mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
added generic methods to get references to resources to resolve issue #181
Former-commit-id: 465d3310b1ad5b54e49ab65e5e0e4b003f79998b
This commit is contained in:
Jeremy Long
@@ -15,7 +15,10 @@
|
||||
*/
|
||||
package org.owasp.dependencycheck;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.InputStream;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.Assume;
|
||||
import org.junit.BeforeClass;
|
||||
import org.owasp.dependencycheck.utils.Settings;
|
||||
|
||||
@@ -34,4 +37,31 @@ public class BaseTest {
|
||||
public static void tearDownClass() throws Exception {
|
||||
Settings.cleanup(true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the given resource as an InputStream using the object's class loader. The org.junit.Assume API is used so that test
|
||||
* cases are skipped if the resource is not available.
|
||||
*
|
||||
* @param o the object used to obtain a reference to the class loader
|
||||
* @param resource the name of the resource to load
|
||||
* @return the resource as an InputStream
|
||||
*/
|
||||
public static InputStream getResourceAsStream(Object o, String resource) {
|
||||
getResourceAsFile(o, resource);
|
||||
return o.getClass().getClassLoader().getResourceAsStream(resource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the given resource as a File using the object's class loader. The org.junit.Assume API is used so that test cases
|
||||
* are skipped if the resource is not available.
|
||||
*
|
||||
* @param o the object used to obtain a reference to the class loader
|
||||
* @param resource the name of the resource to load
|
||||
* @return the resource as an File
|
||||
*/
|
||||
public static File getResourceAsFile(Object o, String resource) {
|
||||
File f = new File(o.getClass().getClassLoader().getResource(resource).getPath());
|
||||
Assume.assumeTrue(String.format("%n%n[SEVERE] Unable to load resource for test case: %s%n%n", resource), f.exists());
|
||||
return f;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -23,6 +23,7 @@ import java.util.Set;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.Engine;
|
||||
import org.owasp.dependencycheck.data.cpe.AbstractDatabaseTestCase;
|
||||
import org.owasp.dependencycheck.dependency.Dependency;
|
||||
@@ -129,8 +130,8 @@ public class ArchiveAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
instance.supportsExtension("ear");
|
||||
try {
|
||||
instance.initialize();
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("daytrader-ear-2.1.7.ear").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "daytrader-ear-2.1.7.ear");
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("daytrader-ear-2.1.7.ear").getPath());
|
||||
Dependency dependency = new Dependency(file);
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
@@ -162,7 +163,8 @@ public class ArchiveAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
instance.initialize();
|
||||
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("file.tar").getPath());
|
||||
File file = new File(this.getClass().getClassLoader().getResource("stagedhttp-modified.tar").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("stagedhttp-modified.tar").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "stagedhttp-modified.tar");
|
||||
Dependency dependency = new Dependency(file);
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
@@ -191,7 +193,8 @@ public class ArchiveAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
try {
|
||||
instance.initialize();
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("file.tar.gz").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("file.tar.gz").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "file.tar.gz");
|
||||
//Dependency dependency = new Dependency(file);
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
@@ -243,7 +246,8 @@ public class ArchiveAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
try {
|
||||
instance.initialize();
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("file.tgz").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("file.tgz").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "file.tgz");
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED, false);
|
||||
@@ -270,7 +274,8 @@ public class ArchiveAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
try {
|
||||
instance.initialize();
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("test.zip").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("test.zip").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "test.zip");
