProperties(fis);
|
||||
<a class="jxr_linenumber" name="213" href="#213">213</a> }
|
||||
<a class="jxr_linenumber" name="214" href="#214">214</a>
|
||||
<a class="jxr_linenumber" name="215" href="#215">215</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="216" href="#216">216</a> <em class="jxr_javadoccomment"> * Merges a new properties file into the current properties. This method</em>
|
||||
<a class="jxr_linenumber" name="217" href="#217">217</a> <em class="jxr_javadoccomment"> * allows for the loading of a user provided properties file.<br/><br/></em>
|
||||
<a class="jxr_linenumber" name="218" href="#218">218</a> <em class="jxr_javadoccomment"> * Note: even if using this method - system properties will be loaded before</em>
|
||||
<a class="jxr_linenumber" name="219" href="#219">219</a> <em class="jxr_javadoccomment"> * properties loaded from files.</em>
|
||||
<a class="jxr_linenumber" name="220" href="#220">220</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="221" href="#221">221</a> <em class="jxr_javadoccomment"> * @param stream an Input Stream pointing at a properties file to merge</em>
|
||||
<a class="jxr_linenumber" name="222" href="#222">222</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown when there is an exception loading/merging</em>
|
||||
<a class="jxr_linenumber" name="223" href="#223">223</a> <em class="jxr_javadoccomment"> * the properties</em>
|
||||
<a class="jxr_linenumber" name="224" href="#224">224</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="225" href="#225">225</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> mergeProperties(InputStream stream) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="226" href="#226">226</a> INSTANCE.props.load(stream);
|
||||
<a class="jxr_linenumber" name="227" href="#227">227</a> }
|
||||
<a class="jxr_linenumber" name="228" href="#228">228</a>
|
||||
<a class="jxr_linenumber" name="229" href="#229">229</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="230" href="#230">230</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file as a File object. If the value</em>
|
||||
<a class="jxr_linenumber" name="231" href="#231">231</a> <em class="jxr_javadoccomment"> * was specified as a system property or passed in via the -Dprop=value</em>
|
||||
<a class="jxr_linenumber" name="232" href="#232">232</a> <em class="jxr_javadoccomment"> * argument - this method will return the value from the system properties</em>
|
||||
<a class="jxr_linenumber" name="233" href="#233">233</a> <em class="jxr_javadoccomment"> * before the values in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="234" href="#234">234</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="235" href="#235">235</a> <em class="jxr_javadoccomment"> * This method will also replace a leading "[JAR]\" sequence with the path</em>
|
||||
<a class="jxr_linenumber" name="236" href="#236">236</a> <em class="jxr_javadoccomment"> * to the folder containing the JAR file containing this class.</em>
|
||||
<a class="jxr_linenumber" name="237" href="#237">237</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="238" href="#238">238</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <em class="jxr_javadoccomment"> * @param defaultValue the default value for the requested property</em>
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> <em class="jxr_javadoccomment"> * @return the property from the properties file as a File object</em>
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getFile(String key, String defaultValue) {
|
||||
<a class="jxr_linenumber" name="239" href="#239">239</a> <em class="jxr_javadoccomment"> * @return the property from the properties file converted to a File object</em>
|
||||
<a class="jxr_linenumber" name="240" href="#240">240</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="241" href="#241">241</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getFile(String key) {
|
||||
<a class="jxr_linenumber" name="242" href="#242">242</a> <strong class="jxr_keyword">final</strong> String file = getString(key);
|
||||
<a class="jxr_linenumber" name="243" href="#243">243</a> <strong class="jxr_keyword">final</strong> String baseDir = getString(Settings.KEYS.DATA_DIRECTORY);
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> <strong class="jxr_keyword">final</strong> String str = getString(key, defaultValue);
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <strong class="jxr_keyword">if</strong> (baseDir != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(baseDir, str);
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> }
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(str);
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> }
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a>
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file as a File object. If the value</em>
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> <em class="jxr_javadoccomment"> * was specified as a system property or passed in via the -Dprop=value</em>
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <em class="jxr_javadoccomment"> * argument - this method will return the value from the system properties</em>
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> <em class="jxr_javadoccomment"> * before the values in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> <em class="jxr_javadoccomment"> * This method will also replace a leading "[JAR]\" sequence with the path</em>
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <em class="jxr_javadoccomment"> * to the folder containing the JAR file containing this class.</em>
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> <em class="jxr_javadoccomment"> * @return the property from the properties file converted to a File object</em>
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> <em class="jxr_javadoccomment"> * @throws IOException thrown if the file path to the JAR cannot be found</em>
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getFile(String key) <strong class="jxr_keyword">throws</strong> IOException {
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <strong class="jxr_keyword">final</strong> String file = getString(key);
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> <strong class="jxr_keyword">final</strong> String baseDir = getString(Settings.KEYS.DATA_DIRECTORY);
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> <strong class="jxr_keyword">if</strong> (baseDir != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> <strong class="jxr_keyword">if</strong> (baseDir.startsWith(<span class="jxr_string">"[JAR]/"</span>)) {
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a> <strong class="jxr_keyword">final</strong> File jarPath = getJarPath();
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> <strong class="jxr_keyword">final</strong> File newBase = <strong class="jxr_keyword">new</strong> File(jarPath.getCanonicalPath(), baseDir.substring(6));
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(newBase, file);
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> }
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(baseDir, file);
|
||||
<a class="jxr_linenumber" name="244" href="#244">244</a> <strong class="jxr_keyword">if</strong> (baseDir != <strong class="jxr_keyword">null</strong>) {
|
||||
<a class="jxr_linenumber" name="245" href="#245">245</a> <strong class="jxr_keyword">if</strong> (baseDir.startsWith(<span class="jxr_string">"[JAR]/"</span>)) {
|
||||
<a class="jxr_linenumber" name="246" href="#246">246</a> <strong class="jxr_keyword">final</strong> File jarPath = getJarPath();
|
||||
<a class="jxr_linenumber" name="247" href="#247">247</a> <strong class="jxr_keyword">final</strong> File newBase = <strong class="jxr_keyword">new</strong> File(jarPath, baseDir.substring(6));
|
||||
<a class="jxr_linenumber" name="248" href="#248">248</a> <strong class="jxr_keyword">if</strong> (Settings.KEYS.DATA_DIRECTORY.equals(key)) {
