moved to new package

Former-commit-id: 1093fc5eb2cf0b7c864e96ecf65bbc3fffada113
2026-03-17 23:04:07 +01:00 · 2014-01-03 14:20:12 -05:00
parent 3f40ca65f5
commit 63a249ecb0
5 changed files with 945 additions and 0 deletions
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCve_1_2_HandlerTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCve_1_2_HandlerTest.java
@@ -0,0 +1,72 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.data.update;
+
+import org.owasp.dependencycheck.data.update.NvdCve12Handler;
+import java.io.File;
+import java.util.List;
+import java.util.Map;
+import javax.xml.parsers.SAXParser;
+import javax.xml.parsers.SAXParserFactory;
+import org.owasp.dependencycheck.dependency.VulnerableSoftware;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class NvdCve_1_2_HandlerTest {
+
+    public NvdCve_1_2_HandlerTest() {
+    }
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+
+    @Before
+    public void setUp() {
+    }
+
+    @After
+    public void tearDown() {
+    }
+
+    @Test
+    public void testParse() throws Exception {
+        SAXParserFactory factory = SAXParserFactory.newInstance();
+        SAXParser saxParser = factory.newSAXParser();
+
+        File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2012.xml").getPath());
+
+        NvdCve12Handler instance = new NvdCve12Handler();
+        saxParser.parse(file, instance);
+        Map<String, List<VulnerableSoftware>> results = instance.getVulnerabilities();
+        assertTrue("No vulnerable software identified with a previous version in 2012 CVE 1.2?", !results.isEmpty());
+    }
+}
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCve_2_0_HandlerTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCve_2_0_HandlerTest.java
@@ -0,0 +1,78 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.data.update;
+
+import org.owasp.dependencycheck.data.update.NvdCve20Handler;
+import java.io.File;
+import javax.xml.parsers.SAXParser;
+import javax.xml.parsers.SAXParserFactory;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class NvdCve_2_0_HandlerTest {
+
+    public NvdCve_2_0_HandlerTest() {
+    }
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+
+    @Before
+    public void setUp() {
+    }
+
+    @After
+    public void tearDown() {
+    }
+
+    @Test
+    public void testParse() {
+        Exception results = null;
+        try {
+            SAXParserFactory factory = SAXParserFactory.newInstance();
+            SAXParser saxParser = factory.newSAXParser();
+
+            File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2.0-2012.xml").getPath());
+
+            NvdCve20Handler instance = new NvdCve20Handler();
+
+            saxParser.parse(file, instance);
+        } catch (Exception ex) {
+            results = ex;
+        }
+        assertTrue("Exception thrown during parse of 2012 CVE version 2.0?", results == null);
+        if (results != null) {
+            System.err.println(results);
+        }
+
+    }
+}