From 3febed82f13e69506b7d6e3a5135a03863b839b0 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sat, 8 Feb 2014 22:37:11 -0500
Subject: [PATCH] added build-id to specific items in the manifest to patch
 dependencies like batli-util.jar in issue #34

Former-commit-id: 1dfd295cc9c9fa18ab2d271c2a51f4acd98f6421
---
 .../owasp/dependencycheck/analyzer/JarAnalyzer.java   | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
index e14a8a39f..c8734f483 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
@@ -768,7 +768,16 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
                             } else {
                                 versionEvidence.addEvidence(source, key, value, Confidence.MEDIUM);
                             }
-
+                        } else if (key.equals("build-id")) {
+                            int pos = value.indexOf('(');
+                            if (pos >= 0) {
+                                value = value.substring(0, pos - 1);
+                            }
+                            pos = value.indexOf('[');
+                            if (pos >= 0) {
+                                value = value.substring(0, pos - 1);
+                            }
+                            versionEvidence.addEvidence(source, key, value, Confidence.MEDIUM);
                         } else if (key.contains("title")) {
                             productEvidence.addEvidence(source, key, value, Confidence.MEDIUM);
                             addMatchingValues(classInformation, value, productEvidence);