From 302e8439c610095f1eac74ea2af7b9df19fa8d22 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 4 Aug 2013 10:33:28 -0400 Subject: [PATCH] moved unzip functionality to FileUtils Former-commit-id: f40a62ac7986b99cc1daa04c734a6bfc406af611 --- .../analyzer/ArchiveAnalyzer.java | 103 ++---------------- 1 file changed, 9 insertions(+), 94 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java index bcc36fdbd..f9bb9e43b 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java @@ -18,25 +18,16 @@ */ package org.owasp.dependencycheck.analyzer; -import java.io.BufferedInputStream; -import java.io.BufferedOutputStream; import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; import java.util.ArrayList; import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; -import java.util.logging.Level; -import java.util.logging.Logger; -import java.util.zip.ZipEntry; -import java.util.zip.ZipInputStream; -import org.h2.store.fs.FileUtils; import org.owasp.dependencycheck.Engine; import org.owasp.dependencycheck.dependency.Dependency; +import org.owasp.dependencycheck.utils.ExtractionException; +import org.owasp.dependencycheck.utils.FileUtils; import org.owasp.dependencycheck.utils.Settings; /** @@ -57,10 +48,6 @@ import org.owasp.dependencycheck.utils.Settings; */ public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer { - /** - * The buffer size to use when extracting files from the archive. - */ - private static final int BUFFER_SIZE = 4096; /** * The count of directories created during analysis. This is used for * creating temporary directories. @@ -160,7 +147,7 @@ public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer { @Override public void close() throws Exception { if (tempFileLocation != null && tempFileLocation.exists()) { - FileUtils.deleteRecursive(tempFileLocation.getAbsolutePath(), true); + FileUtils.delete(tempFileLocation, true); } } @@ -177,7 +164,12 @@ public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer { public void analyze(Dependency dependency, Engine engine) throws AnalysisException { final File f = new File(dependency.getActualFilePath()); final File tmpDir = getNextTempDirectory(); - extractFiles(f, tmpDir, engine); + try { + org.owasp.dependencycheck.utils.FileUtils.extractFiles(f, tmpDir, engine); + } catch (ExtractionException ex) { + final String msg = String.format("Unable to extract files from '%s'; this file is being skipped.", dependency.getActualFilePath()); + throw new AnalysisException(msg, ex); + } //make a copy final List dependencies = new ArrayList(engine.getDependencies()); @@ -228,81 +220,4 @@ public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer { } return directory; } - - /** - * Extracts the contents of an archive into the specified directory. - * - * @param archive an archive file such as a WAR or EAR - * @param extractTo a directory to extract the contents to - * @param engine the scanning engine - * @throws AnalysisException thrown if the archive is not found - */ - private void extractFiles(File archive, File extractTo, Engine engine) throws AnalysisException { - if (archive == null || extractTo == null) { - return; - } - - FileInputStream fis = null; - ZipInputStream zis = null; - - try { - fis = new FileInputStream(archive); - } catch (FileNotFoundException ex) { - Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.INFO, null, ex); - throw new AnalysisException("Archive file was not found.", ex); - } - zis = new ZipInputStream(new BufferedInputStream(fis)); - ZipEntry entry; - try { - while ((entry = zis.getNextEntry()) != null) { - if (entry.isDirectory()) { - final File d = new File(extractTo, entry.getName()); - if (!d.mkdirs()) { - throw new AnalysisException("Unable to create '" + d.getAbsolutePath() + "'."); - } - } else { - final File file = new File(extractTo, entry.getName()); - final String ext = org.owasp.dependencycheck.utils.FileUtils.getFileExtension(file.getName()); - if (engine.supportsExtension(ext)) { - BufferedOutputStream bos = null; - FileOutputStream fos; - try { - fos = new FileOutputStream(file); - bos = new BufferedOutputStream(fos, BUFFER_SIZE); - int count; - final byte data[] = new byte[BUFFER_SIZE]; - while ((count = zis.read(data, 0, BUFFER_SIZE)) != -1) { - bos.write(data, 0, count); - } - bos.flush(); - } catch (FileNotFoundException ex) { - Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINE, null, ex); - throw new AnalysisException("Unable to find file '" + file.getName() + "'.", ex); - } catch (IOException ex) { - Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINE, null, ex); - throw new AnalysisException("IO Exception while parsing file '" + file.getName() + "'.", ex); - } finally { - if (bos != null) { - try { - bos.close(); - } catch (IOException ex) { - Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINEST, null, ex); - } - } - } - } - } - } - } catch (IOException ex) { - final String msg = String.format("Exception reading archive '%s'.", archive.getName()); - Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINE, msg, ex); - throw new AnalysisException(msg, ex); - } finally { - try { - zis.close(); - } catch (IOException ex) { - Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINEST, null, ex); - } - } - } }