|
||||
<a class="jxr_linenumber" name="249" href="#249">249</a> <strong class="jxr_keyword">return</strong> newBase;
|
||||
<a class="jxr_linenumber" name="250" href="#250">250</a> }
|
||||
<a class="jxr_linenumber" name="251" href="#251">251</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(newBase, file);
|
||||
<a class="jxr_linenumber" name="252" href="#252">252</a> }
|
||||
<a class="jxr_linenumber" name="253" href="#253">253</a> <strong class="jxr_keyword">if</strong> (Settings.KEYS.DATA_DIRECTORY.equals(key)) {
|
||||
<a class="jxr_linenumber" name="254" href="#254">254</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(baseDir);
|
||||
<a class="jxr_linenumber" name="255" href="#255">255</a> }
|
||||
<a class="jxr_linenumber" name="256" href="#256">256</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(baseDir, file);
|
||||
<a class="jxr_linenumber" name="257" href="#257">257</a> }
|
||||
<a class="jxr_linenumber" name="258" href="#258">258</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(file);
|
||||
<a class="jxr_linenumber" name="259" href="#259">259</a> }
|
||||
<a class="jxr_linenumber" name="260" href="#260">260</a>
|
||||
<a class="jxr_linenumber" name="261" href="#261">261</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="262" href="#262">262</a> <em class="jxr_javadoccomment"> * Attempts to retrieve the folder containing the Jar file containing the</em>
|
||||
<a class="jxr_linenumber" name="263" href="#263">263</a> <em class="jxr_javadoccomment"> * Settings class.</em>
|
||||
<a class="jxr_linenumber" name="264" href="#264">264</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="265" href="#265">265</a> <em class="jxr_javadoccomment"> * @return a File object</em>
|
||||
<a class="jxr_linenumber" name="266" href="#266">266</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="267" href="#267">267</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> File getJarPath() {
|
||||
<a class="jxr_linenumber" name="268" href="#268">268</a> <strong class="jxr_keyword">final</strong> String jarPath = Settings.<strong class="jxr_keyword">class</strong>.getProtectionDomain().getCodeSource().getLocation().getPath();
|
||||
<a class="jxr_linenumber" name="269" href="#269">269</a> String decodedPath = <span class="jxr_string">"."</span>;
|
||||
<a class="jxr_linenumber" name="270" href="#270">270</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="271" href="#271">271</a> decodedPath = URLDecoder.decode(jarPath, <span class="jxr_string">"UTF-8"</span>);
|
||||
<a class="jxr_linenumber" name="272" href="#272">272</a> } <strong class="jxr_keyword">catch</strong> (UnsupportedEncodingException ex) {
|
||||
<a class="jxr_linenumber" name="273" href="#273">273</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="274" href="#274">274</a> }
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(file);
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a> }
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a>
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> <em class="jxr_javadoccomment"> * Attempts to retrieve the folder containing the Jar file containing the</em>
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <em class="jxr_javadoccomment"> * Settings class.</em>
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> <em class="jxr_javadoccomment"> * @return a File object</em>
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> File getJarPath() {
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a> <strong class="jxr_keyword">final</strong> String jarPath = Settings.<strong class="jxr_keyword">class</strong>.getProtectionDomain().getCodeSource().getLocation().getPath();
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> String decodedPath = <span class="jxr_string">"."</span>;
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> decodedPath = URLDecoder.decode(jarPath, <span class="jxr_string">"UTF-8"</span>);
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> } <strong class="jxr_keyword">catch</strong> (UnsupportedEncodingException ex) {
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> }
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a>
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> <strong class="jxr_keyword">final</strong> File path = <strong class="jxr_keyword">new</strong> File(decodedPath);
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a> <strong class="jxr_keyword">if</strong> (path.getName().toLowerCase().endsWith(<span class="jxr_string">".jar"</span>)) {
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> <strong class="jxr_keyword">return</strong> path.getParentFile();
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(<span class="jxr_string">"."</span>);
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a> }
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> }
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a>
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file. If the value was specified as a</em>
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> <em class="jxr_javadoccomment"> * system property or passed in via the -Dprop=value argument - this method</em>
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> <em class="jxr_javadoccomment"> * will return the value from the system properties before the values in the</em>
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> <em class="jxr_javadoccomment"> * contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> <em class="jxr_javadoccomment"> * @param defaultValue the default value for the requested property</em>
|
||||
<a class="jxr_linenumber" name="309" href="#309">309</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="310" href="#310">310</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="311" href="#311">311</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> String getString(String key, String defaultValue) {
|
||||
<a class="jxr_linenumber" name="312" href="#312">312</a> <strong class="jxr_keyword">final</strong> String str = System.getProperty(key, INSTANCE.props.getProperty(key, defaultValue));
|
||||
<a class="jxr_linenumber" name="313" href="#313">313</a> <strong class="jxr_keyword">return</strong> str;
|
||||
<a class="jxr_linenumber" name="314" href="#314">314</a> }
|
||||
<a class="jxr_linenumber" name="315" href="#315">315</a>
|
||||
<a class="jxr_linenumber" name="316" href="#316">316</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="317" href="#317">317</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file. If the value was specified as a</em>
|
||||
<a class="jxr_linenumber" name="318" href="#318">318</a> <em class="jxr_javadoccomment"> * system property or passed in via the -Dprop=value argument - this method</em>
|
||||
<a class="jxr_linenumber" name="319" href="#319">319</a> <em class="jxr_javadoccomment"> * will return the value from the system properties before the values in the</em>
|
||||
<a class="jxr_linenumber" name="320" href="#320">320</a> <em class="jxr_javadoccomment"> * contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="321" href="#321">321</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="322" href="#322">322</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="323" href="#323">323</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="324" href="#324">324</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="325" href="#325">325</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> String getString(String key) {
|
||||
<a class="jxr_linenumber" name="326" href="#326">326</a> <strong class="jxr_keyword">return</strong> System.getProperty(key, INSTANCE.props.getProperty(key));
|
||||
<a class="jxr_linenumber" name="327" href="#327">327</a> }
|
||||
<a class="jxr_linenumber" name="328" href="#328">328</a>
|
||||
<a class="jxr_linenumber" name="329" href="#329">329</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="330" href="#330">330</a> <em class="jxr_javadoccomment"> * Returns an int value from the properties file. If the value was specified</em>
