diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/EscapeTool.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/EscapeTool.java index 612385eb6..e0829d0da 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/EscapeTool.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/EscapeTool.java @@ -125,7 +125,11 @@ public class EscapeTool { if (text == null || text.isEmpty()) { return "\"\""; } - return StringEscapeUtils.escapeCsv(text.trim().replace("\n", " ")); + final String str = text.trim().replace("\n", " "); + if (str.length()==0) { + return "\"\""; + } + return StringEscapeUtils.escapeCsv(str); } /** @@ -151,6 +155,9 @@ public class EscapeTool { sb.append(id.getValue()); } } + if (sb.length()==0) { + return "\"\""; + } return StringEscapeUtils.escapeCsv(sb.toString()); } @@ -177,6 +184,9 @@ public class EscapeTool { sb.append(id.getValue()); } } + if (sb.length()==0) { + return "\"\""; + } return StringEscapeUtils.escapeCsv(sb.toString()); } @@ -203,6 +213,9 @@ public class EscapeTool { sb.append(id.getConfidence()); } } + if (sb.length()==0) { + return "\"\""; + } return StringEscapeUtils.escapeCsv(sb.toString()); } @@ -229,6 +242,9 @@ public class EscapeTool { sb.append(id.getValue()); } } + if (sb.length()==0) { + return "\"\""; + } return StringEscapeUtils.escapeCsv(sb.toString()); } } diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java index b9b730e5f..a94180c11 100644 --- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java +++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java @@ -126,7 +126,7 @@ public class EscapeToolTest { public void testCsv() { String text = null; EscapeTool instance = new EscapeTool(); - String expResult = null; + String expResult = "\"\""; String result = instance.csv(text); assertEquals(expResult, result); @@ -164,22 +164,22 @@ public class EscapeToolTest { assertEquals(expResult, result); ids = new HashSet<>(); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); expResult = "somegroup:something:1.0"; result = instance.csvIdentifiers(ids); assertEquals(expResult, result); ids = new HashSet<>(); ids.add(new Identifier("cpe", "cpe:/a:somegroup:something:1.0", "")); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); expResult = "somegroup:something:1.0"; result = instance.csvIdentifiers(ids); assertEquals(expResult, result); ids = new HashSet<>(); ids.add(new Identifier("cpe", "cpe:/a:somegroup:something:1.0", "")); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); - ids.add(new Identifier("gav", "somegroup2:something:1.2", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup2:something:1.2", "")); expResult = "\"somegroup:something:1.0, somegroup2:something:1.2\""; String expResult2 = "\"somegroup2:something:1.2, somegroup:something:1.0\""; result = instance.csvIdentifiers(ids); @@ -203,7 +203,7 @@ public class EscapeToolTest { assertEquals(expResult, result); ids = new HashSet<>(); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); expResult = "\"\""; result = instance.csvCpe(ids); assertEquals(expResult, result); @@ -216,14 +216,14 @@ public class EscapeToolTest { ids = new HashSet<>(); ids.add(new Identifier("cpe", "cpe:/a:somegroup:something:1.0", "")); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); expResult = "cpe:/a:somegroup:something:1.0"; result = instance.csvCpe(ids); assertEquals(expResult, result); ids = new HashSet<>(); ids.add(new Identifier("cpe", "cpe:/a:somegroup:something:1.0", "")); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); ids.add(new Identifier("cpe", "cpe:/a:somegroup2:something:1.2", "")); expResult = "\"cpe:/a:somegroup:something:1.0, cpe:/a:somegroup2:something:1.2\""; String expResult2 = "\"cpe:/a:somegroup2:something:1.2, cpe:/a:somegroup:something:1.0\""; @@ -248,7 +248,7 @@ public class EscapeToolTest { assertEquals(expResult, result); ids = new HashSet<>(); - ids.add(new Identifier("gav", "somegroup:something:1.0", "")); + ids.add(new Identifier("maven", "somegroup:something:1.0", "")); expResult = "\"\""; result = instance.csvCpeConfidence(ids); assertEquals(expResult, result); @@ -268,7 +268,7 @@ public class EscapeToolTest { Identifier i2 = new Identifier("cpe", "cpe:/a:somegroup:something2:1.0", ""); i2.setConfidence(Confidence.MEDIUM); ids.add(i2); - Identifier i3 = new Identifier("gav", "somegroup:something:1.0", ""); + Identifier i3 = new Identifier("maven", "somegroup:something:1.0", ""); i3.setConfidence(Confidence.LOW); ids.add(i3);