From 283dcae297eda64826cd9130aaed02d34ed81eaa Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 22 Dec 2012 06:15:39 -0500 Subject: [PATCH] added find bugs and fixed some bugs Former-commit-id: 2266d86317f4fb20b7d3262b41b14d962916078f --- pom.xml | 5 +++ .../dependencycheck/analyzer/JarAnalyzer.java | 2 +- .../dependencycheck/data/cpe/Entry.java | 6 ++-- .../dependencycheck/data/cpe/Index.java | 31 ++++++++++------ .../dependencycheck/data/nvdcve/Index.java | 34 +++++++++--------- .../data/nvdcve/NvdCveAnalyzer.java | 8 +++-- .../data/nvdcve/xml/Indexer.java | 13 +++++-- .../data/nvdcve/xml/NvdCveParser.java | 14 +++++--- .../dependency/Dependency.java | 4 +-- .../reporting/ReportGenerator.java | 35 ++++++++++++------- .../dependencycheck/utils/Checksum.java | 28 +++++++-------- .../dependencycheck/utils/Downloader.java | 14 +++++++- .../dependencycheck/utils/FileUtils.java | 2 +- .../data/cpe/IndexIntegrationTest.java | 10 +++--- .../dependencycheck/utils/ChecksumTest.java | 4 +-- 15 files changed, 133 insertions(+), 77 deletions(-) diff --git a/pom.xml b/pom.xml index e49860627..3c280298a 100644 --- a/pom.xml +++ b/pom.xml @@ -372,6 +372,11 @@ along with DependencyCheck. If not, see . + + org.codehaus.mojo + findbugs-maven-plugin + 2.5.2 + diff --git a/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java b/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java index 3444dac0b..d7eb1338c 100644 --- a/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java +++ b/src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java @@ -229,7 +229,7 @@ public class JarAnalyzer extends AbstractAnalyzer { } } else if (!entry.isDirectory() && "pom.properties".equals(entryName)) { if (pomProperties == null) { - Reader reader = new InputStreamReader(zin); + Reader reader = new InputStreamReader(zin, "UTF-8"); pomProperties = new Properties(); pomProperties.load(reader); zin.closeEntry(); diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java index b39907b28..95360b08f 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java +++ b/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java @@ -128,7 +128,7 @@ public class Entry { * The modification date of the CPE Entry. * @deprecated This field is no longer used */ - protected Date modificationDate; + private Date modificationDate; /** * Get the value of modificationDate @@ -137,7 +137,7 @@ public class Entry { * @deprecated This field is no longer used */ public Date getModificationDate() { - return modificationDate; + return (Date) modificationDate.clone(); } /** @@ -147,7 +147,7 @@ public class Entry { * @deprecated This field is no longer used */ public void setModificationDate(Date modificationDate) { - this.modificationDate = modificationDate; + this.modificationDate = (Date) modificationDate.clone(); } /** diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java index 01b43e607..d539934b4 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java +++ b/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java @@ -197,24 +197,27 @@ public class Index extends AbstractIndex implements CachedWebDataSource { Properties prop = new Properties(); prop.put(Index.LAST_UPDATED, String.valueOf(timeStamp)); OutputStream os = null; + OutputStreamWriter out = null; try { os = new FileOutputStream(cpeProp); - OutputStreamWriter out = new OutputStreamWriter(os); + out = new OutputStreamWriter(os, "UTF-8"); prop.store(out, dir); } catch (FileNotFoundException ex) { Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); } catch (IOException ex) { Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); } finally { - try { - os.flush(); - } catch (IOException ex) { - Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); - } - try { - os.close(); - } catch (IOException ex) { - Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + if (os != null) { + try { + os.flush(); + } catch (IOException ex) { + Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + } + try { + os.close(); + } catch (IOException ex) { + Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + } } } } @@ -277,6 +280,14 @@ public class Index extends AbstractIndex implements CachedWebDataSource { Logger.getLogger(Index.class.getName()).log(Level.FINEST, null, ex); } catch (NumberFormatException ex) { Logger.getLogger(Index.class.getName()).log(Level.FINEST, null, ex); + } finally { + if (is != null) { + try { + is.close(); + } catch (IOException ex) { + Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + } + } } if (currentlyPublishedDate > lastUpdated) { retVal = currentlyPublishedDate; diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java index 9bacb1b7b..a6834c2bf 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java +++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java @@ -49,11 +49,11 @@ import org.codesecure.dependencycheck.utils.Settings; * @author Jeremy Long (jeremy.long@gmail.com) */ public class Index extends AbstractIndex implements CachedWebDataSource { - /** - * The current version of Lucene used to build the index. - */ - public static final String INDEX_VERSION = "4.0"; + /** + * The current version of the index + */ + public static final String INDEX_VERSION = "1.0"; /** * The name of the properties file containing the timestamp of the last * update. @@ -216,7 +216,7 @@ public class Index extends AbstractIndex implements CachedWebDataSource { OutputStream os = null; try { os = new FileOutputStream(cveProp); - OutputStreamWriter out = new OutputStreamWriter(os); + OutputStreamWriter out = new OutputStreamWriter(os, "UTF-8"); prop.store(out, dir); } catch (FileNotFoundException ex) { Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); @@ -225,15 +225,17 @@ public class Index extends AbstractIndex implements CachedWebDataSource { Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); throw new UpdateException("Unable to update last updated properties file.", ex); } finally { - try { - os.flush(); - } catch (IOException ex) { - Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); - } - try { - os.close(); - } catch (IOException ex) { - Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + if (os != null) { + try { + os.flush(); + } catch (IOException ex) { + Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + } + try { + os.close(); + } catch (IOException ex) { + Logger.getLogger(Index.class.getName()).log(Level.SEVERE, null, ex); + } } } } @@ -473,7 +475,7 @@ public class Index extends AbstractIndex implements CachedWebDataSource { * @throws IOException is thrown if an IOExcpetion occurs. */ private String readFile(File file) throws IOException { - FileReader stream = new FileReader(file); + InputStreamReader stream = new InputStreamReader(new FileInputStream(file), "UTF-8"); StringBuilder str = new StringBuilder((int) file.length()); try { char[] buf = new char[8096]; @@ -486,8 +488,6 @@ public class Index extends AbstractIndex implements CachedWebDataSource { stream.close(); } return str.toString(); - - } /** diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java index 8526ae455..155b0f2bf 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java +++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java @@ -20,6 +20,7 @@ package org.codesecure.dependencycheck.data.nvdcve; import java.io.ByteArrayInputStream; import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.util.Set; import java.util.logging.Level; import java.util.logging.Logger; @@ -142,6 +143,9 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A } catch (JAXBException ex) { Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex); dependency.addAnalysisException(new AnalysisException("Unable to retrieve vulnerability data", ex)); + } catch (UnsupportedEncodingException ex) { + Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex); + dependency.addAnalysisException(new AnalysisException("Unable to retrieve vulnerability data - utf-8", ex)); } } } catch (IOException ex) { @@ -198,11 +202,11 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A this.open(); } - private Vulnerability parseVulnerability(String xml) throws JAXBException { + private Vulnerability parseVulnerability(String xml) throws JAXBException, UnsupportedEncodingException { JAXBContext jaxbContext = JAXBContext.newInstance(VulnerabilityType.class); Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); - ByteArrayInputStream input = new ByteArrayInputStream(xml.getBytes()); + ByteArrayInputStream input = new ByteArrayInputStream(xml.getBytes("UTF-8")); VulnerabilityType cvedata = (VulnerabilityType) unmarshaller.unmarshal(input); if (cvedata == null) { return null; diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java index 45cb347c6..d87a8a699 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java +++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java @@ -20,6 +20,7 @@ package org.codesecure.dependencycheck.data.nvdcve.xml; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.util.logging.Level; import java.util.logging.Logger; import javax.xml.bind.JAXBContext; @@ -56,7 +57,12 @@ public class Indexer extends Index implements EntrySaveDelegate { */ public void saveEntry(VulnerabilityType vulnerability) throws CorruptIndexException, IOException { try { - Document doc = convertEntryToDoc(vulnerability); + Document doc = null; + try { + doc = convertEntryToDoc(vulnerability); + } catch (UnsupportedEncodingException ex) { + Logger.getLogger(Indexer.class.getName()).log(Level.SEVERE, null, ex); + } if (doc == null) { return; @@ -75,8 +81,9 @@ public class Indexer extends Index implements EntrySaveDelegate { * @param vulnerability a VULNERABLE_CPE Entry. * @return a Lucene Document containing a VULNERABLE_CPE Entry. * @throws JAXBException is thrown when there is a JAXBException. + * @throws UnsupportedEncodingException if the system doesn't support utf-8 */ - protected Document convertEntryToDoc(VulnerabilityType vulnerability) throws JAXBException { + protected Document convertEntryToDoc(VulnerabilityType vulnerability) throws JAXBException, UnsupportedEncodingException { boolean hasApplication = false; Document doc = new Document(); @@ -117,7 +124,7 @@ public class Indexer extends Index implements EntrySaveDelegate { m.marshal(vulnerability, out); - Field xml = new StoredField(Fields.XML, out.toString()); + Field xml = new StoredField(Fields.XML, out.toString("UTF-8")); doc.add(xml); return doc; diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java index fde2435d0..e4a8e227f 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java +++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java @@ -20,9 +20,10 @@ package org.codesecure.dependencycheck.data.nvdcve.xml; import java.io.BufferedReader; import java.io.File; +import java.io.FileInputStream; import java.io.FileNotFoundException; -import java.io.FileReader; import java.io.IOException; +import java.io.InputStreamReader; import java.io.UnsupportedEncodingException; import java.util.logging.Level; import java.util.logging.Logger; @@ -66,14 +67,15 @@ public class NvdCveParser extends Index { * @param file the reference to the NVD CVE file */ public void parse(File file) { - FileReader fr = null; + InputStreamReader fr = null; BufferedReader br = null; Pattern rxEntry = Pattern.compile("^\\s*.*$"); Pattern rxFact = Pattern.compile("^\\s*([^\\<]+).*$"); + //Pattern rxSummary = Pattern.compile("^\\s*([^\\<]+).*$"); try { - fr = new FileReader(file); + + fr = new InputStreamReader(new FileInputStream(file), "UTF-8"); br = new BufferedReader(fr); StringBuilder sb = new StringBuilder(7000); String str = null; @@ -161,7 +163,9 @@ public class NvdCveParser extends Index { Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex); } finally { try { - fr.close(); + if (fr != null) { + fr.close(); + } } catch (IOException ex) { Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex); } diff --git a/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java b/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java index 47a3a93e3..6053026e1 100644 --- a/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java +++ b/src/main/java/org/codesecure/dependencycheck/dependency/Dependency.java @@ -19,7 +19,7 @@ package org.codesecure.dependencycheck.dependency; */ import java.io.File; -import java.io.FileNotFoundException; +import java.io.IOException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.List; @@ -418,7 +418,7 @@ public class Dependency { try { md5 = Checksum.getMD5Checksum(file); sha1 = Checksum.getSHA1Checksum(file); - } catch (FileNotFoundException ex) { + } catch (IOException ex) { Logger.getLogger(Dependency.class.getName()).log(Level.SEVERE, null, ex); } catch (NoSuchAlgorithmException ex) { Logger.getLogger(Dependency.class.getName()).log(Level.SEVERE, null, ex); diff --git a/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java b/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java index 909dd196a..79c5c6d21 100644 --- a/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java +++ b/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java @@ -19,13 +19,14 @@ package org.codesecure.dependencycheck.reporting; */ import java.io.FileInputStream; -import java.io.BufferedWriter; import