|
||||
<a class="jxr_linenumber" name="331" href="#331">331</a> <em class="jxr_javadoccomment"> * as a system property or passed in via the -Dprop=value argument - this</em>
|
||||
<a class="jxr_linenumber" name="332" href="#332">332</a> <em class="jxr_javadoccomment"> * method will return the value from the system properties before the values</em>
|
||||
<a class="jxr_linenumber" name="333" href="#333">333</a> <em class="jxr_javadoccomment"> * in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="334" href="#334">334</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="335" href="#335">335</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="336" href="#336">336</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="337" href="#337">337</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException is thrown if there is an error retrieving</em>
|
||||
<a class="jxr_linenumber" name="338" href="#338">338</a> <em class="jxr_javadoccomment"> * the setting</em>
|
||||
<a class="jxr_linenumber" name="339" href="#339">339</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="340" href="#340">340</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> getInt(String key) <strong class="jxr_keyword">throws</strong> InvalidSettingException {
|
||||
<a class="jxr_linenumber" name="341" href="#341">341</a> <strong class="jxr_keyword">int</strong> value;
|
||||
<a class="jxr_linenumber" name="342" href="#342">342</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="343" href="#343">343</a> value = Integer.parseInt(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="344" href="#344">344</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="345" href="#345">345</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(<span class="jxr_string">"Could not convert property '"</span> + key + <span class="jxr_string">"' to an int."</span>, ex);
|
||||
<a class="jxr_linenumber" name="346" href="#346">346</a> }
|
||||
<a class="jxr_linenumber" name="347" href="#347">347</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="348" href="#348">348</a> }
|
||||
<a class="jxr_linenumber" name="349" href="#349">349</a>
|
||||
<a class="jxr_linenumber" name="350" href="#350">350</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="351" href="#351">351</a> <em class="jxr_javadoccomment"> * Returns an int value from the properties file. If the value was specified</em>
|
||||
<a class="jxr_linenumber" name="352" href="#352">352</a> <em class="jxr_javadoccomment"> * as a system property or passed in via the -Dprop=value argument - this</em>
|
||||
<a class="jxr_linenumber" name="353" href="#353">353</a> <em class="jxr_javadoccomment"> * method will return the value from the system properties before the values</em>
|
||||
<a class="jxr_linenumber" name="354" href="#354">354</a> <em class="jxr_javadoccomment"> * in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="355" href="#355">355</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="356" href="#356">356</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="357" href="#357">357</a> <em class="jxr_javadoccomment"> * @param defaultValue the default value to return</em>
|
||||
<a class="jxr_linenumber" name="358" href="#358">358</a> <em class="jxr_javadoccomment"> * @return the property from the properties file or the defaultValue if the</em>
|
||||
<a class="jxr_linenumber" name="359" href="#359">359</a> <em class="jxr_javadoccomment"> * property does not exist or cannot be converted to an integer</em>
|
||||
<a class="jxr_linenumber" name="360" href="#360">360</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="361" href="#361">361</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> getInt(String key, <strong class="jxr_keyword">int</strong> defaultValue) {
|
||||
<a class="jxr_linenumber" name="362" href="#362">362</a> <strong class="jxr_keyword">int</strong> value;
|
||||
<a class="jxr_linenumber" name="363" href="#363">363</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="364" href="#364">364</a> value = Integer.parseInt(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="365" href="#365">365</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="366" href="#366">366</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Could not convert property '%s' to an int."</span>, key);
|
||||
<a class="jxr_linenumber" name="367" href="#367">367</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, msg, ex);
|
||||
<a class="jxr_linenumber" name="368" href="#368">368</a> value = defaultValue;
|
||||
<a class="jxr_linenumber" name="369" href="#369">369</a> }
|
||||
<a class="jxr_linenumber" name="370" href="#370">370</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="371" href="#371">371</a> }
|
||||
<a class="jxr_linenumber" name="372" href="#372">372</a>
|
||||
<a class="jxr_linenumber" name="373" href="#373">373</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="374" href="#374">374</a> <em class="jxr_javadoccomment"> * Returns a long value from the properties file. If the value was specified</em>
|
||||
<a class="jxr_linenumber" name="375" href="#375">375</a> <em class="jxr_javadoccomment"> * as a system property or passed in via the -Dprop=value argument - this</em>
|
||||
<a class="jxr_linenumber" name="376" href="#376">376</a> <em class="jxr_javadoccomment"> * method will return the value from the system properties before the values</em>
|
||||
<a class="jxr_linenumber" name="377" href="#377">377</a> <em class="jxr_javadoccomment"> * in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="378" href="#378">378</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="379" href="#379">379</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="380" href="#380">380</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="381" href="#381">381</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException is thrown if there is an error retrieving</em>
|
||||
<a class="jxr_linenumber" name="382" href="#382">382</a> <em class="jxr_javadoccomment"> * the setting</em>
|
||||
<a class="jxr_linenumber" name="383" href="#383">383</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="384" href="#384">384</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">long</strong> getLong(String key) <strong class="jxr_keyword">throws</strong> InvalidSettingException {
|
||||
<a class="jxr_linenumber" name="385" href="#385">385</a> <strong class="jxr_keyword">long</strong> value;
|
||||
<a class="jxr_linenumber" name="386" href="#386">386</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="387" href="#387">387</a> value = Long.parseLong(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="388" href="#388">388</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="389" href="#389">389</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(<span class="jxr_string">"Could not convert property '"</span> + key + <span class="jxr_string">"' to an int."</span>, ex);
|
||||
<a class="jxr_linenumber" name="390" href="#390">390</a> }
|
||||
<a class="jxr_linenumber" name="391" href="#391">391</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="392" href="#392">392</a> }
|
||||
<a class="jxr_linenumber" name="393" href="#393">393</a>
|
||||
<a class="jxr_linenumber" name="394" href="#394">394</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="395" href="#395">395</a> <em class="jxr_javadoccomment"> * Returns a boolean value from the properties file. If the value was</em>
|
||||
<a class="jxr_linenumber" name="396" href="#396">396</a> <em class="jxr_javadoccomment"> * specified as a system property or passed in via the</em>
|
||||
<a class="jxr_linenumber" name="397" href="#397">397</a> <em class="jxr_javadoccomment"> * <code>-Dprop=value</code> argument this method will return the value from</em>
|
||||
