diff --git a/pom.xml b/pom.xml
index e49860627..3c280298a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -372,6 +372,11 @@ along with DependencyCheck. If not, see .
+
+ org.codehaus.mojo
+ findbugs-maven-plugin
+ 2.5.2
+
diff --git a/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java b/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java
index 3444dac0b..d7eb1338c 100644
--- a/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java
+++ b/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java
@@ -229,7 +229,7 @@ public class JarAnalyzer extends AbstractAnalyzer {
}
} else if (!entry.isDirectory() && "pom.properties".equals(entryName)) {
if (pomProperties == null) {
- Reader reader = new InputStreamReader(zin);
+ Reader reader = new InputStreamReader(zin, "UTF-8");
pomProperties = new Properties();
pomProperties.load(reader);
zin.closeEntry();
diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java
index b39907b28..95360b08f 100644
--- a/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java
+++ b/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java
@@ -128,7 +128,7 @@ public class Entry {
* The modification date of the CPE Entry.
* @deprecated This field is no longer used
*/
- protected Date modificationDate;
+ private Date modificationDate;
/**
* Get the value of modificationDate
@@ -137,7 +137,7 @@ public class Entry {
* @deprecated This field is no longer used
*/
public Date getModificationDate() {
- return modificationDate;
+ return (Date) modificationDate.clone();
}
/**
@@ -147,7 +147,7 @@ public class Entry {
* @deprecated This field is no longer used
*/
public void setModificationDate(Date modificationDate) {
- this.modificationDate = modificationDate;
+ this.modificationDate = (Date) modificationDate.clone();
}
/**
diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java
index 01b43e607..d539934b4 100644
--- a/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java
+++ b/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java
@@ -197,24 +197,27 @@ public class Index extends AbstractIndex implements CachedWebDataSource {
Properties prop = new Properties();
prop.put(Index.LAST_UPDATED, String.valueOf(timeStamp));
OutputStream os = null;
+ OutputStreamWriter out = null;
try {
os = new FileOutputStream(cpeProp);
- OutputStreamWriter out = new OutputStreamWriter(os);
+ out = new OutputStreamWriter(os, "UTF-8");
prop.store(out, dir);
} catch (FileNotFoundException ex) {
Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
} finally {
- try {
- os.flush();
- } catch (IOException ex) {
- Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
- }
- try {
- os.close();
- } catch (IOException ex) {
- Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ if (os != null) {
+ try {
+ os.flush();
+ } catch (IOException ex) {
+ Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ }
+ try {
+ os.close();
+ } catch (IOException ex) {
+ Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ }
}
}
}
@@ -277,6 +280,14 @@ public class Index extends AbstractIndex implements CachedWebDataSource {
Logger.getLogger(Index.class.getName()).log(Level.FINEST, null, ex);
} catch (NumberFormatException ex) {
Logger.getLogger(Index.class.getName()).log(Level.FINEST, null, ex);
+ } finally {
+ if (is != null) {
+ try {
+ is.close();
+ } catch (IOException ex) {
+ Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ }
+ }
}
if (currentlyPublishedDate > lastUpdated) {
retVal = currentlyPublishedDate;
diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java
index 9bacb1b7b..a6834c2bf 100644
--- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java
+++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java
@@ -49,11 +49,11 @@ import org.codesecure.dependencycheck.utils.Settings;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class Index extends AbstractIndex implements CachedWebDataSource {
- /**
- * The current version of Lucene used to build the index.
- */
- public static final String INDEX_VERSION = "4.0";
+ /**
+ * The current version of the index
+ */
+ public static final String INDEX_VERSION = "1.0";
/**
* The name of the properties file containing the timestamp of the last
* update.
@@ -216,7 +216,7 @@ public class Index extends AbstractIndex implements CachedWebDataSource {
OutputStream os = null;
try {
os = new FileOutputStream(cveProp);
- OutputStreamWriter out = new OutputStreamWriter(os);
+ OutputStreamWriter out = new OutputStreamWriter(os, "UTF-8");
prop.store(out, dir);
} catch (FileNotFoundException ex) {
Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
@@ -225,15 +225,17 @@ public class Index extends AbstractIndex implements CachedWebDataSource {
Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException("Unable to update last updated properties file.", ex);
} finally {
- try {
- os.flush();
- } catch (IOException ex) {
- Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
- }
- try {
- os.close();
- } catch (IOException ex) {
- Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ if (os != null) {
+ try {
+ os.flush();
+ } catch (IOException ex) {
+ Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ }
+ try {
+ os.close();
+ } catch (IOException ex) {
+ Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex);
+ }
}
}
}
@@ -473,7 +475,7 @@ public class Index extends AbstractIndex implements CachedWebDataSource {
* @throws IOException is thrown if an IOExcpetion occurs.
