github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-19 10:07:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

code reorganization, moved files around to better seperate functionality

Browse Source 
Former-commit-id: da6b75d818d67b0c1c695860504aacc00991effa
This commit is contained in:
Jeremy Long
2013-08-29 06:42:16 -04:00
parent 5fab16ad06
commit 2bd03dada4
14 changed files with 33 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCveAnalyzer.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java
View File

@@ -16,7 +16,7 @@
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve;
package org.owasp.dependencycheck.analyzer;
import java.io.IOException;
import java.sql.SQLException;
@@ -29,6 +29,8 @@ import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.analyzer.Analyzer;
import org.owasp.dependencycheck.data.nvdcve.CveDB;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
/**
* NvdCveAnalyzer is a utility class that takes a project dependency and

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/InvalidDataException.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/InvalidDataException.java
View File

@@ -16,7 +16,7 @@
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.nvdcve;
/**
* An InvalidDataDataException is a generic exception used when trying to load

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve12Handler.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve12Handler.java
View File

@@ -16,7 +16,7 @@
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.nvdcve;
import java.util.ArrayList;
import java.util.HashMap;

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve20Handler.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java
View File

@@ -16,7 +16,7 @@
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.nvdcve;
import java.io.IOException;
import java.util.List;
@@ -281,7 +281,7 @@ public class NvdCve20Handler extends DefaultHandler {
*
* @param index the CPE Lucene Index
*/
void setCpeIndex(CpeIndexWriter index) {
public void setCpeIndex(CpeIndexWriter index) {
cpeIndex = index;
}

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DataStoreMetaInfo.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.java
View File

@@ -16,7 +16,7 @@
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.update;
import java.io.File;
import java.io.FileInputStream;
@@ -135,7 +135,7 @@ public class DataStoreMetaInfo {
* @param updatedValue the updated nvdcve entry
* @throws UpdateException is thrown if there is an update exception
*/
public void save(NvdCveUrl updatedValue) throws UpdateException {
public void save(NvdCveInfo updatedValue) throws UpdateException {
if (updatedValue == null) {
return;
}

27
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java
View File

@@ -16,8 +16,11 @@
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.update;
import org.owasp.dependencycheck.data.nvdcve.NvdCve12Handler;
import org.owasp.dependencycheck.data.nvdcve.NvdCve20Handler;
import org.owasp.dependencycheck.data.nvdcve.InvalidDataException;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -47,7 +50,7 @@ import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.FileUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import static org.owasp.dependencycheck.data.nvdcve.xml.DataStoreMetaInfo.MODIFIED;
import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.MODIFIED;
import org.owasp.dependencycheck.utils.InvalidSettingException;
/**
@@ -103,9 +106,9 @@ public class DatabaseUpdater implements CachedWebDataSource {
doBatchUpdate = false;
properties = new DataStoreMetaInfo();
try {
final Map<String, NvdCveUrl> update = updateNeeded();
final Map<String, NvdCveInfo> update = updateNeeded();
int maxUpdates = 0;
for (NvdCveUrl cve : update.values()) {
for (NvdCveInfo cve : update.values()) {
if (cve.getNeedsUpdate()) {
maxUpdates += 1;
}
@@ -128,7 +131,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
}
int count = 0;
for (NvdCveUrl cve : update.values()) {
for (NvdCveInfo cve : update.values()) {
if (cve.getNeedsUpdate()) {
count += 1;
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO,
@@ -354,9 +357,9 @@ public class DatabaseUpdater implements CachedWebDataSource {
* @throws UpdateException Is thrown if there is an issue with the last
* updated properties file.
*/
private Map<String, NvdCveUrl> updateNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
private Map<String, NvdCveInfo> updateNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
Map<String, NvdCveUrl> currentlyPublished;
Map<String, NvdCveInfo> currentlyPublished;
try {
currentlyPublished = retrieveCurrentTimestampsFromWeb();
} catch (InvalidDataException ex) {
@@ -436,7 +439,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
} else { //we figure out which of the several XML files need to be downloaded.
currentlyPublished.get(MODIFIED).setNeedsUpdate(false);
for (int i = start; i <= end; i++) {
final NvdCveUrl cve = currentlyPublished.get(String.valueOf(i));
final NvdCveInfo cve = currentlyPublished.get(String.valueOf(i));
long currentTimestamp = 0;
try {
currentTimestamp = Long.parseLong(properties.getProperty(DataStoreMetaInfo.LAST_UPDATED_BASE + String.valueOf(i), "0"));
@@ -489,13 +492,13 @@ public class DatabaseUpdater implements CachedWebDataSource {
* timestamps
* @throws InvalidSettingException thrown if the settings are invalid
*/
protected Map<String, NvdCveUrl> retrieveCurrentTimestampsFromWeb()
protected Map<String, NvdCveInfo> retrieveCurrentTimestampsFromWeb()
throws MalformedURLException, DownloadFailedException, InvalidDataException, InvalidSettingException {
final Map<String, NvdCveUrl> map = new TreeMap<String, NvdCveUrl>();
final Map<String, NvdCveInfo> map = new TreeMap<String, NvdCveInfo>();
String retrieveUrl = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
NvdCveUrl item = new NvdCveUrl();
NvdCveInfo item = new NvdCveInfo();
item.setNeedsUpdate(false); //the others default to true, to make life easier later this should default to false.
item.setId(MODIFIED);
item.setUrl(retrieveUrl);
@@ -512,7 +515,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
final String baseUrl12 = Settings.getString(Settings.KEYS.CVE_SCHEMA_1_2);
for (int i = start; i <= end; i++) {
retrieveUrl = String.format(baseUrl20, i);
item = new NvdCveUrl();
item = new NvdCveInfo();
item.setId(Integer.toString(i));
item.setUrl(retrieveUrl);
item.setOldSchemaVersionUrl(String.format(baseUrl12, i));

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCveUrl.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveInfo.java
View File

@@ -16,12 +16,12 @@
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.update;
/**
* A pojo that contains the Url and timestamp of the current NvdCve XML files.
*/
public class NvdCveUrl {
public class NvdCveInfo {
/**
* an id.

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/package-info.java → dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/package-info.java
View File

@@ -15,4 +15,4 @@
* </html>
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.update;

2
dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
View File

@@ -5,4 +5,4 @@ org.owasp.dependencycheck.analyzer.HintAnalyzer
org.owasp.dependencycheck.analyzer.DependencyBundlingAnalyzer
org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer
org.owasp.dependencycheck.analyzer.CPEAnalyzer
org.owasp.dependencycheck.data.nvdcve.NvdCveAnalyzer
org.owasp.dependencycheck.analyzer.NvdCveAnalyzer

2
dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.data.CachedWebDataSource
View File

@@ -1 +1 @@
org.owasp.dependencycheck.data.nvdcve.xml.DatabaseUpdater
org.owasp.dependencycheck.data.update.DatabaseUpdater