From 77486dffd44d549c5e69748fb5facf0c17b46e62 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sat, 10 May 2014 06:56:53 -0400
Subject: [PATCH] removed additional false positives as part of patch for issue
 #93 and #119

Former-commit-id: 86f48b30150f2ba4db99dfc2eb15a0ac50a6e383
---
 .../analyzer/FalsePositiveAnalyzer.java           | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
index 5a3c88574..a02942685 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
@@ -88,7 +88,7 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
         removeBadMatches(dependency);
         removeWrongVersionMatches(dependency);
         removeSpuriousCPE(dependency);
-        removeDuplicativePOMEntries(dependency, engine);
+        removeDuplicativeEntriesFromJar(dependency, engine);
         addFalseNegativeCPEs(dependency);
     }
 
@@ -338,8 +338,17 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
         }
     }
 
-    private void removeDuplicativePOMEntries(Dependency dependency, Engine engine) {
-        if (dependency.getFileName().toLowerCase().endsWith("pom.xml")) {
+    /**
+     * Removes duplicate entries identified that are contained within JAR files. These occasionally crop up due to POM
+     * entries or other types of files (such as DLLs and EXEs) being contained within the JAR.
+     *
+     * @param dependency the dependency that might be a duplicate
+     * @param engine the engine used to scan all dependencies
+     */
+    private void removeDuplicativeEntriesFromJar(Dependency dependency, Engine engine) {
+        if (dependency.getFileName().toLowerCase().endsWith("pom.xml")
+                || dependency.getFileExtension().equals("dll")
+                || dependency.getFileExtension().equals("exe")) {
             String parentPath = dependency.getFilePath().toLowerCase();
             if (parentPath.contains(".jar")) {
                 parentPath = parentPath.substring(0, parentPath.indexOf(".jar") + 4);