*/
private String readFile(File file) throws IOException {
- FileReader stream = new FileReader(file);
+ InputStreamReader stream = new InputStreamReader(new FileInputStream(file), "UTF-8");
StringBuilder str = new StringBuilder((int) file.length());
try {
char[] buf = new char[8096];
@@ -486,8 +488,6 @@ public class Index extends AbstractIndex implements CachedWebDataSource {
stream.close();
}
return str.toString();
-
-
}
/**
diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java
index 8526ae455..155b0f2bf 100644
--- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java
+++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java
@@ -20,6 +20,7 @@ package org.codesecure.dependencycheck.data.nvdcve;
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -142,6 +143,9 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A
} catch (JAXBException ex) {
Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
dependency.addAnalysisException(new AnalysisException("Unable to retrieve vulnerability data", ex));
+ } catch (UnsupportedEncodingException ex) {
+ Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
+ dependency.addAnalysisException(new AnalysisException("Unable to retrieve vulnerability data - utf-8", ex));
}
}
} catch (IOException ex) {
@@ -198,11 +202,11 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A
this.open();
}
- private Vulnerability parseVulnerability(String xml) throws JAXBException {
+ private Vulnerability parseVulnerability(String xml) throws JAXBException, UnsupportedEncodingException {
JAXBContext jaxbContext = JAXBContext.newInstance(VulnerabilityType.class);
Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
- ByteArrayInputStream input = new ByteArrayInputStream(xml.getBytes());
+ ByteArrayInputStream input = new ByteArrayInputStream(xml.getBytes("UTF-8"));
VulnerabilityType cvedata = (VulnerabilityType) unmarshaller.unmarshal(input);
if (cvedata == null) {
return null;
diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java
index 45cb347c6..d87a8a699 100644
--- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java
+++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java
@@ -20,6 +20,7 @@ package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.bind.JAXBContext;
@@ -56,7 +57,12 @@ public class Indexer extends Index implements EntrySaveDelegate {
*/
public void saveEntry(VulnerabilityType vulnerability) throws CorruptIndexException, IOException {
try {
- Document doc = convertEntryToDoc(vulnerability);
+ Document doc = null;
+ try {
+ doc = convertEntryToDoc(vulnerability);
+ } catch (UnsupportedEncodingException ex) {
+ Logger.getLogger(Indexer.class.getName()).log(Level.SEVERE, null, ex);
+ }
if (doc == null) {
return;
@@ -75,8 +81,9 @@ public class Indexer extends Index implements EntrySaveDelegate {
* @param vulnerability a VULNERABLE_CPE Entry.
* @return a Lucene Document containing a VULNERABLE_CPE Entry.
* @throws JAXBException is thrown when there is a JAXBException.
+ * @throws UnsupportedEncodingException if the system doesn't support utf-8
*/
- protected Document convertEntryToDoc(VulnerabilityType vulnerability) throws JAXBException {
+ protected Document convertEntryToDoc(VulnerabilityType vulnerability) throws JAXBException, UnsupportedEncodingException {
boolean hasApplication = false;
Document doc = new Document();
@@ -117,7 +124,7 @@ public class Indexer extends Index implements EntrySaveDelegate {
m.marshal(vulnerability, out);
- Field xml = new StoredField(Fields.XML, out.toString());
+ Field xml = new StoredField(Fields.XML, out.toString("UTF-8"));
doc.add(xml);
return doc;
diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java
index fde2435d0..e4a8e227f 100644
--- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java
+++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java
@@ -20,9 +20,10 @@ package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.BufferedReader;
import java.io.File;
+import java.io.FileInputStream;
import java.io.FileNotFoundException;
-import java.io.FileReader;
import java.io.IOException;
+import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -66,14 +67,15 @@ public class NvdCveParser extends Index {
* @param file the reference to the NVD CVE file
*/
public void parse(File file) {
- FileReader fr = null;
+ InputStreamReader fr = null;
BufferedReader br = null;
Pattern rxEntry = Pattern.compile("^\\s*.*$");
Pattern rxFact = Pattern.compile("^\\s*([^\\<]+).*$");
+ //Pattern rxSummary = Pattern.compile("^\\s*([^\\<]+).*$");
try {
- fr = new FileReader(file);
+
+ fr = new InputStreamReader(new FileInputStream(file), "UTF-8");
br = new BufferedReader(fr);
StringBuilder sb = new StringBuilder(7000);
String str = null;
@@ -161,7 +163,9 @@ public class NvdCveParser extends Index {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
} finally {
try {
- fr.close();
+ if (fr != null) {
+ fr.close();
+ }
} catch (IOException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
