github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-31 06:03:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

v1.3.4 documentation

Browse Source
This commit is contained in:
Jeremy Long
2016-01-31 17:19:51 -05:00
parent 15e7c351e4
commit 879a7165b1
1486 changed files with 20415 additions and 19572 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
xref/org/owasp/dependencycheck/analyzer/AbstractAnalyzer.html
View File

@@ -53,6 +53,6 @@
<a class="jxr_linenumber" name="L45" href="#L45">45</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzer.html
View File

@@ -231,6 +231,6 @@
<a class="jxr_linenumber" name="L223" href="#L223">223</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.html
View File

@@ -185,6 +185,6 @@
<a class="jxr_linenumber" name="L177" href="#L177">177</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

4
xref/org/owasp/dependencycheck/analyzer/AnalysisPhase.html
View File

@@ -37,7 +37,7 @@
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> INITIAL,
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment"> * Pre information collection phase</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment"> * Pre information collection phase.</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> PRE_INFORMATION_COLLECTION,
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment">/**</em>
@@ -75,6 +75,6 @@
<a class="jxr_linenumber" name="L67" href="#L67">67</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/Analyzer.html
View File

@@ -79,6 +79,6 @@
<a class="jxr_linenumber" name="L71" href="#L71">71</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/AnalyzerService.html
View File

@@ -61,6 +61,6 @@
<a class="jxr_linenumber" name="L53" href="#L53">53</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.html
View File

@@ -520,6 +520,6 @@
<a class="jxr_linenumber" name="L512" href="#L512">512</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

