github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-02-24 19:35:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

various updates recommended by intelliJ

Browse Source 
Former-commit-id: b3b3e4accfbf29d8df38eeb39a469881348ee26f
This commit is contained in:
Jeremy Long
2013-05-20 22:50:21 -04:00
parent a31a73320b
commit 2d0acaa8ae
13 changed files with 53 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/org/owasp/dependencycheck/Engine.java
View File

@@ -67,13 +67,13 @@ public class Engine {
* Creates a new Engine. * Creates a new Engine.
*/ */
public Engine() { public Engine() {
boolean autoupdate = true; boolean autoUpdate = true;
try { try {
autoupdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE); autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
} catch (InvalidSettingException ex) { } catch (InvalidSettingException ex) {
Logger.getLogger(Engine.class.getName()).log(Level.WARNING, "Invalid setting for auto-update."); Logger.getLogger(Engine.class.getName()).log(Level.WARNING, "Invalid setting for auto-update.");
} }
if (autoupdate) { if (autoUpdate) {
doUpdates(); doUpdates();
} }
loadAnalyzers(); loadAnalyzers();

2
src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
View File

@@ -155,7 +155,7 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
/** /**
* Attempts to trim a maven repo to a common base path. This is typically * Attempts to trim a maven repo to a common base path. This is typically
* [drive]\[repolocation\repository\[path1]\[path2]. * [drive]\[repo_location]\repository\[path1]\[path2].
* *
* @param path the path to trim * @param path the path to trim
* @return a string representing the base path. * @return a string representing the base path.

2
src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -718,7 +718,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
final java.util.jar.JarEntry entry = (java.util.jar.JarEntry) en.nextElement(); final java.util.jar.JarEntry entry = (java.util.jar.JarEntry) en.nextElement();
if (entry.getName().endsWith(".class")) { if (entry.getName().endsWith(".class")) {
hasClasses = true; hasClasses = true;
String[] path = null; String[] path;
if (entry.getName().contains("/")) { if (entry.getName().contains("/")) {
path = entry.getName().toLowerCase().split("/"); path = entry.getName().toLowerCase().split("/");
if ("java".equals(path[0]) if ("java".equals(path[0])

5
src/main/java/org/owasp/dependencycheck/data/cpe/Entry.java
View File

@@ -228,10 +228,7 @@ public class Entry implements Serializable {
return false; return false;
} }
final Entry other = (Entry) obj; final Entry other = (Entry) obj;
if ((this.name == null) ? (other.name != null) : !this.name.equals(other.name)) { return !((this.name == null) ? (other.name != null) : !this.name.equals(other.name));
return false;
}
return true;
} }
@Override @Override

16
src/main/java/org/owasp/dependencycheck/data/cpe/Index.java
View File

@@ -58,8 +58,7 @@ public class Index extends AbstractIndex {
*/ */
public Directory getDirectory() throws IOException { public Directory getDirectory() throws IOException {
final File path = getDataDirectory(); final File path = getDataDirectory();
final Directory dir = FSDirectory.open(path); return FSDirectory.open(path);
return dir;
} }
/** /**
@@ -102,10 +101,7 @@ public class Index extends AbstractIndex {
fieldAnalyzers.put(Fields.VERSION, new VersionAnalyzer(Version.LUCENE_40)); fieldAnalyzers.put(Fields.VERSION, new VersionAnalyzer(Version.LUCENE_40));
fieldAnalyzers.put(Fields.NAME, new KeywordAnalyzer()); fieldAnalyzers.put(Fields.NAME, new KeywordAnalyzer());
final PerFieldAnalyzerWrapper wrapper = new PerFieldAnalyzerWrapper( return new PerFieldAnalyzerWrapper(new FieldAnalyzer(Version.LUCENE_40), fieldAnalyzers);
new FieldAnalyzer(Version.LUCENE_40), fieldAnalyzers);
return wrapper;
} }
/** /**
* The search field analyzer for the product field. * The search field analyzer for the product field.
@@ -133,10 +129,7 @@ public class Index extends AbstractIndex {
fieldAnalyzers.put(Fields.PRODUCT, productSearchFieldAnalyzer); fieldAnalyzers.put(Fields.PRODUCT, productSearchFieldAnalyzer);
fieldAnalyzers.put(Fields.VENDOR, vendorSearchFieldAnalyzer); fieldAnalyzers.put(Fields.VENDOR, vendorSearchFieldAnalyzer);
final PerFieldAnalyzerWrapper wrapper = new PerFieldAnalyzerWrapper( return new PerFieldAnalyzerWrapper(new FieldAnalyzer(Version.LUCENE_40), fieldAnalyzers);
new FieldAnalyzer(Version.LUCENE_40), fieldAnalyzers);
return wrapper;
} }
/** /**
@@ -169,7 +162,6 @@ public class Index extends AbstractIndex {
*/ */
public void saveEntry(Entry entry) throws CorruptIndexException, IOException { public void saveEntry(Entry entry) throws CorruptIndexException, IOException {
final Document doc = convertEntryToDoc(entry); final Document doc = convertEntryToDoc(entry);
//Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId()));
final Term term = new Term(Fields.NAME, entry.getName()); final Term term = new Term(Fields.NAME, entry.getName());
getIndexWriter().updateDocument(term, doc); getIndexWriter().updateDocument(term, doc);
} }
@@ -196,7 +188,7 @@ public class Index extends AbstractIndex {
//TODO revision should likely be its own field //TODO revision should likely be its own field
if (entry.getVersion() != null) { if (entry.getVersion() != null) {
Field version = null; Field version;
if (entry.getRevision() != null) { if (entry.getRevision() != null) {
version = new TextField(Fields.VERSION, entry.getVersion() + " " version = new TextField(Fields.VERSION, entry.getVersion() + " "
+ entry.getRevision(), Field.Store.NO); + entry.getRevision(), Field.Store.NO);