|
||||
Dependency dependency = new Dependency(file);
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
|
||||
@@ -78,7 +78,8 @@ public class AssemblyAnalyzerTest extends BaseTest {
|
||||
|
||||
@Test
|
||||
public void testAnalysis() throws Exception {
|
||||
File f = new File(AssemblyAnalyzerTest.class.getClassLoader().getResource("GrokAssembly.exe").getPath());
|
||||
//File f = new File(AssemblyAnalyzerTest.class.getClassLoader().getResource("GrokAssembly.exe").getPath());
|
||||
File f = BaseTest.getResourceAsFile(this, "GrokAssembly.exe");
|
||||
Dependency d = new Dependency(f);
|
||||
analyzer.analyze(d, null);
|
||||
boolean foundVendor = false;
|
||||
@@ -100,7 +101,9 @@ public class AssemblyAnalyzerTest extends BaseTest {
|
||||
|
||||
@Test
|
||||
public void testLog4Net() throws Exception {
|
||||
File f = new File(AssemblyAnalyzerTest.class.getClassLoader().getResource("log4net.dll").getPath());
|
||||
//File f = new File(AssemblyAnalyzerTest.class.getClassLoader().getResource("log4net.dll").getPath());
|
||||
File f = BaseTest.getResourceAsFile(this, "log4net.dll");
|
||||
|
||||
Dependency d = new Dependency(f);
|
||||
analyzer.analyze(d, null);
|
||||
assertTrue(d.getVersionEvidence().getEvidence().contains(new Evidence("grokassembly", "version", "1.2.13.0", Confidence.HIGHEST)));
|
||||
@@ -115,7 +118,8 @@ public class AssemblyAnalyzerTest extends BaseTest {
|
||||
// Tweak the log level so the warning doesn't show in the console
|
||||
Logger.getLogger(AssemblyAnalyzer.class.getName()).setLevel(Level.OFF);
|
||||
Logger.getLogger(Dependency.class.getName()).setLevel(Level.OFF);
|
||||
File f = new File(AssemblyAnalyzerTest.class.getClassLoader().getResource("log4net.dll").getPath());
|
||||
//File f = new File(AssemblyAnalyzerTest.class.getClassLoader().getResource("log4net.dll").getPath());
|
||||
File f = BaseTest.getResourceAsFile(this, "log4net.dll");
|
||||
File test = new File(f.getParent(), "nonexistent.dll");
|
||||
Dependency d = new Dependency(test);
|
||||
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.apache.lucene.queryparser.classic.ParseException;
|
||||
import org.junit.Assert;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.data.cpe.AbstractDatabaseTestCase;
|
||||
import org.owasp.dependencycheck.data.cpe.IndexEntry;
|
||||
import org.owasp.dependencycheck.dependency.Confidence;
|
||||
@@ -110,7 +111,8 @@ public class CPEAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
*/
|
||||
public void callDetermineCPE_full(String depName, String expResult, CPEAnalyzer instance, FileNameAnalyzer fnAnalyzer, JarAnalyzer jarAnalyzer, HintAnalyzer hAnalyzer, FalsePositiveAnalyzer fp) throws Exception {
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource(depName).getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource(depName).getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, depName);
|
||||
|
||||
Dependency dep = new Dependency(file);
|
||||
|
||||
@@ -137,7 +139,8 @@ public class CPEAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
*/
|
||||
@Test
|
||||
public void testDetermineCPE() throws Exception {
|
||||
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
|
||||
Dependency struts = new Dependency(file);
|
||||
|
||||
@@ -147,15 +150,18 @@ public class CPEAnalyzerIntegrationTest extends AbstractDatabaseTestCase {
|
||||
JarAnalyzer jarAnalyzer = new JarAnalyzer();
|
||||
jarAnalyzer.analyze(struts, null);
|
||||
|
||||
File fileCommonValidator = new File(this.getClass().getClassLoader().getResource("commons-validator-1.4.0.jar").getPath());
|
||||
//File fileCommonValidator = new File(this.getClass().getClassLoader().getResource("commons-validator-1.4.0.jar").getPath());
|
||||
File fileCommonValidator = BaseTest.getResourceAsFile(this, "commons-validator-1.4.0.jar");
|
||||
Dependency commonValidator = new Dependency(fileCommonValidator);
|
||||
jarAnalyzer.analyze(commonValidator, null);
|
||||
|
||||
File fileSpring = new File(this.getClass().getClassLoader().getResource("spring-core-2.5.5.jar").getPath());
|
||||
//File fileSpring = new File(this.getClass().getClassLoader().getResource("spring-core-2.5.5.jar").getPath());
|
||||
File fileSpring = BaseTest.getResourceAsFile(this, "spring-core-2.5.5.jar");
|
||||
Dependency spring = new Dependency(fileSpring);
|
||||
jarAnalyzer.analyze(spring, null);
|
||||
|
||||
File fileSpring3 = new File(this.getClass().getClassLoader().getResource("spring-core-3.0.0.RELEASE.jar").getPath());
|
||||