144
xref/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.html
View File

@@ -243,80 +243,78 @@
<a class="jxr_linenumber" name="L235" href="#L235">235</a> <strong class="jxr_keyword">this</strong>.setEnabled(false);
<a class="jxr_linenumber" name="L236" href="#L236">236</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Could not execute .NET AssemblyAnalyzer"</span>);
<a class="jxr_linenumber" name="L237" href="#L237">237</a> }
<a class="jxr_linenumber" name="L238" href="#L238">238</a> } <strong class="jxr_keyword">catch</strong> (Throwable e) {
<a class="jxr_linenumber" name="L239" href="#L239">239</a> <strong class="jxr_keyword">if</strong> (e instanceof AnalysisException) {
<a class="jxr_linenumber" name="L240" href="#L240">240</a> <strong class="jxr_keyword">throw</strong> (AnalysisException) e;
<a class="jxr_linenumber" name="L241" href="#L241">241</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L242" href="#L242">242</a> LOGGER.warn(<span class="jxr_string">"An error occurred with the .NET AssemblyAnalyzer;\n"</span>
<a class="jxr_linenumber" name="L243" href="#L243">243</a> + <span class="jxr_string">"this can be ignored unless you are scanning .NET DLLs. Please see the log for more details."</span>);
<a class="jxr_linenumber" name="L244" href="#L244">244</a> LOGGER.debug(<span class="jxr_string">"Could not execute GrokAssembly {}"</span>, e.getMessage());
<a class="jxr_linenumber" name="L245" href="#L245">245</a> <strong class="jxr_keyword">this</strong>.setEnabled(false);
<a class="jxr_linenumber" name="L246" href="#L246">246</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"An error occured with the .NET AssemblyAnalyzer"</span>, e);
<a class="jxr_linenumber" name="L247" href="#L247">247</a> }
<a class="jxr_linenumber" name="L248" href="#L248">248</a> }
<a class="jxr_linenumber" name="L249" href="#L249">249</a> builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
<a class="jxr_linenumber" name="L250" href="#L250">250</a> }
<a class="jxr_linenumber" name="L251" href="#L251">251</a>
<a class="jxr_linenumber" name="L252" href="#L252">252</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L253" href="#L253">253</a> <em class="jxr_javadoccomment"> * Removes resources used from the local file system.</em>
<a class="jxr_linenumber" name="L254" href="#L254">254</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L255" href="#L255">255</a> <em class="jxr_javadoccomment"> * @throws Exception thrown if there is a problem closing the analyzer</em>
<a class="jxr_linenumber" name="L256" href="#L256">256</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L257" href="#L257">257</a> @Override
<a class="jxr_linenumber" name="L258" href="#L258">258</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L259" href="#L259">259</a> <strong class="jxr_keyword">super</strong>.close();
<a class="jxr_linenumber" name="L260" href="#L260">260</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L261" href="#L261">261</a> <strong class="jxr_keyword">if</strong> (grokAssemblyExe != <strong class="jxr_keyword">null</strong> &amp;&amp; !grokAssemblyExe.delete()) {
<a class="jxr_linenumber" name="L262" href="#L262">262</a> grokAssemblyExe.deleteOnExit();
<a class="jxr_linenumber" name="L263" href="#L263">263</a> }
<a class="jxr_linenumber" name="L264" href="#L264">264</a> } <strong class="jxr_keyword">catch</strong> (SecurityException se) {
<a class="jxr_linenumber" name="L265" href="#L265">265</a> LOGGER.debug(<span class="jxr_string">"Can't delete temporary GrokAssembly.exe"</span>);
<a class="jxr_linenumber" name="L266" href="#L266">266</a> }
<a class="jxr_linenumber" name="L267" href="#L267">267</a> }
<a class="jxr_linenumber" name="L268" href="#L268">268</a>
<a class="jxr_linenumber" name="L269" href="#L269">269</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L270" href="#L270">270</a> <em class="jxr_javadoccomment"> * The File Filter used to filter supported extensions.</em>
<a class="jxr_linenumber" name="L271" href="#L271">271</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L272" href="#L272">272</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(
<a class="jxr_linenumber" name="L273" href="#L273">273</a> SUPPORTED_EXTENSIONS).build();
<a class="jxr_linenumber" name="L274" href="#L274">274</a>
<a class="jxr_linenumber" name="L275" href="#L275">275</a> @Override
<a class="jxr_linenumber" name="L276" href="#L276">276</a> <strong class="jxr_keyword">protected</strong> FileFilter getFileFilter() {
<a class="jxr_linenumber" name="L277" href="#L277">277</a> <strong class="jxr_keyword">return</strong> FILTER;
<a class="jxr_linenumber" name="L278" href="#L278">278</a> }
<a class="jxr_linenumber" name="L279" href="#L279">279</a>
<a class="jxr_linenumber" name="L280" href="#L280">280</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L281" href="#L281">281</a> <em class="jxr_javadoccomment"> * Gets this analyzer's name.</em>