4
src/main/java/org/owasp/dependencycheck/data/cwe/CweDB.java
View File

@@ -53,9 +53,7 @@ public final class CweDB {
final String filePath = "data/cwe.hashmap.serialized"; final String filePath = "data/cwe.hashmap.serialized";
final InputStream input = CweDB.class.getClassLoader().getResourceAsStream(filePath); final InputStream input = CweDB.class.getClassLoader().getResourceAsStream(filePath);
oin = new ObjectInputStream(input); oin = new ObjectInputStream(input);
@SuppressWarnings("unchecked") return (HashMap<String, String>) oin.readObject();
final HashMap<String, String> data = (HashMap<String, String>) oin.readObject();
return data;
} catch (ClassNotFoundException ex) { } catch (ClassNotFoundException ex) {
Logger.getLogger(CweDB.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(CweDB.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) { } catch (IOException ex) {

5
src/main/java/org/owasp/dependencycheck/data/lucene/AbstractIndex.java
View File

@@ -250,14 +250,11 @@ public abstract class AbstractIndex {
* @throws IOException is thrown if there is an issue with the underlying Index * @throws IOException is thrown if there is an issue with the underlying Index
*/ */
public TopDocs search(String searchString, int maxQueryResults) throws ParseException, IOException { public TopDocs search(String searchString, int maxQueryResults) throws ParseException, IOException {
final QueryParser parser = getQueryParser(); final QueryParser parser = getQueryParser();
final Query query = parser.parse(searchString); final Query query = parser.parse(searchString);
resetSearchingAnalyzer(); resetSearchingAnalyzer();
final IndexSearcher is = getIndexSearcher(); final IndexSearcher is = getIndexSearcher();
final TopDocs docs = is.search(query, maxQueryResults); return is.search(query, maxQueryResults);
return docs;
} }
/** /**

6
src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
View File

@@ -305,11 +305,11 @@ public class CveDB {
rsS = selectSoftware.executeQuery(); rsS = selectSoftware.executeQuery();
while (rsS.next()) { while (rsS.next()) {
final String cpe = rsS.getString(1); final String cpe = rsS.getString(1);
final String prevVers = rsS.getString(2); final String prevVersion = rsS.getString(2);
if (prevVers == null) { if (prevVersion == null) {
vuln.addVulnerableSoftware(cpe); vuln.addVulnerableSoftware(cpe);
} else { } else {
vuln.addVulnerableSoftware(cpe, prevVers); vuln.addVulnerableSoftware(cpe, prevVersion);
} }
} }
} }