<a class="jxr_linenumber" name="398" href="#398">398</a> <em class="jxr_javadoccomment"> * the system properties before the values in the contained configuration</em>
|
||||
<a class="jxr_linenumber" name="399" href="#399">399</a> <em class="jxr_javadoccomment"> * file.</em>
|
||||
<a class="jxr_linenumber" name="400" href="#400">400</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="401" href="#401">401</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="402" href="#402">402</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="403" href="#403">403</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException is thrown if there is an error retrieving</em>
|
||||
<a class="jxr_linenumber" name="404" href="#404">404</a> <em class="jxr_javadoccomment"> * the setting</em>
|
||||
<a class="jxr_linenumber" name="405" href="#405">405</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="406" href="#406">406</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">boolean</strong> getBoolean(String key) <strong class="jxr_keyword">throws</strong> InvalidSettingException {
|
||||
<a class="jxr_linenumber" name="407" href="#407">407</a> <strong class="jxr_keyword">boolean</strong> value;
|
||||
<a class="jxr_linenumber" name="408" href="#408">408</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="409" href="#409">409</a> value = Boolean.parseBoolean(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="410" href="#410">410</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="411" href="#411">411</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(<span class="jxr_string">"Could not convert property '"</span> + key + <span class="jxr_string">"' to an int."</span>, ex);
|
||||
<a class="jxr_linenumber" name="412" href="#412">412</a> }
|
||||
<a class="jxr_linenumber" name="413" href="#413">413</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="414" href="#414">414</a> }
|
||||
<a class="jxr_linenumber" name="415" href="#415">415</a> }
|
||||
<a class="jxr_linenumber" name="275" href="#275">275</a>
|
||||
<a class="jxr_linenumber" name="276" href="#276">276</a> <strong class="jxr_keyword">final</strong> File path = <strong class="jxr_keyword">new</strong> File(decodedPath);
|
||||
<a class="jxr_linenumber" name="277" href="#277">277</a> <strong class="jxr_keyword">if</strong> (path.getName().toLowerCase().endsWith(<span class="jxr_string">".jar"</span>)) {
|
||||
<a class="jxr_linenumber" name="278" href="#278">278</a> <strong class="jxr_keyword">return</strong> path.getParentFile();
|
||||
<a class="jxr_linenumber" name="279" href="#279">279</a> } <strong class="jxr_keyword">else</strong> {
|
||||
<a class="jxr_linenumber" name="280" href="#280">280</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(<span class="jxr_string">"."</span>);
|
||||
<a class="jxr_linenumber" name="281" href="#281">281</a> }
|
||||
<a class="jxr_linenumber" name="282" href="#282">282</a> }
|
||||
<a class="jxr_linenumber" name="283" href="#283">283</a>
|
||||
<a class="jxr_linenumber" name="284" href="#284">284</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="285" href="#285">285</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file. If the value was specified as a</em>
|
||||
<a class="jxr_linenumber" name="286" href="#286">286</a> <em class="jxr_javadoccomment"> * system property or passed in via the -Dprop=value argument - this method</em>
|
||||
<a class="jxr_linenumber" name="287" href="#287">287</a> <em class="jxr_javadoccomment"> * will return the value from the system properties before the values in the</em>
|
||||
<a class="jxr_linenumber" name="288" href="#288">288</a> <em class="jxr_javadoccomment"> * contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="289" href="#289">289</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="290" href="#290">290</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="291" href="#291">291</a> <em class="jxr_javadoccomment"> * @param defaultValue the default value for the requested property</em>
|
||||
<a class="jxr_linenumber" name="292" href="#292">292</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="293" href="#293">293</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="294" href="#294">294</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> String getString(String key, String defaultValue) {
|
||||
<a class="jxr_linenumber" name="295" href="#295">295</a> <strong class="jxr_keyword">final</strong> String str = System.getProperty(key, INSTANCE.props.getProperty(key, defaultValue));
|
||||
<a class="jxr_linenumber" name="296" href="#296">296</a> <strong class="jxr_keyword">return</strong> str;
|
||||
<a class="jxr_linenumber" name="297" href="#297">297</a> }
|
||||
<a class="jxr_linenumber" name="298" href="#298">298</a>
|
||||
<a class="jxr_linenumber" name="299" href="#299">299</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="300" href="#300">300</a> <em class="jxr_javadoccomment"> * Returns the temporary directory.</em>
|
||||
<a class="jxr_linenumber" name="301" href="#301">301</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="302" href="#302">302</a> <em class="jxr_javadoccomment"> * @return the temporary directory</em>
|
||||
<a class="jxr_linenumber" name="303" href="#303">303</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="304" href="#304">304</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> File getTempDirectory() {
|
||||
<a class="jxr_linenumber" name="305" href="#305">305</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> File(Settings.getString(Settings.KEYS.TEMP_DIRECTORY, System.getProperty(<span class="jxr_string">"java.io.tmpdir"</span>)));
|
||||
<a class="jxr_linenumber" name="306" href="#306">306</a> }
|
||||
<a class="jxr_linenumber" name="307" href="#307">307</a>
|
||||
<a class="jxr_linenumber" name="308" href="#308">308</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="309" href="#309">309</a> <em class="jxr_javadoccomment"> * Returns a value from the properties file. If the value was specified as a</em>
|
||||
<a class="jxr_linenumber" name="310" href="#310">310</a> <em class="jxr_javadoccomment"> * system property or passed in via the -Dprop=value argument - this method</em>
|
||||
<a class="jxr_linenumber" name="311" href="#311">311</a> <em class="jxr_javadoccomment"> * will return the value from the system properties before the values in the</em>
|
||||
<a class="jxr_linenumber" name="312" href="#312">312</a> <em class="jxr_javadoccomment"> * contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="313" href="#313">313</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="314" href="#314">314</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="315" href="#315">315</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="316" href="#316">316</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="317" href="#317">317</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> String getString(String key) {
|
||||
<a class="jxr_linenumber" name="318" href="#318">318</a> <strong class="jxr_keyword">return</strong> System.getProperty(key, INSTANCE.props.getProperty(key));
|
||||
<a class="jxr_linenumber" name="319" href="#319">319</a> }
|
||||
<a class="jxr_linenumber" name="320" href="#320">320</a>
|
||||
<a class="jxr_linenumber" name="321" href="#321">321</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="322" href="#322">322</a> <em class="jxr_javadoccomment"> * Removes a property from the local properties collection. This is mainly</em>
|
||||
<a class="jxr_linenumber" name="323" href="#323">323</a> <em class="jxr_javadoccomment"> * used in test cases.</em>
|
||||
<a class="jxr_linenumber" name="324" href="#324">324</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="325" href="#325">325</a> <em class="jxr_javadoccomment"> * @param key the property key to remove</em>
|
||||
<a class="jxr_linenumber" name="326" href="#326">326</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="327" href="#327">327</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> removeProperty(String key) {