<a class="jxr_linenumber" name="L282" href="#L282">282</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L283" href="#L283">283</a> <em class="jxr_javadoccomment"> * @return the analyzer name</em>
<a class="jxr_linenumber" name="L284" href="#L284">284</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L285" href="#L285">285</a> @Override
<a class="jxr_linenumber" name="L286" href="#L286">286</a> <strong class="jxr_keyword">public</strong> String getName() {
<a class="jxr_linenumber" name="L287" href="#L287">287</a> <strong class="jxr_keyword">return</strong> ANALYZER_NAME;
<a class="jxr_linenumber" name="L288" href="#L288">288</a> }
<a class="jxr_linenumber" name="L289" href="#L289">289</a>
<a class="jxr_linenumber" name="L290" href="#L290">290</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L291" href="#L291">291</a> <em class="jxr_javadoccomment"> * Returns the phase this analyzer runs under.</em>
<a class="jxr_linenumber" name="L292" href="#L292">292</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L293" href="#L293">293</a> <em class="jxr_javadoccomment"> * @return the phase this runs under</em>
<a class="jxr_linenumber" name="L294" href="#L294">294</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L295" href="#L295">295</a> @Override
<a class="jxr_linenumber" name="L296" href="#L296">296</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
<a class="jxr_linenumber" name="L297" href="#L297">297</a> <strong class="jxr_keyword">return</strong> ANALYSIS_PHASE;
<a class="jxr_linenumber" name="L298" href="#L298">298</a> }
<a class="jxr_linenumber" name="L299" href="#L299">299</a>
<a class="jxr_linenumber" name="L300" href="#L300">300</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L301" href="#L301">301</a> <em class="jxr_javadoccomment"> * Returns the key used in the properties file to reference the analyzer's enabled property.</em>
<a class="jxr_linenumber" name="L302" href="#L302">302</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L303" href="#L303">303</a> <em class="jxr_javadoccomment"> * @return the analyzer's enabled property setting key</em>
<a class="jxr_linenumber" name="L304" href="#L304">304</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L305" href="#L305">305</a> @Override
<a class="jxr_linenumber" name="L306" href="#L306">306</a> <strong class="jxr_keyword">protected</strong> String getAnalyzerEnabledSettingKey() {
<a class="jxr_linenumber" name="L307" href="#L307">307</a> <strong class="jxr_keyword">return</strong> Settings.KEYS.ANALYZER_ASSEMBLY_ENABLED;
<a class="jxr_linenumber" name="L308" href="#L308">308</a> }
<a class="jxr_linenumber" name="L309" href="#L309">309</a> }
<a class="jxr_linenumber" name="L238" href="#L238">238</a> } <strong class="jxr_keyword">catch</strong> (AnalysisException e) {
<a class="jxr_linenumber" name="L239" href="#L239">239</a> <strong class="jxr_keyword">throw</strong> e;
<a class="jxr_linenumber" name="L240" href="#L240">240</a> } <strong class="jxr_keyword">catch</strong> (Throwable e) {
<a class="jxr_linenumber" name="L241" href="#L241">241</a> LOGGER.warn(<span class="jxr_string">"An error occurred with the .NET AssemblyAnalyzer;\n"</span>
<a class="jxr_linenumber" name="L242" href="#L242">242</a> + <span class="jxr_string">"this can be ignored unless you are scanning .NET DLLs. Please see the log for more details."</span>);
<a class="jxr_linenumber" name="L243" href="#L243">243</a> LOGGER.debug(<span class="jxr_string">"Could not execute GrokAssembly {}"</span>, e.getMessage());
<a class="jxr_linenumber" name="L244" href="#L244">244</a> <strong class="jxr_keyword">this</strong>.setEnabled(false);
<a class="jxr_linenumber" name="L245" href="#L245">245</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"An error occurred with the .NET AssemblyAnalyzer"</span>, e);
<a class="jxr_linenumber" name="L246" href="#L246">246</a> }
<a class="jxr_linenumber" name="L247" href="#L247">247</a> builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
<a class="jxr_linenumber" name="L248" href="#L248">248</a> }
<a class="jxr_linenumber" name="L249" href="#L249">249</a>
<a class="jxr_linenumber" name="L250" href="#L250">250</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L251" href="#L251">251</a> <em class="jxr_javadoccomment"> * Removes resources used from the local file system.</em>
<a class="jxr_linenumber" name="L252" href="#L252">252</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L253" href="#L253">253</a> <em class="jxr_javadoccomment"> * @throws Exception thrown if there is a problem closing the analyzer</em>
<a class="jxr_linenumber" name="L254" href="#L254">254</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L255" href="#L255">255</a> @Override
<a class="jxr_linenumber" name="L256" href="#L256">256</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L257" href="#L257">257</a> <strong class="jxr_keyword">super</strong>.close();