//File fileSpring3 = new File(this.getClass().getClassLoader().getResource("spring-core-3.0.0.RELEASE.jar").getPath());
|
||||
File fileSpring3 = BaseTest.getResourceAsFile(this, "spring-core-3.0.0.RELEASE.jar");
|
||||
Dependency spring3 = new Dependency(fileSpring3);
|
||||
jarAnalyzer.analyze(spring3, null);
|
||||
|
||||
|
||||
@@ -21,6 +21,7 @@ import java.io.File;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.dependency.Dependency;
|
||||
|
||||
/**
|
||||
@@ -56,9 +57,11 @@ public class FileNameAnalyzerTest {
|
||||
*/
|
||||
@Test
|
||||
public void testAnalyze() throws Exception {
|
||||
File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
//File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
Dependency resultStruts = new Dependency(struts);
|
||||
File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
|
||||
//File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
|
||||
File axis = BaseTest.getResourceAsFile(this, "axis2-adb-1.4.1.jar");
|
||||
Dependency resultAxis = new Dependency(axis);
|
||||
FileNameAnalyzer instance = new FileNameAnalyzer();
|
||||
instance.analyze(resultStruts, null);
|
||||
|
||||
@@ -69,9 +69,11 @@ public class HintAnalyzerTest extends BaseTest {
|
||||
public void testAnalyze() throws Exception {
|
||||
HintAnalyzer instance = new HintAnalyzer();
|
||||
|
||||
File guice = new File(this.getClass().getClassLoader().getResource("guice-3.0.jar").getPath());
|
||||
//File guice = new File(this.getClass().getClassLoader().getResource("guice-3.0.jar").getPath());
|
||||
File guice = BaseTest.getResourceAsFile(this, "guice-3.0.jar");
|
||||
//Dependency guice = new Dependency(fileg);
|
||||
File spring = new File(this.getClass().getClassLoader().getResource("spring-core-3.0.0.RELEASE.jar").getPath());
|
||||
//File spring = new File(this.getClass().getClassLoader().getResource("spring-core-3.0.0.RELEASE.jar").getPath());
|
||||
File spring = BaseTest.getResourceAsFile(this, "spring-core-3.0.0.RELEASE.jar");
|
||||
//Dependency spring = new Dependency(files);
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
|
||||
@@ -41,14 +41,16 @@ public class JarAnalyzerTest extends BaseTest {
|
||||
*/
|
||||
@Test
|
||||
public void testAnalyze() throws Exception {
|
||||
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
Dependency result = new Dependency(file);
|
||||
JarAnalyzer instance = new JarAnalyzer();
|
||||
instance.analyze(result, null);
|
||||
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("apache"));
|
||||
assertTrue(result.getVendorEvidence().getWeighting().contains("apache"));
|
||||
|
||||
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
|
||||
//file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
|
||||
file = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar");
|
||||
result = new Dependency(file);
|
||||
instance.analyze(result, null);
|
||||
boolean found = false;
|
||||
@@ -81,7 +83,8 @@ public class JarAnalyzerTest extends BaseTest {
|
||||
}
|
||||
assertTrue("implementation-version of 4.2.27 not found in org.mortbay.jetty.jar", found);
|
||||
|
||||
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jmx.jar").getPath());
|
||||
//file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jmx.jar").getPath());
|
||||
file = BaseTest.getResourceAsFile(this, "org.mortbay.jmx.jar");
|
||||
result = new Dependency(file);
|
||||
instance.analyze(result, null);
|
||||
assertEquals("org.mortbar,jmx.jar has version evidence?", result.getVersionEvidence().size(), 0);
|
||||
|
||||
@@ -84,9 +84,12 @@ public class JavaScriptAnalyzerTest extends BaseTest {
|
||||
*/
|
||||
@Test
|
||||
public void testAnalyze() throws Exception {
|
||||
File jq6 = new File(this.getClass().getClassLoader().getResource("jquery-1.6.2.min.js").getPath());
|
||||
File jq10 = new File(this.getClass().getClassLoader().getResource("jquery-1.10.2.js").getPath());
|
||||
File jq10min = new File(this.getClass().getClassLoader().getResource("jquery-1.10.2.min.js").getPath());
|
||||
//File jq6 = new File(this.getClass().getClassLoader().getResource("jquery-1.6.2.min.js").getPath());
|
||||
File jq6 = BaseTest.getResourceAsFile(this, "jquery-1.6.2.min.js");
|
||||
//File jq10 = new File(this.getClass().getClassLoader().getResource("jquery-1.10.2.js").getPath());
|
||||
File jq10 = BaseTest.getResourceAsFile(this, "jquery-1.10.2.js");
|
||||
//File jq10min = new File(this.getClass().getClassLoader().getResource("jquery-1.10.2.min.js").getPath());
|
||||
File jq10min = BaseTest.getResourceAsFile(this, "jquery-1.10.2.min.js");
|
||||
Dependency depJQ6 = new Dependency(jq6);