|
||||
<a class="jxr_linenumber" name="328" href="#328">328</a> INSTANCE.props.remove(key);
|
||||
<a class="jxr_linenumber" name="329" href="#329">329</a> }
|
||||
<a class="jxr_linenumber" name="330" href="#330">330</a>
|
||||
<a class="jxr_linenumber" name="331" href="#331">331</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="332" href="#332">332</a> <em class="jxr_javadoccomment"> * Returns an int value from the properties file. If the value was specified</em>
|
||||
<a class="jxr_linenumber" name="333" href="#333">333</a> <em class="jxr_javadoccomment"> * as a system property or passed in via the -Dprop=value argument - this</em>
|
||||
<a class="jxr_linenumber" name="334" href="#334">334</a> <em class="jxr_javadoccomment"> * method will return the value from the system properties before the values</em>
|
||||
<a class="jxr_linenumber" name="335" href="#335">335</a> <em class="jxr_javadoccomment"> * in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="336" href="#336">336</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="337" href="#337">337</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="338" href="#338">338</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="339" href="#339">339</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException is thrown if there is an error retrieving</em>
|
||||
<a class="jxr_linenumber" name="340" href="#340">340</a> <em class="jxr_javadoccomment"> * the setting</em>
|
||||
<a class="jxr_linenumber" name="341" href="#341">341</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="342" href="#342">342</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> getInt(String key) <strong class="jxr_keyword">throws</strong> InvalidSettingException {
|
||||
<a class="jxr_linenumber" name="343" href="#343">343</a> <strong class="jxr_keyword">int</strong> value;
|
||||
<a class="jxr_linenumber" name="344" href="#344">344</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="345" href="#345">345</a> value = Integer.parseInt(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="346" href="#346">346</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="347" href="#347">347</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(<span class="jxr_string">"Could not convert property '"</span> + key + <span class="jxr_string">"' to an int."</span>, ex);
|
||||
<a class="jxr_linenumber" name="348" href="#348">348</a> }
|
||||
<a class="jxr_linenumber" name="349" href="#349">349</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="350" href="#350">350</a> }
|
||||
<a class="jxr_linenumber" name="351" href="#351">351</a>
|
||||
<a class="jxr_linenumber" name="352" href="#352">352</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="353" href="#353">353</a> <em class="jxr_javadoccomment"> * Returns an int value from the properties file. If the value was specified</em>
|
||||
<a class="jxr_linenumber" name="354" href="#354">354</a> <em class="jxr_javadoccomment"> * as a system property or passed in via the -Dprop=value argument - this</em>
|
||||
<a class="jxr_linenumber" name="355" href="#355">355</a> <em class="jxr_javadoccomment"> * method will return the value from the system properties before the values</em>
|
||||
<a class="jxr_linenumber" name="356" href="#356">356</a> <em class="jxr_javadoccomment"> * in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="357" href="#357">357</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="358" href="#358">358</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="359" href="#359">359</a> <em class="jxr_javadoccomment"> * @param defaultValue the default value to return</em>
|
||||
<a class="jxr_linenumber" name="360" href="#360">360</a> <em class="jxr_javadoccomment"> * @return the property from the properties file or the defaultValue if the</em>
|
||||
<a class="jxr_linenumber" name="361" href="#361">361</a> <em class="jxr_javadoccomment"> * property does not exist or cannot be converted to an integer</em>
|
||||
<a class="jxr_linenumber" name="362" href="#362">362</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="363" href="#363">363</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">int</strong> getInt(String key, <strong class="jxr_keyword">int</strong> defaultValue) {
|
||||
<a class="jxr_linenumber" name="364" href="#364">364</a> <strong class="jxr_keyword">int</strong> value;
|
||||
<a class="jxr_linenumber" name="365" href="#365">365</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="366" href="#366">366</a> value = Integer.parseInt(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="367" href="#367">367</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="368" href="#368">368</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Could not convert property '%s' to an int."</span>, key);
|
||||
<a class="jxr_linenumber" name="369" href="#369">369</a> Logger.getLogger(Settings.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, msg, ex);
|
||||
<a class="jxr_linenumber" name="370" href="#370">370</a> value = defaultValue;
|
||||
<a class="jxr_linenumber" name="371" href="#371">371</a> }
|
||||
<a class="jxr_linenumber" name="372" href="#372">372</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="373" href="#373">373</a> }
|
||||
<a class="jxr_linenumber" name="374" href="#374">374</a>
|
||||
<a class="jxr_linenumber" name="375" href="#375">375</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="376" href="#376">376</a> <em class="jxr_javadoccomment"> * Returns a long value from the properties file. If the value was specified</em>
|
||||
<a class="jxr_linenumber" name="377" href="#377">377</a> <em class="jxr_javadoccomment"> * as a system property or passed in via the -Dprop=value argument - this</em>
|
||||
<a class="jxr_linenumber" name="378" href="#378">378</a> <em class="jxr_javadoccomment"> * method will return the value from the system properties before the values</em>
|
||||
<a class="jxr_linenumber" name="379" href="#379">379</a> <em class="jxr_javadoccomment"> * in the contained configuration file.</em>
|
||||
<a class="jxr_linenumber" name="380" href="#380">380</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="381" href="#381">381</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="382" href="#382">382</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="383" href="#383">383</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException is thrown if there is an error retrieving</em>
|
||||
<a class="jxr_linenumber" name="384" href="#384">384</a> <em class="jxr_javadoccomment"> * the setting</em>
|
||||
<a class="jxr_linenumber" name="385" href="#385">385</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="386" href="#386">386</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">long</strong> getLong(String key) <strong class="jxr_keyword">throws</strong> InvalidSettingException {
|
||||
<a class="jxr_linenumber" name="387" href="#387">387</a> <strong class="jxr_keyword">long</strong> value;
|
||||
<a class="jxr_linenumber" name="388" href="#388">388</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="389" href="#389">389</a> value = Long.parseLong(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="390" href="#390">390</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="391" href="#391">391</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(<span class="jxr_string">"Could not convert property '"</span> + key + <span class="jxr_string">"' to an int."</span>, ex);
|
||||
<a class="jxr_linenumber" name="392" href="#392">392</a> }
|
||||
<a class="jxr_linenumber" name="393" href="#393">393</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="394" href="#394">394</a> }
|
||||
<a class="jxr_linenumber" name="395" href="#395">395</a>
|
||||
<a class="jxr_linenumber" name="396" href="#396">396</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="397" href="#397">397</a> <em class="jxr_javadoccomment"> * Returns a boolean value from the properties file. If the value was</em>