<a class="jxr_linenumber" name="L258" href="#L258">258</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L259" href="#L259">259</a> <strong class="jxr_keyword">if</strong> (grokAssemblyExe != <strong class="jxr_keyword">null</strong> &amp;&amp; !grokAssemblyExe.delete()) {
<a class="jxr_linenumber" name="L260" href="#L260">260</a> grokAssemblyExe.deleteOnExit();
<a class="jxr_linenumber" name="L261" href="#L261">261</a> }
<a class="jxr_linenumber" name="L262" href="#L262">262</a> } <strong class="jxr_keyword">catch</strong> (SecurityException se) {
<a class="jxr_linenumber" name="L263" href="#L263">263</a> LOGGER.debug(<span class="jxr_string">"Can't delete temporary GrokAssembly.exe"</span>);
<a class="jxr_linenumber" name="L264" href="#L264">264</a> }
<a class="jxr_linenumber" name="L265" href="#L265">265</a> }
<a class="jxr_linenumber" name="L266" href="#L266">266</a>
<a class="jxr_linenumber" name="L267" href="#L267">267</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L268" href="#L268">268</a> <em class="jxr_javadoccomment"> * The File Filter used to filter supported extensions.</em>
<a class="jxr_linenumber" name="L269" href="#L269">269</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L270" href="#L270">270</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(
<a class="jxr_linenumber" name="L271" href="#L271">271</a> SUPPORTED_EXTENSIONS).build();
<a class="jxr_linenumber" name="L272" href="#L272">272</a>
<a class="jxr_linenumber" name="L273" href="#L273">273</a> @Override
<a class="jxr_linenumber" name="L274" href="#L274">274</a> <strong class="jxr_keyword">protected</strong> FileFilter getFileFilter() {
<a class="jxr_linenumber" name="L275" href="#L275">275</a> <strong class="jxr_keyword">return</strong> FILTER;
<a class="jxr_linenumber" name="L276" href="#L276">276</a> }
<a class="jxr_linenumber" name="L277" href="#L277">277</a>
<a class="jxr_linenumber" name="L278" href="#L278">278</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L279" href="#L279">279</a> <em class="jxr_javadoccomment"> * Gets this analyzer's name.</em>
<a class="jxr_linenumber" name="L280" href="#L280">280</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L281" href="#L281">281</a> <em class="jxr_javadoccomment"> * @return the analyzer name</em>
<a class="jxr_linenumber" name="L282" href="#L282">282</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L283" href="#L283">283</a> @Override
<a class="jxr_linenumber" name="L284" href="#L284">284</a> <strong class="jxr_keyword">public</strong> String getName() {
<a class="jxr_linenumber" name="L285" href="#L285">285</a> <strong class="jxr_keyword">return</strong> ANALYZER_NAME;
<a class="jxr_linenumber" name="L286" href="#L286">286</a> }
<a class="jxr_linenumber" name="L287" href="#L287">287</a>
<a class="jxr_linenumber" name="L288" href="#L288">288</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L289" href="#L289">289</a> <em class="jxr_javadoccomment"> * Returns the phase this analyzer runs under.</em>
<a class="jxr_linenumber" name="L290" href="#L290">290</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L291" href="#L291">291</a> <em class="jxr_javadoccomment"> * @return the phase this runs under</em>
<a class="jxr_linenumber" name="L292" href="#L292">292</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L293" href="#L293">293</a> @Override
<a class="jxr_linenumber" name="L294" href="#L294">294</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
<a class="jxr_linenumber" name="L295" href="#L295">295</a> <strong class="jxr_keyword">return</strong> ANALYSIS_PHASE;
<a class="jxr_linenumber" name="L296" href="#L296">296</a> }
<a class="jxr_linenumber" name="L297" href="#L297">297</a>
<a class="jxr_linenumber" name="L298" href="#L298">298</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L299" href="#L299">299</a> <em class="jxr_javadoccomment"> * Returns the key used in the properties file to reference the analyzer's enabled property.</em>
<a class="jxr_linenumber" name="L300" href="#L300">300</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L301" href="#L301">301</a> <em class="jxr_javadoccomment"> * @return the analyzer's enabled property setting key</em>
<a class="jxr_linenumber" name="L302" href="#L302">302</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L303" href="#L303">303</a> @Override
<a class="jxr_linenumber" name="L304" href="#L304">304</a> <strong class="jxr_keyword">protected</strong> String getAnalyzerEnabledSettingKey() {
<a class="jxr_linenumber" name="L305" href="#L305">305</a> <strong class="jxr_keyword">return</strong> Settings.KEYS.ANALYZER_ASSEMBLY_ENABLED;
<a class="jxr_linenumber" name="L306" href="#L306">306</a> }
<a class="jxr_linenumber" name="L307" href="#L307">307</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/AutoconfAnalyzer.html
View File