|
||||
Dependency depJQ10 = new Dependency(jq10);
|
||||
Dependency depJQ10min = new Dependency(jq10min);
|
||||
|
||||
@@ -21,6 +21,7 @@ import java.io.File;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.Engine;
|
||||
import org.owasp.dependencycheck.data.cpe.AbstractDatabaseTestCase;
|
||||
import org.owasp.dependencycheck.dependency.Dependency;
|
||||
@@ -61,8 +62,10 @@ public class VulnerabilitySuppressionAnalyzerIntegrationTest extends AbstractDat
|
||||
@Test
|
||||
public void testAnalyze() throws Exception {
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("commons-fileupload-1.2.1.jar").getPath());
|
||||
File suppression = new File(this.getClass().getClassLoader().getResource("commons-fileupload-1.2.1.suppression.xml").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("commons-fileupload-1.2.1.jar").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.jar");
|
||||
//File suppression = new File(this.getClass().getClassLoader().getResource("commons-fileupload-1.2.1.suppression.xml").getPath());
|
||||
File suppression = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.suppression.xml");
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
|
||||
Settings.setBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED, false);
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
package org.owasp.dependencycheck.data.nuget;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.File;
|
||||
import java.io.InputStream;
|
||||
import java.io.PrintStream;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
@@ -39,7 +40,8 @@ public class XPathNuspecParserTest extends BaseTest {
|
||||
@Test
|
||||
public void testGoodDocument() throws Exception {
|
||||
NuspecParser parser = new XPathNuspecParser();
|
||||
InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("log4net.2.0.3.nuspec");
|
||||
//InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("log4net.2.0.3.nuspec");
|
||||
InputStream is = BaseTest.getResourceAsStream(this, "log4net.2.0.3.nuspec");
|
||||
NugetPackage np = parser.parse(is);
|
||||
assertEquals("log4net", np.getId());
|
||||
assertEquals("2.0.3", np.getVersion());
|
||||
@@ -57,7 +59,8 @@ public class XPathNuspecParserTest extends BaseTest {
|
||||
@Test(expected = NuspecParseException.class)
|
||||
public void testMissingDocument() throws Exception {
|
||||
NuspecParser parser = new XPathNuspecParser();
|
||||
InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("dependencycheck.properties");
|
||||
//InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("dependencycheck.properties");
|
||||
InputStream is = BaseTest.getResourceAsStream(this, "dependencycheck.properties");
|
||||
|
||||
//hide the fatal message from the core parser
|
||||
final ByteArrayOutputStream myOut = new ByteArrayOutputStream();
|
||||
@@ -74,7 +77,8 @@ public class XPathNuspecParserTest extends BaseTest {
|
||||
@Test(expected = NuspecParseException.class)
|
||||
public void testNotNuspec() throws Exception {
|
||||
NuspecParser parser = new XPathNuspecParser();
|
||||
InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("suppressions.xml");
|
||||
//InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("suppressions.xml");
|
||||
InputStream is = BaseTest.getResourceAsStream(this, "suppressions.xml");
|
||||
NugetPackage np = parser.parse(is);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,6 +27,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -85,7 +86,8 @@ public class DriverLoaderTest {
|
||||
public void testLoad_String_String() throws Exception {
|
||||
String className = "com.mysql.jdbc.Driver";
|
||||
//we know this is in target/test-classes
|
||||
File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
//File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
|
||||
File driver = new File(testClassPath, "../../src/test/resources/mysql-connector-java-5.1.27-bin.jar");
|
||||
assertTrue("MySQL Driver JAR file not found in src/test/resources?", driver.isFile());
|
||||
|
||||
@@ -108,7 +110,8 @@ public class DriverLoaderTest {
|
||||
public void testLoad_String_String_multiple_paths() throws Exception {
|
||||
final String className = "com.mysql.jdbc.Driver";
|
||||
//we know this is in target/test-classes
|
||||
final File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
//final File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
final File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
|
||||
final File dir1 = new File(testClassPath, "../../src/test/");
|
||||
final File dir2 = new File(testClassPath, "../../src/test/resources/");