|
||||
<a class="jxr_linenumber" name="398" href="#398">398</a> <em class="jxr_javadoccomment"> * specified as a system property or passed in via the</em>
|
||||
<a class="jxr_linenumber" name="399" href="#399">399</a> <em class="jxr_javadoccomment"> * <code>-Dprop=value</code> argument this method will return the value from</em>
|
||||
<a class="jxr_linenumber" name="400" href="#400">400</a> <em class="jxr_javadoccomment"> * the system properties before the values in the contained configuration</em>
|
||||
<a class="jxr_linenumber" name="401" href="#401">401</a> <em class="jxr_javadoccomment"> * file.</em>
|
||||
<a class="jxr_linenumber" name="402" href="#402">402</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="403" href="#403">403</a> <em class="jxr_javadoccomment"> * @param key the key to lookup within the properties file</em>
|
||||
<a class="jxr_linenumber" name="404" href="#404">404</a> <em class="jxr_javadoccomment"> * @return the property from the properties file</em>
|
||||
<a class="jxr_linenumber" name="405" href="#405">405</a> <em class="jxr_javadoccomment"> * @throws InvalidSettingException is thrown if there is an error retrieving</em>
|
||||
<a class="jxr_linenumber" name="406" href="#406">406</a> <em class="jxr_javadoccomment"> * the setting</em>
|
||||
<a class="jxr_linenumber" name="407" href="#407">407</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="408" href="#408">408</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">boolean</strong> getBoolean(String key) <strong class="jxr_keyword">throws</strong> InvalidSettingException {
|
||||
<a class="jxr_linenumber" name="409" href="#409">409</a> <strong class="jxr_keyword">boolean</strong> value;
|
||||
<a class="jxr_linenumber" name="410" href="#410">410</a> <strong class="jxr_keyword">try</strong> {
|
||||
<a class="jxr_linenumber" name="411" href="#411">411</a> value = Boolean.parseBoolean(Settings.getString(key));
|
||||
<a class="jxr_linenumber" name="412" href="#412">412</a> } <strong class="jxr_keyword">catch</strong> (NumberFormatException ex) {
|
||||
<a class="jxr_linenumber" name="413" href="#413">413</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/utils/InvalidSettingException.html">InvalidSettingException</a>(<span class="jxr_string">"Could not convert property '"</span> + key + <span class="jxr_string">"' to an int."</span>, ex);
|
||||
<a class="jxr_linenumber" name="414" href="#414">414</a> }
|
||||
<a class="jxr_linenumber" name="415" href="#415">415</a> <strong class="jxr_keyword">return</strong> value;
|
||||
<a class="jxr_linenumber" name="416" href="#416">416</a> }
|
||||
<a class="jxr_linenumber" name="417" href="#417">417</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -31,87 +31,94 @@
|
||||
<a class="jxr_linenumber" name="21" href="#21">21</a> <strong class="jxr_keyword">import</strong> java.net.MalformedURLException;
|
||||
<a class="jxr_linenumber" name="22" href="#22">22</a> <strong class="jxr_keyword">import</strong> java.net.URL;
|
||||
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.util.ArrayList;
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.regex.Pattern;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a>
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/UrlStringUtils.html">UrlStringUtils</a> {
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a> <em class="jxr_javadoccomment"> * Private constructor for a utility class.</em>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/UrlStringUtils.html">UrlStringUtils</a>() {
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> }
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> <em class="jxr_javadoccomment"> * A regular expression to test if a string contains a URL.</em>
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern CONTAINS_URL_TEST = Pattern.compile(<span class="jxr_string">"^.*(ht|f)tps?://.*$"</span>, Pattern.MULTILINE | Pattern.CASE_INSENSITIVE);
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment"> * A regular expression to test if a string is a URL.</em>
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern IS_URL_TEST = Pattern.compile(<span class="jxr_string">"^(ht|f)tps?://.*"</span>, Pattern.CASE_INSENSITIVE);
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a> <em class="jxr_javadoccomment"> * Tests if the text provided contains a URL. This is somewhat limited</em>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment"> * search in that it only looks for (ftp|http|https)://</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * @param text the text to search</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> * @return true if the text contains a url, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">boolean</strong> containsUrl(String text) {
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <strong class="jxr_keyword">return</strong> CONTAINS_URL_TEST.matcher(text).matches();
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> }
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a>
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a> <em class="jxr_javadoccomment"> * Tests if the given text is url.</em>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * @param text the string to test</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> * @return returns true if the text is a url, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">boolean</strong> isUrl(String text) {
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <strong class="jxr_keyword">return</strong> IS_URL_TEST.matcher(text).matches();
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> }
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a>
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment"> * <p>Takes a URL, in String format, and adds the important parts of the URL</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> * to a list of strings.</p></em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * <p>Example, given the following input:</p></em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> * <code>"https://www.somedomain.com/path1/path2/file.php?id=439"</code></em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <em class="jxr_javadoccomment"> * <p>The function would return:</p></em>
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a> <em class="jxr_javadoccomment"> * <code>{"somedomain", "path1", "path2", "file"}</code></em>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * @param text a URL</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * @return importantParts a list of the important parts of the URL</em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> * @throws MalformedURLException thrown if the URL is malformed</em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> List<String> extractImportantUrlData(String text) <strong class="jxr_keyword">throws</strong> MalformedURLException {
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <strong class="jxr_keyword">final</strong> ArrayList<String> importantParts = <strong class="jxr_keyword">new</strong> ArrayList<String>();
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <strong class="jxr_keyword">final</strong> URL url = <strong class="jxr_keyword">new</strong> URL(text);
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <strong class="jxr_keyword">final</strong> String[] domain = url.getHost().split(<span class="jxr_string">"\\."</span>);
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_comment">//add the domain except www and the tld.</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < domain.length - 1; i++) {
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <strong class="jxr_keyword">final</strong> String sub = domain[i];
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <strong class="jxr_keyword">if</strong> (!<span class="jxr_string">"www"</span>.equalsIgnoreCase(sub)) {