@@ -287,6 +287,6 @@
<a class="jxr_linenumber" name="L279" href="#L279">279</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

401
xref/org/owasp/dependencycheck/analyzer/CMakeAnalyzer.html
View File

@@ -40,206 +40,213 @@
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <strong class="jxr_keyword">import</strong> java.io.FileFilter;
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <strong class="jxr_keyword">import</strong> java.security.MessageDigest;
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">import</strong> java.security.NoSuchAlgorithmException;
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <strong class="jxr_keyword">import</strong> java.util.regex.Matcher;
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <strong class="jxr_keyword">import</strong> java.util.regex.Pattern;
<a class="jxr_linenumber" name="L39" href="#L39">39</a>
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <em class="jxr_javadoccomment"> * Used to analyze CMake build files, and collect information that can be used to determine the associated CPE.&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment"> * &lt;p/&gt;</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> * Note: This analyzer catches straightforward invocations of the project command, plus some other observed patterns of version</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <em class="jxr_javadoccomment"> * inclusion in real CMake projects. Many projects make use of older versions of CMake and/or use custom "homebrew" ways to insert</em>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment"> * version information. Hopefully as the newer CMake call pattern grows in usage, this analyzer allow more CPEs to be</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> * identified.&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> <em class="jxr_javadoccomment"> * @author Dale Visser &lt;dvisser@ida.org&gt;</em>
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CMakeAnalyzer.html">CMakeAnalyzer</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzer.html">AbstractFileTypeAnalyzer</a> {
<a class="jxr_linenumber" name="L53" href="#L53">53</a>
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> <em class="jxr_javadoccomment"> * The logger.</em>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Logger LOGGER = LoggerFactory.getLogger(CMakeAnalyzer.<strong class="jxr_keyword">class</strong>);
<a class="jxr_linenumber" name="L58" href="#L58">58</a>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <em class="jxr_javadoccomment"> * Used when compiling file scanning regex patterns.</em>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> REGEX_OPTIONS = Pattern.DOTALL
<a class="jxr_linenumber" name="L63" href="#L63">63</a> | Pattern.CASE_INSENSITIVE | Pattern.MULTILINE;
<a class="jxr_linenumber" name="L64" href="#L64">64</a>
<a class="jxr_linenumber" name="L65" href="#L65">65</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L66" href="#L66">66</a> <em class="jxr_javadoccomment"> * Regex to extract the product information.</em>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern PROJECT = Pattern.compile(
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <span class="jxr_string">"^ *project *&#92;&#92;([ &#92;&#92;n]*(&#92;&#92;w+)[ &#92;&#92;n]*.*?&#92;&#92;)"</span>, REGEX_OPTIONS);
<a class="jxr_linenumber" name="L70" href="#L70">70</a>
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> <em class="jxr_javadoccomment"> * Regex to extract product and version information.</em>
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L74" href="#L74">74</a> <em class="jxr_javadoccomment"> * Group 1: Product</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <strong class="jxr_keyword">import</strong> java.io.UnsupportedEncodingException;
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">import</strong> java.security.MessageDigest;
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <strong class="jxr_keyword">import</strong> java.security.NoSuchAlgorithmException;
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <strong class="jxr_keyword">import</strong> java.util.regex.Matcher;
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <strong class="jxr_keyword">import</strong> java.util.regex.Pattern;
<a class="jxr_linenumber" name="L41" href="#L41">41</a>
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> * Used to analyze CMake build files, and collect information that can be used to determine the associated CPE.&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> * &lt;p/&gt;</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment"> * Note: This analyzer catches straightforward invocations of the project command, plus some other observed patterns of version</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> * inclusion in real CMake projects. Many projects make use of older versions of CMake and/or use custom "homebrew" ways to insert</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> * version information. Hopefully as the newer CMake call pattern grows in usage, this analyzer allow more CPEs to be</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> <em class="jxr_javadoccomment"> * identified.&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <em class="jxr_javadoccomment"> * @author Dale Visser &lt;dvisser@ida.org&gt;</em>
<a class="jxr_linenumber" name="L53" href="#L53">53</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CMakeAnalyzer.html">CMakeAnalyzer</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzer.html">AbstractFileTypeAnalyzer</a> {
<a class="jxr_linenumber" name="L55" href="#L55">55</a>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <em class="jxr_javadoccomment"> * The logger.</em>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Logger LOGGER = LoggerFactory.getLogger(CMakeAnalyzer.<strong class="jxr_keyword">class</strong>);
