removed analysisExceptions from the dependency object, instead we are logging the exception for issue #46

Former-commit-id: feee45a009165fce559d3bad2e9c45f95f230200
2026-03-12 05:11:56 +01:00 · 2014-02-08 12:35:53 -05:00
parent e473ef36b1
commit 7fca2a9cc6
3 changed files with 10 additions and 39 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java
@@ -26,10 +26,10 @@ import java.util.List;
 import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.analyzer.AnalysisPhase;
 import org.owasp.dependencycheck.analyzer.Analyzer;
 import org.owasp.dependencycheck.analyzer.AnalyzerService;
+import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.data.cpe.CpeMemoryIndex;
 import org.owasp.dependencycheck.data.cpe.IndexException;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
@@ -321,13 +321,14 @@ public class Engine {
                        try {
                            a.analyze(d, this);
                        } catch (AnalysisException ex) {
-                            d.addAnalysisException(ex);
+                            final String exMsg = String.format("An error occured while analyzing '%s'.", d.getActualFilePath());
+                            Logger.getLogger(Engine.class.getName()).log(Level.WARNING, exMsg);
+                            Logger.getLogger(Engine.class.getName()).log(Level.FINE, "", ex);
                        } catch (Throwable ex) {
                            final String axMsg = String.format("An unexpected error occurred during analysis of '%s'", d.getActualFilePath());
                            final AnalysisException ax = new AnalysisException(axMsg, ex);
-                            d.addAnalysisException(ax);
-                            Logger.getLogger(Engine.class.getName()).log(Level.SEVERE, axMsg);
-                            Logger.getLogger(Engine.class.getName()).log(Level.FINE, axMsg, ex);
+                            Logger.getLogger(Engine.class.getName()).log(Level.WARNING, axMsg);
+                            Logger.getLogger(Engine.class.getName()).log(Level.FINE, "", ex);
                        }
                    }
                }
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
@@ -17,7 +17,6 @@
 */
 package org.owasp.dependencycheck.analyzer;

-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import java.io.BufferedOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
@@ -57,6 +56,7 @@ import javax.xml.transform.sax.SAXSource;
 import org.h2.store.fs.FileUtils;
 import org.jsoup.Jsoup;
 import org.owasp.dependencycheck.Engine;
+import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceCollection;
@@ -262,7 +262,6 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
        } catch (IOException ex) {
            final String msg = String.format("Unable to read JarFile '%s'.", dependency.getActualFilePath());
            final AnalysisException ax = new AnalysisException(msg, ex);
-            dependency.getAnalysisExceptions().add(ax);
            Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg);
            Logger.getLogger(JarAnalyzer.class.getName()).log(Level.FINE, null, ex);
            return false;
@@ -273,7 +272,6 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
        } catch (IOException ex) {
            final String msg = String.format("Unable to read Jar file entries in '%s'.", dependency.getActualFilePath());
            final AnalysisException ax = new AnalysisException(msg, ex);
-            dependency.getAnalysisExceptions().add(ax);
            Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg);
            Logger.getLogger(JarAnalyzer.class.getName()).log(Level.INFO, msg, ex);
            return false;
@@ -314,7 +312,9 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
                    foundSomething |= setPomEvidence(dependency, pom, pomProperties, classes);
                }
            } catch (AnalysisException ex) {
-                dependency.addAnalysisException(ex);
+                final String msg = String.format("An error occured while analyzing '%s'.", dependency.getActualFilePath());
+                Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg);
+                Logger.getLogger(JarAnalyzer.class.getName()).log(Level.INFO, "", ex);
            }
        }
        return foundSomething;