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> importantParts.add(sub);
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> }
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> }
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <strong class="jxr_keyword">final</strong> String document = url.getPath();
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">final</strong> String[] pathParts = document.split(<span class="jxr_string">"[\\//]"</span>);
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < pathParts.length - 2; i++) {
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">if</strong> (!pathParts[i].isEmpty()) {
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> importantParts.add(pathParts[i]);
|
||||
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.Arrays;
|
||||
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.HashSet;
|
||||
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.util.List;
|
||||
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.util.regex.Pattern;
|
||||
<a class="jxr_linenumber" name="28" href="#28">28</a>
|
||||
<a class="jxr_linenumber" name="29" href="#29">29</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="30" href="#30">30</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="31" href="#31">31</a> <em class="jxr_javadoccomment"> * @author Jeremy Long (jeremy.long@owasp.org)</em>
|
||||
<a class="jxr_linenumber" name="32" href="#32">32</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/utils/UrlStringUtils.html">UrlStringUtils</a> {
|
||||
<a class="jxr_linenumber" name="34" href="#34">34</a>
|
||||
<a class="jxr_linenumber" name="35" href="#35">35</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="36" href="#36">36</a> <em class="jxr_javadoccomment"> * Private constructor for a utility class.</em>
|
||||
<a class="jxr_linenumber" name="37" href="#37">37</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">private</strong> <a href="../../../../org/owasp/dependencycheck/utils/UrlStringUtils.html">UrlStringUtils</a>() {
|
||||
<a class="jxr_linenumber" name="39" href="#39">39</a> }
|
||||
<a class="jxr_linenumber" name="40" href="#40">40</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="41" href="#41">41</a> <em class="jxr_javadoccomment"> * A regular expression to test if a string contains a URL.</em>
|
||||
<a class="jxr_linenumber" name="42" href="#42">42</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="43" href="#43">43</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern CONTAINS_URL_TEST = Pattern.compile(<span class="jxr_string">"^.*(ht|f)tps?://.*$"</span>, Pattern.MULTILINE | Pattern.CASE_INSENSITIVE);
|
||||
<a class="jxr_linenumber" name="44" href="#44">44</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="45" href="#45">45</a> <em class="jxr_javadoccomment"> * A regular expression to test if a string is a URL.</em>
|
||||
<a class="jxr_linenumber" name="46" href="#46">46</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="47" href="#47">47</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern IS_URL_TEST = Pattern.compile(<span class="jxr_string">"^(ht|f)tps?://.*"</span>, Pattern.CASE_INSENSITIVE);
|
||||
<a class="jxr_linenumber" name="48" href="#48">48</a>
|
||||
<a class="jxr_linenumber" name="49" href="#49">49</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="50" href="#50">50</a> <em class="jxr_javadoccomment"> * Tests if the text provided contains a URL. This is somewhat limited</em>
|
||||
<a class="jxr_linenumber" name="51" href="#51">51</a> <em class="jxr_javadoccomment"> * search in that it only looks for (ftp|http|https)://</em>
|
||||
<a class="jxr_linenumber" name="52" href="#52">52</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="53" href="#53">53</a> <em class="jxr_javadoccomment"> * @param text the text to search</em>
|
||||
<a class="jxr_linenumber" name="54" href="#54">54</a> <em class="jxr_javadoccomment"> * @return true if the text contains a url, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="55" href="#55">55</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="56" href="#56">56</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">boolean</strong> containsUrl(String text) {
|
||||
<a class="jxr_linenumber" name="57" href="#57">57</a> <strong class="jxr_keyword">return</strong> CONTAINS_URL_TEST.matcher(text).matches();
|
||||
<a class="jxr_linenumber" name="58" href="#58">58</a> }
|
||||
<a class="jxr_linenumber" name="59" href="#59">59</a>
|
||||
<a class="jxr_linenumber" name="60" href="#60">60</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="61" href="#61">61</a> <em class="jxr_javadoccomment"> * Tests if the given text is url.</em>
|
||||
<a class="jxr_linenumber" name="62" href="#62">62</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="63" href="#63">63</a> <em class="jxr_javadoccomment"> * @param text the string to test</em>
|
||||
<a class="jxr_linenumber" name="64" href="#64">64</a> <em class="jxr_javadoccomment"> * @return returns true if the text is a url, otherwise false</em>
|
||||
<a class="jxr_linenumber" name="65" href="#65">65</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="66" href="#66">66</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">boolean</strong> isUrl(String text) {
|
||||
<a class="jxr_linenumber" name="67" href="#67">67</a> <strong class="jxr_keyword">return</strong> IS_URL_TEST.matcher(text).matches();
|
||||
<a class="jxr_linenumber" name="68" href="#68">68</a> }
|
||||
<a class="jxr_linenumber" name="69" href="#69">69</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="70" href="#70">70</a> <em class="jxr_javadoccomment"> * A listing of domain parts that shold not be used as evidence. Yes, this</em>
|
||||
<a class="jxr_linenumber" name="71" href="#71">71</a> <em class="jxr_javadoccomment"> * is an incomplete list.</em>
|
||||
<a class="jxr_linenumber" name="72" href="#72">72</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="73" href="#73">73</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> HashSet<String> IGNORE_LIST = <strong class="jxr_keyword">new</strong> HashSet<String>(Arrays.asList(<span class="jxr_string">"www"</span>, <span class="jxr_string">"com"</span>, <span class="jxr_string">"org"</span>, <span class="jxr_string">"gov"</span>, <span class="jxr_string">"info"</span>, <span class="jxr_string">"name"</span>, <span class="jxr_string">"net"</span>, <span class="jxr_string">"pro"</span>, <span class="jxr_string">"tel"</span>, <span class="jxr_string">"mobi"</span>, <span class="jxr_string">"xxx"</span>));
|
||||
<a class="jxr_linenumber" name="74" href="#74">74</a>
|
||||
<a class="jxr_linenumber" name="75" href="#75">75</a> <em class="jxr_javadoccomment">/**</em>
|
||||
<a class="jxr_linenumber" name="76" href="#76">76</a> <em class="jxr_javadoccomment"> * <p>Takes a URL, in String format, and adds the important parts of the URL</em>
|
||||
<a class="jxr_linenumber" name="77" href="#77">77</a> <em class="jxr_javadoccomment"> * to a list of strings.</p></em>
|
||||
<a class="jxr_linenumber" name="78" href="#78">78</a> <em class="jxr_javadoccomment"> * <p>Example, given the following input:</p></em>
|
||||
<a class="jxr_linenumber" name="79" href="#79">79</a> <em class="jxr_javadoccomment"> * <code>"https://www.somedomain.com/path1/path2/file.php?id=439"</code></em>
|
||||
<a class="jxr_linenumber" name="80" href="#80">80</a> <em class="jxr_javadoccomment"> * <p>The function would return:</p></em>
|
||||
<a class="jxr_linenumber" name="81" href="#81">81</a> <em class="jxr_javadoccomment"> * <code>{"somedomain", "path1", "path2", "file"}</code></em>
|
||||
<a class="jxr_linenumber" name="82" href="#82">82</a> <em class="jxr_javadoccomment"> *</em>
|
||||
<a class="jxr_linenumber" name="83" href="#83">83</a> <em class="jxr_javadoccomment"> * @param text a URL</em>
|
||||
<a class="jxr_linenumber" name="84" href="#84">84</a> <em class="jxr_javadoccomment"> * @return importantParts a list of the important parts of the URL</em>