|
||||
final String paths = String.format("%s" + File.pathSeparator + "%s", dir1.getAbsolutePath(), dir2.getAbsolutePath());
|
||||
@@ -130,7 +133,8 @@ public class DriverLoaderTest {
|
||||
public void testLoad_String_String_badClassName() throws Exception {
|
||||
String className = "com.mybad.jdbc.Driver";
|
||||
//we know this is in target/test-classes
|
||||
File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
//File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
|
||||
File driver = new File(testClassPath, "../../src/test/resources/mysql-connector-java-5.1.27-bin.jar");
|
||||
assertTrue("MySQL Driver JAR file not found in src/test/resources?", driver.isFile());
|
||||
|
||||
@@ -144,7 +148,8 @@ public class DriverLoaderTest {
|
||||
public void testLoad_String_String_badPath() throws Exception {
|
||||
String className = "com.mysql.jdbc.Driver";
|
||||
//we know this is in target/test-classes
|
||||
File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
//File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
|
||||
File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
|
||||
File driver = new File(testClassPath, "../../src/test/bad/mysql-connector-java-5.1.27-bin.jar");
|
||||
Driver d = DriverLoader.load(className, driver.getAbsolutePath());
|
||||
}
|
||||
|
||||
@@ -34,7 +34,8 @@ public class NvdCveUpdaterIntegrationTest extends BaseTest {
|
||||
public void setUp() throws Exception {
|
||||
int year = Calendar.getInstance().get(Calendar.YEAR);
|
||||
if (year <= 2014) {
|
||||
File f = new File(NvdCveUpdaterIntegrationTest.class.getClassLoader().getResource("nvdcve-2.0-2014.xml").getPath());
|
||||
//File f = new File(NvdCveUpdaterIntegrationTest.class.getClassLoader().getResource("nvdcve-2.0-2014.xml").getPath());
|
||||
File f = BaseTest.getResourceAsFile(this, "nvdcve-2.0-2014.xml");
|
||||
String baseURL = f.toURI().toURL().toString();
|
||||
String modified12 = baseURL.replace("nvdcve-2.0-2014.xml", "nvdcve-modified.xml");
|
||||
String modified20 = baseURL.replace("nvdcve-2.0-2014.xml", "nvdcve-2.0-modified.xml");
|
||||
|
||||
@@ -28,6 +28,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.dependency.VulnerableSoftware;
|
||||
|
||||
/**
|
||||
@@ -60,7 +61,8 @@ public class NvdCve_1_2_HandlerTest {
|
||||
SAXParserFactory factory = SAXParserFactory.newInstance();
|
||||
SAXParser saxParser = factory.newSAXParser();
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2012.xml").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2012.xml").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "nvdcve-2012.xml");
|
||||
|
||||
NvdCve12Handler instance = new NvdCve12Handler();
|
||||
saxParser.parse(file, instance);
|
||||
|
||||
@@ -26,6 +26,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -59,7 +60,8 @@ public class NvdCve_2_0_HandlerTest {
|
||||
SAXParserFactory factory = SAXParserFactory.newInstance();
|
||||
SAXParser saxParser = factory.newSAXParser();
|
||||
|
||||
File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2.0-2012.xml").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2.0-2012.xml").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "nvdcve-2.0-2012.xml");
|
||||
|
||||
NvdCve20Handler instance = new NvdCve20Handler();
|
||||
|
||||
|
||||
@@ -28,6 +28,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.data.nexus.MavenArtifact;
|
||||
|
||||
/**
|
||||
@@ -152,7 +153,9 @@ public class DependencyTest {
|
||||
*/
|
||||
@Test
|
||||
public void testGetMd5sum() {
|
||||
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
|
||||
Dependency instance = new Dependency(file);
|
||||
//assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
|
||||
String expResult = "C30B57142E1CCBC1EFD5CD15F307358F";
|
||||
@@ -176,7 +179,8 @@ public class DependencyTest {
|
||||
*/
|
||||
@Test
|
||||
public void testGetSha1sum() {
|
||||
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
Dependency instance = new Dependency(file);
|
||||
String expResult = "89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B";
|
||||
String result = instance.getSha1sum();
|
||||
|
||||
@@ -105,8 +105,8 @@ public class ReportGeneratorIntegrationTest extends BaseTest {
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates an XML report containing known vulnerabilities and realistic data and validates the generated XML
|
||||
* document against the XSD.
|
||||
* Generates an XML report containing known vulnerabilities and realistic data and validates the generated XML document
|
||||
* against the XSD.
