From 433c2e59162e82a2b8124a0b2e5d91d37cfca5bf Mon Sep 17 00:00:00 2001 From: Dale Visser Date: Thu, 9 Jul 2015 16:35:04 -0400 Subject: [PATCH] OpenSSL: Updates to use FileFilter instead of file extension. Former-commit-id: 974bc28171b5b3ac3e772c93447489e1afb797f1 --- .../analyzer/OpenSSLAnalyzer.java | 36 +++++++------------ .../analyzer/OpenSSLAnalyzerTest.java | 24 +++---------- 2 files changed, 18 insertions(+), 42 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.java index 92420a027..2940fed57 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.java @@ -18,18 +18,16 @@ package org.owasp.dependencycheck.analyzer; import org.apache.commons.io.FileUtils; -import org.apache.commons.io.filefilter.NameFileFilter; import org.owasp.dependencycheck.Engine; import org.owasp.dependencycheck.analyzer.exception.AnalysisException; import org.owasp.dependencycheck.dependency.Confidence; import org.owasp.dependencycheck.dependency.Dependency; +import org.owasp.dependencycheck.utils.FileFilterBuilder; import org.owasp.dependencycheck.utils.Settings; import java.io.File; import java.io.FileFilter; import java.io.IOException; -import java.util.Collections; -import java.util.Set; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -46,15 +44,10 @@ public class OpenSSLAnalyzer extends AbstractFileTypeAnalyzer { */ private static final String OPENSSLV_H = "opensslv.h"; - /** - * Filename extensions for files to be analyzed. - */ - private static final Set EXTENSIONS = Collections - .unmodifiableSet(Collections.singleton("h")); /** * Filter that detects files named "__init__.py". */ - private static final FileFilter OPENSSLV_FILTER = new NameFileFilter(OPENSSLV_H); + private static final FileFilter OPENSSLV_FILTER = FileFilterBuilder.newInstance().addFilenames(OPENSSLV_H).build(); private static final Pattern VERSION_PATTERN = Pattern.compile( "define\\s+OPENSSL_VERSION_NUMBER\\s+0x([0-9a-zA-Z]{8})L", Pattern.DOTALL | Pattern.CASE_INSENSITIVE); @@ -107,8 +100,8 @@ public class OpenSSLAnalyzer extends AbstractFileTypeAnalyzer { * @return the set of supported file extensions */ @Override - protected Set getSupportedExtensions() { - return EXTENSIONS; + protected FileFilter getFileFilter() { + return OPENSSLV_FILTER; } /** @@ -132,18 +125,15 @@ public class OpenSSLAnalyzer extends AbstractFileTypeAnalyzer { protected void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException { final File file = dependency.getActualFile(); - final File parent = file.getParentFile(); - final String parentName = parent.getName(); + final String parentName = file.getParentFile().getName(); boolean found = false; - if (OPENSSLV_FILTER.accept(file)) { - final String contents = getFileContents(file); - if (!contents.isEmpty()) { - final Matcher matcher = VERSION_PATTERN.matcher(contents); - while (matcher.find()) { - dependency.getVersionEvidence().addEvidence(OPENSSLV_H, "Version Constant", - getOpenSSLVersion(Long.parseLong(matcher.group(1), HEXADECIMAL)), Confidence.HIGH); - found = true; - } + final String contents = getFileContents(file); + if (!contents.isEmpty()) { + final Matcher matcher = VERSION_PATTERN.matcher(contents); + if (matcher.find()) { + dependency.getVersionEvidence().addEvidence(OPENSSLV_H, "Version Constant", + getOpenSSLVersion(Long.parseLong(matcher.group(1), HEXADECIMAL)), Confidence.HIGH); + found = true; } } if (found) { @@ -164,7 +154,7 @@ public class OpenSSLAnalyzer extends AbstractFileTypeAnalyzer { */ private String getFileContents(final File actualFile) throws AnalysisException { - String contents = ""; + String contents; try { contents = FileUtils.readFileToString(actualFile).trim(); } catch (IOException e) { diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java index d81df57a8..c5fcc289e 100644 --- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java +++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java @@ -17,7 +17,6 @@ */ package org.owasp.dependencycheck.analyzer; -import org.apache.commons.lang.StringUtils; import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -25,11 +24,10 @@ import org.owasp.dependencycheck.BaseTest; import org.owasp.dependencycheck.analyzer.exception.AnalysisException; import org.owasp.dependencycheck.dependency.Dependency; -import java.util.Arrays; -import java.util.HashSet; +import java.io.File; +import static org.hamcrest.CoreMatchers.containsString; import static org.junit.Assert.*; -import static org.hamcrest.CoreMatchers.*; /** * Unit tests for OpenSSLAnalyzerAnalyzer. @@ -75,25 +73,13 @@ public class OpenSSLAnalyzerTest extends BaseTest { analyzer.getName()); } - /** - * Test of getSupportedExtensions method, of class OpenSSLAnalyzer. - */ - @Test - public void testGetSupportedExtensions() { - final String[] expected = {"h"}; - assertEquals("Supported extensions should just have the following: " - + StringUtils.join(expected, ", "), - new HashSet(Arrays.asList(expected)), - analyzer.getSupportedExtensions()); - } - /** * Test of supportsExtension method, of class PythonPackageAnalyzer. */ @Test - public void testSupportsExtension() { - assertTrue("Should support \"h\" extension.", - analyzer.supportsExtension("h")); + public void testAccept() { + assertTrue("Should support files named \"opensslv.h\".", + analyzer.accept(new File("opensslv.h"))); } @Test