|
||||
<a class="jxr_linenumber" name="85" href="#85">85</a> <em class="jxr_javadoccomment"> * @throws MalformedURLException thrown if the URL is malformed</em>
|
||||
<a class="jxr_linenumber" name="86" href="#86">86</a> <em class="jxr_javadoccomment"> */</em>
|
||||
<a class="jxr_linenumber" name="87" href="#87">87</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> List<String> extractImportantUrlData(String text) <strong class="jxr_keyword">throws</strong> MalformedURLException {
|
||||
<a class="jxr_linenumber" name="88" href="#88">88</a> <strong class="jxr_keyword">final</strong> ArrayList<String> importantParts = <strong class="jxr_keyword">new</strong> ArrayList<String>();
|
||||
<a class="jxr_linenumber" name="89" href="#89">89</a> <strong class="jxr_keyword">final</strong> URL url = <strong class="jxr_keyword">new</strong> URL(text);
|
||||
<a class="jxr_linenumber" name="90" href="#90">90</a> <strong class="jxr_keyword">final</strong> String[] domain = url.getHost().split(<span class="jxr_string">"\\."</span>);
|
||||
<a class="jxr_linenumber" name="91" href="#91">91</a> <em class="jxr_comment">//add the domain except www and the tld.</em>
|
||||
<a class="jxr_linenumber" name="92" href="#92">92</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < domain.length - 1; i++) {
|
||||
<a class="jxr_linenumber" name="93" href="#93">93</a> <strong class="jxr_keyword">final</strong> String sub = domain[i];
|
||||
<a class="jxr_linenumber" name="94" href="#94">94</a> <strong class="jxr_keyword">if</strong> (!IGNORE_LIST.contains(sub.toLowerCase())) {
|
||||
<a class="jxr_linenumber" name="95" href="#95">95</a> importantParts.add(sub);
|
||||
<a class="jxr_linenumber" name="96" href="#96">96</a> }
|
||||
<a class="jxr_linenumber" name="97" href="#97">97</a> }
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <strong class="jxr_keyword">if</strong> (pathParts.length > 0 && !pathParts[pathParts.length - 1].isEmpty()) {
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <strong class="jxr_keyword">final</strong> String fileNameNoExt = pathParts[pathParts.length - 1].replaceAll(<span class="jxr_string">"\\..*{0,5}$"</span>, <span class="jxr_string">""</span>);
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> importantParts.add(fileNameNoExt);
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> }
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> <strong class="jxr_keyword">return</strong> importantParts;
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> }
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> }
|
||||
<a class="jxr_linenumber" name="98" href="#98">98</a> <strong class="jxr_keyword">final</strong> String document = url.getPath();
|
||||
<a class="jxr_linenumber" name="99" href="#99">99</a> <strong class="jxr_keyword">final</strong> String[] pathParts = document.split(<span class="jxr_string">"[\\//]"</span>);
|
||||
<a class="jxr_linenumber" name="100" href="#100">100</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = 0; i < pathParts.length - 2; i++) {
|
||||
<a class="jxr_linenumber" name="101" href="#101">101</a> <strong class="jxr_keyword">if</strong> (!pathParts[i].isEmpty()) {
|
||||
<a class="jxr_linenumber" name="102" href="#102">102</a> importantParts.add(pathParts[i]);
|
||||
<a class="jxr_linenumber" name="103" href="#103">103</a> }
|
||||
<a class="jxr_linenumber" name="104" href="#104">104</a> }
|
||||
<a class="jxr_linenumber" name="105" href="#105">105</a> <strong class="jxr_keyword">if</strong> (pathParts.length > 0 && !pathParts[pathParts.length - 1].isEmpty()) {
|
||||
<a class="jxr_linenumber" name="106" href="#106">106</a> <strong class="jxr_keyword">final</strong> String fileNameNoExt = pathParts[pathParts.length - 1].replaceAll(<span class="jxr_string">"\\..*{0,5}$"</span>, <span class="jxr_string">""</span>);
|
||||
<a class="jxr_linenumber" name="107" href="#107">107</a> importantParts.add(fileNameNoExt);
|
||||
<a class="jxr_linenumber" name="108" href="#108">108</a> }
|
||||
<a class="jxr_linenumber" name="109" href="#109">109</a> <strong class="jxr_keyword">return</strong> importantParts;
|
||||
<a class="jxr_linenumber" name="110" href="#110">110</a> }
|
||||
<a class="jxr_linenumber" name="111" href="#111">111</a> }
|
||||
</pre>
|
||||
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
|
||||
</html>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.utils</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.utils</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -29,6 +29,9 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="Downloader.html" target="classFrame">Downloader</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="ExtractionException.html" target="classFrame">ExtractionException</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="FileUtils.html" target="classFrame">FileUtils</a>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference Package org.owasp.dependencycheck.utils</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference Package org.owasp.dependencycheck.utils</title>
|
||||
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -59,6 +59,11 @@
|
||||
<td>
|
||||
<a href="Downloader.html" target="classFrame">Downloader</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="ExtractionException.html" target="classFrame">ExtractionException</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference</title>
|
||||
<link rel="stylesheet" type="text/css" href="stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -20,6 +20,9 @@
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/analyzer/package-frame.html" target="packageFrame">org.owasp.dependencycheck.analyzer</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/concurrency/package-frame.html" target="packageFrame">org.owasp.dependencycheck.concurrency</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/package-frame.html" target="packageFrame">org.owasp.dependencycheck.data</a>
|
||||
@@ -37,7 +40,7 @@
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/package-frame.html" target="packageFrame">org.owasp.dependencycheck.data.nvdcve</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/package-frame.html" target="packageFrame">org.owasp.dependencycheck.data.nvdcve.xml</a>
|
||||
<a href="org/owasp/dependencycheck/data/update/package-frame.html" target="packageFrame">org.owasp.dependencycheck.data.update</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="org/owasp/dependencycheck/dependency/package-frame.html" target="packageFrame">org.owasp.dependencycheck.dependency</a>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<html xml:lang="en" lang="en">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
||||
<title>dependency-check-core 1.0.1 Reference</title>
|
||||
<title>Dependency-Check Core 1.0.2 Reference</title>
|
||||
<link rel="stylesheet" type="text/css" href="stylesheet.css" title="style" />
|
||||
</head>
|
||||
<body>
|
||||
@@ -24,7 +24,7 @@
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<h2>dependency-check-core 1.0.1 Reference</h2>
|
||||
<h2>Dependency-Check Core 1.0.2 Reference</h2>
|
||||
|
||||
<table class="summary">
|
||||
<thead>
|
||||
@@ -42,6 +42,11 @@
|
||||
<td>
|
||||
<a href="org/owasp/dependencycheck/analyzer/package-summary.html">org.owasp.dependencycheck.analyzer</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="org/owasp/dependencycheck/concurrency/package-summary.html">org.owasp.dependencycheck.concurrency</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
@@ -70,7 +75,7 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<a href="org/owasp/dependencycheck/data/nvdcve/xml/package-summary.html">org.owasp.dependencycheck.data.nvdcve.xml</a>
|
||||
<a href="org/owasp/dependencycheck/data/update/package-summary.html">org.owasp.dependencycheck.data.update</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
Reference in New Issue
Block a user