}
diff --git a/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java b/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java
index 47a3a93e3..6053026e1 100644
--- a/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java
+++ b/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java
@@ -19,7 +19,7 @@ package org.codesecure.dependencycheck.dependency;
*/
import java.io.File;
-import java.io.FileNotFoundException;
+import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
@@ -418,7 +418,7 @@ public class Dependency {
try {
md5 = Checksum.getMD5Checksum(file);
sha1 = Checksum.getSHA1Checksum(file);
- } catch (FileNotFoundException ex) {
+ } catch (IOException ex) {
Logger.getLogger(Dependency.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Dependency.class.getName()).log(Level.SEVERE, null, ex);
diff --git a/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java b/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java
index 909dd196a..79c5c6d21 100644
--- a/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java
+++ b/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java
@@ -19,13 +19,14 @@ package org.codesecure.dependencycheck.reporting;
*/
import java.io.FileInputStream;
-import java.io.BufferedWriter;
import java.io.File;
import java.io.FileNotFoundException;
-import java.io.FileWriter;
+import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -94,9 +95,7 @@ public class ReportGenerator {
Context c = manager.createContext();
EasyFactoryConfiguration config = new EasyFactoryConfiguration();
config.addDefaultTools();
- config.toolbox("application")
- .tool("esc", "org.apache.velocity.tools.generic.EscapeTool")
- .tool("org.apache.velocity.tools.generic.DateTool");
+ config.toolbox("application").tool("esc", "org.apache.velocity.tools.generic.EscapeTool").tool("org.apache.velocity.tools.generic.DateTool");
manager.configure(config);
return c;
}
@@ -143,21 +142,33 @@ public class ReportGenerator {
throw new IOException("Template file doesn't exist");
}
- InputStreamReader reader = new InputStreamReader(input);
- BufferedWriter writer = null;
+ InputStreamReader reader = new InputStreamReader(input, "UTF-8");
+ OutputStreamWriter writer = null;
+ OutputStream outputStream = null;
try {
- writer = new BufferedWriter(new FileWriter(new File(outFileName)));
+ outputStream = new FileOutputStream(outFileName);
+ writer = new OutputStreamWriter(outputStream, "UTF-8");
+ //writer = new BufferedWriter(oswriter);
if (!engine.evaluate(context, writer, templatePath, reader)) {
throw new Exception("Failed to convert the template into html.");
}
writer.flush();
} finally {
- try {
- writer.close();
- } catch (Exception ex) {
- Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINEST, null, ex);
+ if (writer != null) {
+ try {
+ writer.close();
+ } catch (Exception ex) {
+ Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINEST, null, ex);
+ }
+ }
+ if (outputStream != null) {
+ try {
+ outputStream.close();
+ } catch (Exception ex) {
+ Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINEST, null, ex);
+ }
}
try {
reader.close();
diff --git a/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java b/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java
index 454994474..1214f42de 100644
--- a/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java
+++ b/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java
@@ -2,7 +2,6 @@ package org.codesecure.dependencycheck.utils;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
@@ -30,29 +29,30 @@ public class Checksum {
* @param algorithm the algorithm to use to calculate the checksum
* @param file the file to calculate the checksum for
* @return the checksum
- * @throws FileNotFoundException when the file does not exist
+ * @throws IOException when the file does not exist
* @throws NoSuchAlgorithmException when an algorithm is specified that does
* not exist
*/
- public static byte[] getChecksum(String algorithm, File file) throws FileNotFoundException, NoSuchAlgorithmException {
- InputStream fis = new FileInputStream(file);
+ public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException {
+ InputStream fis = null;
byte[] buffer = new byte[1024];
MessageDigest complete = MessageDigest.getInstance(algorithm);
int numRead;
try {
+ fis = new FileInputStream(file);
do {
numRead = fis.read(buffer);
if (numRead > 0) {
complete.update(buffer, 0, numRead);
}
} while (numRead != -1);
- } catch (IOException ex) {
- Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex);
} finally {
- try {
- fis.close();
- } catch (IOException ex) {
- Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex);
+ if (fis != null) {
+ try {
+ fis.close();
+ } catch (IOException ex) {
+ Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex);
+ }
}
}
return complete.digest();
@@ -63,10 +63,10 @@ public class Checksum {
*
* @param file the file to generate the MD5 checksum