26
src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java
View File

@@ -147,6 +147,15 @@ public class DatabaseUpdater implements CachedWebDataSource {
outputPath.deleteOnExit(); outputPath.deleteOnExit();
} }
} }
try {
if (outputPath12 != null && outputPath12.exists()) {
outputPath12.delete();
}
} finally {
if (outputPath12 != null && outputPath12.exists()) {
outputPath12.deleteOnExit();
}
}
} }
} }
} }
@@ -167,7 +176,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
* @param oldVersion contains the file containing the NVD CVE XML 1.2 * @param oldVersion contains the file containing the NVD CVE XML 1.2
* @throws ParserConfigurationException is thrown if there is a parser configuration exception * @throws ParserConfigurationException is thrown if there is a parser configuration exception
* @throws SAXException is thrown if there is a SAXException * @throws SAXException is thrown if there is a SAXException
* @throws IOException is thrown if there is a IOException * @throws IOException is thrown if there is a ioexception
* @throws SQLException is thrown if there is a sql exception * @throws SQLException is thrown if there is a sql exception
* @throws DatabaseException is thrown if there is a database exception * @throws DatabaseException is thrown if there is a database exception
*/ */
@@ -255,7 +264,14 @@ public class DatabaseUpdater implements CachedWebDataSource {
try { try {
out.close(); out.close();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, null, ex);
}
}
if (os != null) {
try {
os.close();
} catch (IOException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, null, ex);
} }
} }
} }
@@ -311,7 +327,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
prop.load(is); prop.load(is);
boolean deleteAndRecreate = false; boolean deleteAndRecreate = false;
float version = 0; float version;
if (prop.getProperty("version") == null) { if (prop.getProperty("version") == null) {
deleteAndRecreate = true; deleteAndRecreate = true;
@@ -333,8 +349,8 @@ public class DatabaseUpdater implements CachedWebDataSource {
FileUtils.delete(f); FileUtils.delete(f);
//this importer also updates the CPE index and it is also using an old version //this importer also updates the CPE index and it is also using an old version
final Index cpeid = new Index(); final Index cpeId = new Index();
final File cpeDir = cpeid.getDataDirectory(); final File cpeDir = cpeId.getDataDirectory();
FileUtils.delete(cpeDir); FileUtils.delete(cpeDir);
return currentlyPublished; return currentlyPublished;
} }

2
src/main/java/org/owasp/dependencycheck/dependency/EvidenceCollection.java
View File

@@ -80,7 +80,7 @@ public class EvidenceCollection implements Iterable<Evidence> {
* *
* @param confidence the confidence level for the evidence to be iterated * @param confidence the confidence level for the evidence to be iterated
* over. * over.
* @return Iterable<Evidence>. * @return Iterable<Evidence> an iterable collectoin of evidence
*/ */
public final Iterable<Evidence> iterator(Evidence.Confidence confidence) { public final Iterable<Evidence> iterator(Evidence.Confidence confidence) {
if (confidence == Evidence.Confidence.HIGH) { if (confidence == Evidence.Confidence.HIGH) {

7
src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java
View File

@@ -193,14 +193,13 @@ public class ReportGenerator {
OutputStream outputStream = null; OutputStream outputStream = null;
try { try {
File foutDir = new File(outFileName).getParentFile(); File outDir = new File(outFileName).getParentFile();
if (!foutDir.exists()) { if (!outDir.exists()) {
foutDir.mkdirs(); outDir.mkdirs();
} }
outputStream = new FileOutputStream(outFileName); outputStream = new FileOutputStream(outFileName);
writer = new OutputStreamWriter(outputStream, "UTF-8"); writer = new OutputStreamWriter(outputStream, "UTF-8");
//writer = new BufferedWriter(oswriter);
if (!engine.evaluate(context, writer, templatePath, reader)) { if (!engine.evaluate(context, writer, templatePath, reader)) {
throw new Exception("Failed to convert the template into html."); throw new Exception("Failed to convert the template into html.");