java.io.File; import java.io.FileNotFoundException; -import java.io.FileWriter; +import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; import java.util.List; import java.util.logging.Level; import java.util.logging.Logger; @@ -94,9 +95,7 @@ public class ReportGenerator { Context c = manager.createContext(); EasyFactoryConfiguration config = new EasyFactoryConfiguration(); config.addDefaultTools(); - config.toolbox("application") - .tool("esc", "org.apache.velocity.tools.generic.EscapeTool") - .tool("org.apache.velocity.tools.generic.DateTool"); + config.toolbox("application").tool("esc", "org.apache.velocity.tools.generic.EscapeTool").tool("org.apache.velocity.tools.generic.DateTool"); manager.configure(config); return c; } @@ -143,21 +142,33 @@ public class ReportGenerator { throw new IOException("Template file doesn't exist"); } - InputStreamReader reader = new InputStreamReader(input); - BufferedWriter writer = null; + InputStreamReader reader = new InputStreamReader(input, "UTF-8"); + OutputStreamWriter writer = null; + OutputStream outputStream = null; try { - writer = new BufferedWriter(new FileWriter(new File(outFileName))); + outputStream = new FileOutputStream(outFileName); + writer = new OutputStreamWriter(outputStream, "UTF-8"); + //writer = new BufferedWriter(oswriter); if (!engine.evaluate(context, writer, templatePath, reader)) { throw new Exception("Failed to convert the template into html."); } writer.flush(); } finally { - try { - writer.close(); - } catch (Exception ex) { - Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINEST, null, ex); + if (writer != null) { + try { + writer.close(); + } catch (Exception ex) { + Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINEST, null, ex); + } + } + if (outputStream != null) { + try { + outputStream.close(); + } catch (Exception ex) { + Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINEST, null, ex); + } } try { reader.close(); diff --git a/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java b/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java index 454994474..1214f42de 100644 --- a/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java +++ b/src/main/java/org/codesecure/dependencycheck/utils/Checksum.java @@ -2,7 +2,6 @@ package org.codesecure.dependencycheck.utils; import java.io.File; import java.io.FileInputStream; -import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.security.MessageDigest; @@ -30,29 +29,30 @@ public class Checksum { * @param algorithm the algorithm to use to calculate the checksum * @param file the file to calculate the checksum for * @return the checksum - * @throws FileNotFoundException when the file does not exist + * @throws IOException when the file does not exist * @throws NoSuchAlgorithmException when an algorithm is specified that does * not exist */ - public static byte[] getChecksum(String algorithm, File file) throws FileNotFoundException, NoSuchAlgorithmException { - InputStream fis = new FileInputStream(file); + public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException { + InputStream fis = null; byte[] buffer = new byte[1024]; MessageDigest complete = MessageDigest.getInstance(algorithm); int numRead; try { + fis = new FileInputStream(file); do { numRead = fis.read(buffer); if (numRead > 0) { complete.update(buffer, 0, numRead); } } while (numRead != -1); - } catch (IOException ex) { - Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex); } finally { - try { - fis.close(); - } catch (IOException ex) { - Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex); + if (fis != null) { + try { + fis.close(); + } catch (IOException ex) { + Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex); + } } } return complete.digest(); @@ -63,10 +63,10 @@ public class Checksum { * * @param file the file to generate the MD5 checksum * @return the hex representation of the MD5 hash - * @throws FileNotFoundException when the file passed in does not exist + * @throws IOException when the file passed in does not exist * @throws NoSuchAlgorithmException when the MD5 algorithm is not available */ - public static String getMD5Checksum(File file) throws FileNotFoundException, NoSuchAlgorithmException { + public static String getMD5Checksum(File file) throws IOException, NoSuchAlgorithmException { byte[] b = getChecksum("MD5", file); return getHex(b); } @@ -76,10 +76,10 @@ public class