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
@@ -120,9 +120,12 @@ public class ReportGeneratorIntegrationTest extends BaseTest {
|
||||
}
|
||||
String writeTo = "target/test-reports/Report.xml";
|
||||
|
||||
File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
|
||||
File jetty = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
|
||||
//File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
//File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
|
||||
File axis = BaseTest.getResourceAsFile(this, "axis2-adb-1.4.1.jar");
|
||||
//File jetty = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
|
||||
File jetty = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar");
|
||||
|
||||
boolean autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
|
||||
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||
|
||||
@@ -31,6 +31,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.xml.sax.InputSource;
|
||||
import org.xml.sax.XMLReader;
|
||||
|
||||
@@ -66,9 +67,11 @@ public class SuppressionHandlerTest {
|
||||
*/
|
||||
@Test
|
||||
public void testHandler() throws Exception {
|
||||
File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "suppressions.xml");
|
||||
|
||||
File schema = new File(this.getClass().getClassLoader().getResource("schema/suppression.xsd").getPath());
|
||||
//File schema = new File(this.getClass().getClassLoader().getResource("schema/suppression.xsd").getPath());
|
||||
File schema = BaseTest.getResourceAsFile(this, "schema/suppression.xsd");
|
||||
SuppressionHandler handler = new SuppressionHandler();
|
||||
|
||||
SAXParserFactory factory = SAXParserFactory.newInstance();
|
||||
|
||||
@@ -25,6 +25,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
|
||||
/**
|
||||
* Test of the suppression parser.
|
||||
@@ -57,7 +58,8 @@ public class SuppressionParserTest {
|
||||
*/
|
||||
@Test
|
||||
public void testParseSuppressionRules() throws Exception {
|
||||
File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
|
||||
//File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
|
||||
File file = BaseTest.getResourceAsFile(this, "suppressions.xml");
|
||||
SuppressionParser instance = new SuppressionParser();
|
||||
List result = instance.parseSuppressionRules(file);
|
||||
assertTrue(result.size() > 3);
|
||||
|
||||
@@ -28,6 +28,7 @@ import static org.junit.Assert.assertTrue;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.owasp.dependencycheck.BaseTest;
|
||||
import org.owasp.dependencycheck.dependency.Dependency;
|
||||
import org.owasp.dependencycheck.dependency.Identifier;
|
||||
import org.owasp.dependencycheck.dependency.Vulnerability;
|
||||
@@ -422,7 +423,8 @@ public class SuppressionRuleTest {
|
||||
*/
|
||||
@Test
|
||||
public void testProcess() {
|
||||
File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
//File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
|
||||
File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
|
||||
Dependency dependency = new Dependency(struts);
|
||||
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:4.5", "some url not needed for this test");
|
||||
String sha1 = dependency.getSha1sum();
|
||||
@@ -501,7 +503,8 @@ public class SuppressionRuleTest {
|
||||
*/
|
||||
@Test
|
||||
public void testProcessGAV() {
|
||||
File spring = new File(this.getClass().getClassLoader().getResource("spring-security-web-3.0.0.RELEASE.jar").getPath());
|
||||
//File spring = new File(this.getClass().getClassLoader().getResource("spring-security-web-3.0.0.RELEASE.jar").getPath());
|
||||
File spring = BaseTest.getResourceAsFile(this, "spring-security-web-3.0.0.RELEASE.jar");
|
||||
Dependency dependency = new Dependency(spring);
|
||||
dependency.addIdentifier("cpe", "cpe:/a:vmware:springsource_spring_framework:3.0.0", "some url not needed for this test");
|
||||
dependency.addIdentifier("cpe", "cpe:/a:springsource:spring_framework:3.0.0", "some url not needed for this test");
|
||||
|
||||
Reference in New Issue
Block a user