25
src/main/java/org/owasp/dependencycheck/utils/CliParser.java
View File

@@ -75,8 +75,7 @@ public final class CliParser {
*/ */
private CommandLine parseArgs(String[] args) throws ParseException { private CommandLine parseArgs(String[] args) throws ParseException {
final CommandLineParser parser = new PosixParser(); final CommandLineParser parser = new PosixParser();
final CommandLine ln = parser.parse(options, args); return parser.parse(options, args);
return ln;
} }
/** /**
@@ -102,7 +101,7 @@ public final class CliParser {
+ "the 'out' argument."); + "the 'out' argument.");
} }
} }
if (!line.hasOption(ArgumentName.APPNAME)) { if (!line.hasOption(ArgumentName.APP_NAME)) {
throw new ParseException("Scan cannot be run without specifying an application " throw new ParseException("Scan cannot be run without specifying an application "
+ "name via the 'app' argument."); + "name via the 'app' argument.");
} }
@@ -166,12 +165,12 @@ public final class CliParser {
final Option version = new Option(ArgumentName.VERSION_SHORT, ArgumentName.VERSION, final Option version = new Option(ArgumentName.VERSION_SHORT, ArgumentName.VERSION,
false, "print the version information."); false, "print the version information.");
final Option noupdate = new Option(ArgumentName.DISABLE_AUTO_UPDATE_SHORT, ArgumentName.DISABLE_AUTO_UPDATE, final Option noUpdate = new Option(ArgumentName.DISABLE_AUTO_UPDATE_SHORT, ArgumentName.DISABLE_AUTO_UPDATE,
false, "disables the automatic updating of the CPE data."); false, "disables the automatic updating of the CPE data.");
final Option appname = OptionBuilder.withArgName("name").hasArg().withLongOpt(ArgumentName.APPNAME) final Option appName = OptionBuilder.withArgName("name").hasArg().withLongOpt(ArgumentName.APP_NAME)
.withDescription("the name of the application being scanned.") .withDescription("the name of the application being scanned.")
.create(ArgumentName.APPNAME_SHORT); .create(ArgumentName.APP_NAME_SHORT);
final Option connectionTimeout = OptionBuilder.withArgName("timeout").hasArg().withLongOpt(ArgumentName.CONNECTION_TIMEOUT) final Option connectionTimeout = OptionBuilder.withArgName("timeout").hasArg().withLongOpt(ArgumentName.CONNECTION_TIMEOUT)
.withDescription("the connection timeout (in milliseconds) to use when downloading resources.") .withDescription("the connection timeout (in milliseconds) to use when downloading resources.")
@@ -197,7 +196,7 @@ public final class CliParser {
.withDescription("the folder to write reports to.") .withDescription("the folder to write reports to.")
.create(ArgumentName.OUT_SHORT); .create(ArgumentName.OUT_SHORT);
final Option outputformat = OptionBuilder.withArgName("format").hasArg().withLongOpt(ArgumentName.OUTPUT_FORMAT) final Option outputFormat = OptionBuilder.withArgName("format").hasArg().withLongOpt(ArgumentName.OUTPUT_FORMAT)
.withDescription("the output format to write to (XML, HTML, ALL).") .withDescription("the output format to write to (XML, HTML, ALL).")
.create(ArgumentName.OUTPUT_FORMAT_SHORT); .create(ArgumentName.OUTPUT_FORMAT_SHORT);
@@ -207,11 +206,11 @@ public final class CliParser {
final Options opts = new Options(); final Options opts = new Options();
opts.addOptionGroup(og); opts.addOptionGroup(og);
opts.addOption(out); opts.addOption(out);
opts.addOption(outputformat); opts.addOption(outputFormat);
opts.addOption(appname); opts.addOption(appName);
opts.addOption(version); opts.addOption(version);
opts.addOption(help); opts.addOption(help);
opts.addOption(noupdate); opts.addOption(noUpdate);
opts.addOption(deepScan); opts.addOption(deepScan);
opts.addOption(props); opts.addOption(props);
opts.addOption(proxyPort); opts.addOption(proxyPort);
@@ -301,7 +300,7 @@ public final class CliParser {
* @return the application name. * @return the application name.
*/ */
public String getApplicationName() { public String getApplicationName() {
return line.getOptionValue(ArgumentName.APPNAME); return line.getOptionValue(ArgumentName.APP_NAME);
} }
/** /**
@@ -405,12 +404,12 @@ public final class CliParser {
* The long CLI argument name specifying the name of the application to * The long CLI argument name specifying the name of the application to
* be scanned. * be scanned.
*/ */
public static final String APPNAME = "app"; public static final String APP_NAME = "app";
/** /**
* The short CLI argument name specifying the name of the application to * The short CLI argument name specifying the name of the application to
* be scanned. * be scanned.
*/ */
public static final String APPNAME_SHORT = "a"; public static final String APP_NAME_SHORT = "a";
/** /**
* The long CLI argument name asking for help. * The long CLI argument name asking for help.
*/ */

2
src/main/java/org/owasp/dependencycheck/utils/Downloader.java
View File

@@ -126,7 +126,7 @@ public final class Downloader {
writer = new BufferedOutputStream(new FileOutputStream(outputPath)); writer = new BufferedOutputStream(new FileOutputStream(outputPath));
final byte[] buffer = new byte[4096]; final byte[] buffer = new byte[4096];
int bytesRead = 0; int bytesRead;
while ((bytesRead = reader.read(buffer)) > 0) { while ((bytesRead = reader.read(buffer)) > 0) {
writer.write(buffer, 0, bytesRead); writer.write(buffer, 0, bytesRead);
} }