github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 01:51:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source 
Former-commit-id: 43610b7be6f438085abee3054254daedd7c09177
This commit is contained in:
Steve Springett
2014-11-26 15:03:37 +02:00
parent c54483d36f 2dd02ff8cb
commit 28c1730a02
4 changed files with 49 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java
View File

@@ -32,8 +32,6 @@ import org.owasp.dependencycheck.analyzer.Analyzer;
import org.owasp.dependencycheck.analyzer.AnalyzerService; import org.owasp.dependencycheck.analyzer.AnalyzerService;
import org.owasp.dependencycheck.analyzer.FileTypeAnalyzer; import org.owasp.dependencycheck.analyzer.FileTypeAnalyzer;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException; import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.data.cpe.CpeMemoryIndex;
import org.owasp.dependencycheck.data.cpe.IndexException;
import org.owasp.dependencycheck.data.nvdcve.ConnectionFactory; import org.owasp.dependencycheck.data.nvdcve.ConnectionFactory;
import org.owasp.dependencycheck.data.nvdcve.CveDB; import org.owasp.dependencycheck.data.nvdcve.CveDB;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException; import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
@@ -513,22 +511,20 @@ public class Engine implements Serializable {
* @throws DatabaseException thrown if there is an exception opening the database * @throws DatabaseException thrown if there is an exception opening the database
*/ */
private void ensureDataExists() throws NoDataException, DatabaseException { private void ensureDataExists() throws NoDataException, DatabaseException {
final CpeMemoryIndex cpe = CpeMemoryIndex.getInstance(); //final CpeMemoryIndex cpe = CpeMemoryIndex.getInstance();
final CveDB cve = new CveDB(); final CveDB cve = new CveDB();
try { try {
cve.open(); cve.open();
cpe.open(cve); if (!cve.dataExists()) {
} catch (IndexException ex) { throw new NoDataException("No documents exist");
throw new NoDataException(ex.getMessage(), ex); }
// cpe.open(cve);
// } catch (IndexException ex) {
// throw new NoDataException(ex.getMessage(), ex);
} catch (DatabaseException ex) { } catch (DatabaseException ex) {
throw new NoDataException(ex.getMessage(), ex); throw new NoDataException(ex.getMessage(), ex);
} finally { } finally {
cve.close(); cve.close();
} }
if (cpe.numDocs() <= 0) {
cpe.close();
throw new NoDataException("No documents exist");
}
} }
} }

15
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java
View File

@@ -338,7 +338,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
try { try {
fis.close(); fis.close();
} catch (IOException ex) { } catch (IOException ex) {
LOGGER.log(Level.FINEST, null, ex); LOGGER.log(Level.FINE, null, ex);
} }
} }
} }
@@ -367,8 +367,10 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
final File file = new File(destination, entry.getName()); final File file = new File(destination, entry.getName());
final String ext = FileUtils.getFileExtension(file.getName()); final String ext = FileUtils.getFileExtension(file.getName());
if (engine.supportsExtension(ext)) { if (engine.supportsExtension(ext)) {
final String extracting = String.format("Extracting '%s'", file.getPath());
LOGGER.fine(extracting);
BufferedOutputStream bos = null; BufferedOutputStream bos = null;
FileOutputStream fos; FileOutputStream fos = null;
try { try {
final File parent = file.getParentFile(); final File parent = file.getParentFile();
if (!parent.isDirectory()) { if (!parent.isDirectory()) {
@@ -401,6 +403,13 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
LOGGER.log(Level.FINEST, null, ex); LOGGER.log(Level.FINEST, null, ex);
} }
} }
if (fos != null) {
try {
fos.close();
} catch (IOException ex) {
LOGGER.log(Level.FINEST, null, ex);
}
}
} }
} }
} }
@@ -428,6 +437,8 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
* @throws ArchiveExtractionException thrown if there is an exception decompressing the file * @throws ArchiveExtractionException thrown if there is an exception decompressing the file
*/ */
private void decompressFile(CompressorInputStream inputStream, File outputFile) throws ArchiveExtractionException { private void decompressFile(CompressorInputStream inputStream, File outputFile) throws ArchiveExtractionException {
final String msg = String.format("Decompressing '%s'", outputFile.getPath());
LOGGER.fine(msg);
FileOutputStream out = null; FileOutputStream out = null;
try { try {
out = new FileOutputStream(outputFile); out = new FileOutputStream(outputFile);

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java
View File

@@ -99,7 +99,7 @@ public class CentralAnalyzer extends AbstractFileTypeAnalyzer {
if (Settings.getBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED)) { if (Settings.getBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED)) {
if (!Settings.getBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED) if (!Settings.getBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED)
|| NexusAnalyzer.DEFAULT_URL.equals(Settings.getString(Settings.KEYS.ANALYZER_NEXUS_URL))) { || NexusAnalyzer.DEFAULT_URL.equals(Settings.getString(Settings.KEYS.ANALYZER_NEXUS_URL))) {
LOGGER.info("Enabling the Central analyzer"); LOGGER.fine("Enabling the Central analyzer");
retval = true; retval = true;
} else { } else {
LOGGER.info("Nexus analyzer is enabled, disabling the Central Analyzer"); LOGGER.info("Nexus analyzer is enabled, disabling the Central Analyzer");

29
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
View File

@@ -87,7 +87,9 @@ public class CveDB {
* @throws DatabaseException thrown if there is an error opening the database connection * @throws DatabaseException thrown if there is an error opening the database connection
*/ */
public final void open() throws DatabaseException { public final void open() throws DatabaseException {
conn = ConnectionFactory.getConnection(); if (!isOpen()) {
conn = ConnectionFactory.getConnection();
}
} }
/** /**
@@ -700,6 +702,31 @@ public class CveDB {
} }
} }
/**
* Checks to see if data exists so that analysis can be performed.
*
* @return <code>true</code if data exists; otherwise <code>false</code>
*/
public boolean dataExists() {
Statement cs = null;
ResultSet rs = null;
try {
cs = conn.createStatement();
rs = cs.executeQuery("SELECT COUNT(*) records FROM cpeEntry");
if (rs.next()) {
if (rs.getInt(1) > 0) {
return true;
}
}
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
} finally {
DBUtils.closeResultSet(rs);
DBUtils.closeStatement(cs);
}
return false;
}
/** /**
* It is possible that orphaned rows may be generated during database updates. This should be called after all * It is possible that orphaned rows may be generated during database updates. This should be called after all
* updates have been completed to ensure orphan entries are removed. * updates have been completed to ensure orphan entries are removed.