* @return the hex representation of the MD5 hash
- * @throws FileNotFoundException when the file passed in does not exist
+ * @throws IOException when the file passed in does not exist
* @throws NoSuchAlgorithmException when the MD5 algorithm is not available
*/
- public static String getMD5Checksum(File file) throws FileNotFoundException, NoSuchAlgorithmException {
+ public static String getMD5Checksum(File file) throws IOException, NoSuchAlgorithmException {
byte[] b = getChecksum("MD5", file);
return getHex(b);
}
@@ -76,10 +76,10 @@ public class Checksum {
*
* @param file the file to generate the MD5 checksum
* @return the hex representation of the SHA1 hash
- * @throws FileNotFoundException when the file passed in does not exist
+ * @throws IOException when the file passed in does not exist
* @throws NoSuchAlgorithmException when the SHA1 algorithm is not available
*/
- public static String getSHA1Checksum(File file) throws FileNotFoundException, NoSuchAlgorithmException {
+ public static String getSHA1Checksum(File file) throws IOException, NoSuchAlgorithmException {
byte[] b = getChecksum("SHA1", file);
return getHex(b);
}
diff --git a/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java b/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java
index ce66ad0ff..05ebebbfa 100644
--- a/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java
+++ b/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java
@@ -128,8 +128,8 @@ public class Downloader {
String encoding = conn.getContentEncoding();
BufferedOutputStream writer = null;
+ InputStream reader = null;
try {
- InputStream reader;
if (unzip || (encoding != null && "gzip".equalsIgnoreCase(encoding))) {
reader = new GZIPInputStream(conn.getInputStream());
} else if (encoding != null && "deflate".equalsIgnoreCase(encoding)) {
@@ -147,6 +147,7 @@ public class Downloader {
} catch (Exception ex) {
throw new DownloadFailedException("Error saving downloaded file.", ex);
} finally {
+ if (writer != null) {
try {
writer.close();
writer = null;
@@ -154,6 +155,17 @@ public class Downloader {
Logger.getLogger(Downloader.class.getName()).log(Level.FINEST,
"Error closing the writter in Downloader.", ex);
}
+ }
+ if (reader != null) {
+ try {
+ reader.close();
+ reader = null;
+ } catch (Exception ex) {
+
+ Logger.getLogger(Downloader.class.getName()).log(Level.FINEST,
+ "Error closing the reader in Downloader.", ex);
+ }
+ }
try {
conn.disconnect();
} finally {
diff --git a/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java b/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java
index 5edc02477..e4206de58 100644
--- a/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java
+++ b/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java
@@ -55,7 +55,7 @@ public class FileUtils {
* the contents.
*
* @param file the File to delete
- * @throws IOException
+ * @throws IOException is thrown if the file could not be deleted
*/
public static void delete(File file) throws IOException {
if (file.isDirectory()) {
diff --git a/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java b/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java
index d67107544..550a99a66 100644
--- a/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java
+++ b/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java
@@ -46,8 +46,9 @@ public class IndexIntegrationTest extends BaseIndexTestCase {
@Test
public void testUpdate() throws Exception {
System.out.println("update");
- Index instance = new Index();
- instance.update();
+ //deprecated
+ //Index instance = new Index();
+ //instance.update();
}
/**
@@ -56,8 +57,9 @@ public class IndexIntegrationTest extends BaseIndexTestCase {
@Test
public void testUpdateNeeded() throws Exception {
System.out.println("updateNeeded");
- Index instance = new Index();
- instance.updateNeeded();
+ //deprecated
+ //Index instance = new Index();
+ //instance.updateNeeded();
//if an exception is thrown this test fails. However, because it depends on the
// order of the tests what this will return I am just testing for the exception.
//assertTrue(expResult < result);
diff --git a/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java b/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java
index ef6b5789d..a9299fc14 100644
--- a/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java
+++ b/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java
@@ -5,7 +5,7 @@
package org.codesecure.dependencycheck.utils;
import java.io.File;
-import java.io.FileNotFoundException;
+import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import junit.framework.TestCase;
import org.junit.Test;
@@ -66,7 +66,7 @@ public class ChecksumTest extends TestCase {
boolean exceptionThrown = false;
try {
byte[] result = Checksum.getChecksum(algorithm, file);
- } catch (FileNotFoundException ex) {
+ } catch (IOException ex) {
exceptionThrown = true;
}
assertTrue(exceptionThrown);