Checksum { * * @param file the file to generate the MD5 checksum * @return the hex representation of the SHA1 hash - * @throws FileNotFoundException when the file passed in does not exist + * @throws IOException when the file passed in does not exist * @throws NoSuchAlgorithmException when the SHA1 algorithm is not available */ - public static String getSHA1Checksum(File file) throws FileNotFoundException, NoSuchAlgorithmException { + public static String getSHA1Checksum(File file) throws IOException, NoSuchAlgorithmException { byte[] b = getChecksum("SHA1", file); return getHex(b); } diff --git a/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java b/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java index ce66ad0ff..05ebebbfa 100644 --- a/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java +++ b/src/main/java/org/codesecure/dependencycheck/utils/Downloader.java @@ -128,8 +128,8 @@ public class Downloader { String encoding = conn.getContentEncoding(); BufferedOutputStream writer = null; + InputStream reader = null; try { - InputStream reader; if (unzip || (encoding != null && "gzip".equalsIgnoreCase(encoding))) { reader = new GZIPInputStream(conn.getInputStream()); } else if (encoding != null && "deflate".equalsIgnoreCase(encoding)) { @@ -147,6 +147,7 @@ public class Downloader { } catch (Exception ex) { throw new DownloadFailedException("Error saving downloaded file.", ex); } finally { + if (writer != null) { try { writer.close(); writer = null; @@ -154,6 +155,17 @@ public class Downloader { Logger.getLogger(Downloader.class.getName()).log(Level.FINEST, "Error closing the writter in Downloader.", ex); } + } + if (reader != null) { + try { + reader.close(); + reader = null; + } catch (Exception ex) { + + Logger.getLogger(Downloader.class.getName()).log(Level.FINEST, + "Error closing the reader in Downloader.", ex); + } + } try { conn.disconnect(); } finally { diff --git a/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java b/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java index 5edc02477..e4206de58 100644 --- a/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java +++ b/src/main/java/org/codesecure/dependencycheck/utils/FileUtils.java @@ -55,7 +55,7 @@ public class FileUtils { * the contents. * * @param file the File to delete - * @throws IOException + * @throws IOException is thrown if the file could not be deleted */ public static void delete(File file) throws IOException { if (file.isDirectory()) { diff --git a/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java b/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java index d67107544..550a99a66 100644 --- a/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java +++ b/src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java @@ -46,8 +46,9 @@ public class IndexIntegrationTest extends BaseIndexTestCase { @Test public void testUpdate() throws Exception { System.out.println("update"); - Index instance = new Index(); - instance.update(); + //deprecated + //Index instance = new Index(); + //instance.update(); } /** @@ -56,8 +57,9 @@ public class IndexIntegrationTest extends BaseIndexTestCase { @Test public void testUpdateNeeded() throws Exception { System.out.println("updateNeeded"); - Index instance = new Index(); - instance.updateNeeded(); + //deprecated + //Index instance = new Index(); + //instance.updateNeeded(); //if an exception is thrown this test fails. However, because it depends on the // order of the tests what this will return I am just testing for the exception. //assertTrue(expResult < result); diff --git a/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java b/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java index ef6b5789d..a9299fc14 100644 --- a/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java +++ b/src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java @@ -5,7 +5,7 @@ package org.codesecure.dependencycheck.utils; import java.io.File; -import java.io.FileNotFoundException; +import java.io.IOException; import java.security.NoSuchAlgorithmException; import junit.framework.TestCase; import org.junit.Test; @@ -66,7 +66,7 @@ public class ChecksumTest extends TestCase { boolean exceptionThrown = false; try { byte[] result = Checksum.getChecksum(algorithm, file); - } catch (FileNotFoundException ex) { + } catch (IOException ex) { exceptionThrown = true; } assertTrue(exceptionThrown);