From 63e5a2c5ba6bd16a1a88b04fd4b720d9efd805b9 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Wed, 22 Jul 2015 06:43:52 -0400
Subject: [PATCH] initial patch to add symbolic link depth per issue #285; more
 testing needs to be performed

Former-commit-id: bc40f8cfc1410c46e402ce6931e53f377b5c60ee
---
 .../src/main/java/org/owasp/dependencycheck/App.java       | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
index f15e8d086..e842264eb 100644
--- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
+++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
@@ -99,7 +99,8 @@ public class App {
         } else if (cli.isRunScan()) {
             populateSettings(cli);
             try {
-                runScan(cli.getReportDirectory(), cli.getReportFormat(), cli.getApplicationName(), cli.getScanFiles(), cli.getExcludeList());
+                runScan(cli.getReportDirectory(), cli.getReportFormat(), cli.getApplicationName(), cli.getScanFiles(),
+                        cli.getExcludeList(), cli.getSymLinkDepth());
             } catch (InvalidScanPathException ex) {
                 LOGGER.error("An invalid scan path was detected; unable to scan '//*' paths");
             }
@@ -116,11 +117,12 @@ public class App {
      * @param applicationName the application name for the report
      * @param files the files/directories to scan
      * @param excludes the patterns for files/directories to exclude
+     * @param symLinkDepth the depth that symbolic links will be followed
      *
      * @throws InvalidScanPathException thrown if the path to scan starts with "//"
      */
     private void runScan(String reportDirectory, String outputFormat, String applicationName, String[] files,
-            String[] excludes) throws InvalidScanPathException {
+            String[] excludes, int symLinkDepth) throws InvalidScanPathException {
         Engine engine = null;
         try {
             engine = new Engine();
@@ -165,6 +167,7 @@ public class App {
                 }
                 scanner.setBasedir(baseDir);
                 scanner.setIncludes(include);
+                scanner.setMaxLevelsOfSymlinks(symLinkDepth);
                 if (excludes != null && excludes.length > 0) {
                     scanner.addExcludes(excludes);
                 }