<a class="jxr_linenumber" name="L60" href="#L60">60</a>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <em class="jxr_javadoccomment"> * Used when compiling file scanning regex patterns.</em>
<a class="jxr_linenumber" name="L63" href="#L63">63</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L64" href="#L64">64</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> REGEX_OPTIONS = Pattern.DOTALL
<a class="jxr_linenumber" name="L65" href="#L65">65</a> | Pattern.CASE_INSENSITIVE | Pattern.MULTILINE;
<a class="jxr_linenumber" name="L66" href="#L66">66</a>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> <em class="jxr_javadoccomment"> * Regex to extract the product information.</em>
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L70" href="#L70">70</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern PROJECT = Pattern.compile(
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <span class="jxr_string">"^ *project *&#92;&#92;([ &#92;&#92;n]*(&#92;&#92;w+)[ &#92;&#92;n]*.*?&#92;&#92;)"</span>, REGEX_OPTIONS);
<a class="jxr_linenumber" name="L72" href="#L72">72</a>
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L74" href="#L74">74</a> <em class="jxr_javadoccomment"> * Regex to extract product and version information.</em>
<a class="jxr_linenumber" name="L75" href="#L75">75</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L76" href="#L76">76</a> <em class="jxr_javadoccomment"> * Group 2: Version</em>
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L78" href="#L78">78</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern SET_VERSION = Pattern
<a class="jxr_linenumber" name="L79" href="#L79">79</a> .compile(
<a class="jxr_linenumber" name="L80" href="#L80">80</a> <span class="jxr_string">"^ *set&#92;&#92;s*&#92;&#92;(&#92;&#92;s*(&#92;&#92;w+)_version&#92;&#92;s+\&quot;?(&#92;&#92;d+(?:&#92;&#92;.&#92;&#92;d+)+)[&#92;&#92;s\&quot;]?&#92;&#92;)"</span>,
<a class="jxr_linenumber" name="L81" href="#L81">81</a> REGEX_OPTIONS);
<a class="jxr_linenumber" name="L82" href="#L82">82</a>
<a class="jxr_linenumber" name="L83" href="#L83">83</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L84" href="#L84">84</a> <em class="jxr_javadoccomment"> * Detects files that can be analyzed.</em>
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L86" href="#L86">86</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(<span class="jxr_string">".cmake"</span>)
<a class="jxr_linenumber" name="L87" href="#L87">87</a> .addFilenames(<span class="jxr_string">"CMakeLists.txt"</span>).build();
<a class="jxr_linenumber" name="L88" href="#L88">88</a>
<a class="jxr_linenumber" name="L89" href="#L89">89</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L90" href="#L90">90</a> <em class="jxr_javadoccomment"> * A reference to SHA1 message digest.</em>
<a class="jxr_linenumber" name="L91" href="#L91">91</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> MessageDigest sha1 = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L93" href="#L93">93</a>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <strong class="jxr_keyword">static</strong> {
<a class="jxr_linenumber" name="L95" href="#L95">95</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L96" href="#L96">96</a> sha1 = MessageDigest.getInstance(<span class="jxr_string">"SHA1"</span>);
<a class="jxr_linenumber" name="L97" href="#L97">97</a> } <strong class="jxr_keyword">catch</strong> (NoSuchAlgorithmException e) {
<a class="jxr_linenumber" name="L98" href="#L98">98</a> LOGGER.error(e.getMessage());
<a class="jxr_linenumber" name="L99" href="#L99">99</a> }
<a class="jxr_linenumber" name="L100" href="#L100">100</a> }
<a class="jxr_linenumber" name="L101" href="#L101">101</a>
<a class="jxr_linenumber" name="L102" href="#L102">102</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L103" href="#L103">103</a> <em class="jxr_javadoccomment"> * Returns the name of the CMake analyzer.</em>
<a class="jxr_linenumber" name="L104" href="#L104">104</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L105" href="#L105">105</a> <em class="jxr_javadoccomment"> * @return the name of the analyzer</em>
<a class="jxr_linenumber" name="L76" href="#L76">76</a> <em class="jxr_javadoccomment"> * Group 1: Product</em>
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L78" href="#L78">78</a> <em class="jxr_javadoccomment"> * Group 2: Version</em>
<a class="jxr_linenumber" name="L79" href="#L79">79</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Pattern SET_VERSION = Pattern
<a class="jxr_linenumber" name="L81" href="#L81">81</a> .compile(
<a class="jxr_linenumber" name="L82" href="#L82">82</a> <span class="jxr_string">"^ *set&#92;&#92;s*&#92;&#92;(&#92;&#92;s*(&#92;&#92;w+)_version&#92;&#92;s+\&quot;?(&#92;&#92;d+(?:&#92;&#92;.&#92;&#92;d+)+)[&#92;&#92;s\&quot;]?&#92;&#92;)"</span>,
<a class="jxr_linenumber" name="L83" href="#L83">83</a> REGEX_OPTIONS);
<a class="jxr_linenumber" name="L84" href="#L84">84</a>
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L86" href="#L86">86</a> <em class="jxr_javadoccomment"> * Detects files that can be analyzed.</em>
<a class="jxr_linenumber" name="L87" href="#L87">87</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L88" href="#L88">88</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(<span class="jxr_string">".cmake"</span>)
<a class="jxr_linenumber" name="L89" href="#L89">89</a> .addFilenames(<span class="jxr_string">"CMakeLists.txt"</span>).build();
<a class="jxr_linenumber" name="L90" href="#L90">90</a>
<a class="jxr_linenumber" name="L91" href="#L91">91</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <em class="jxr_javadoccomment"> * A reference to SHA1 message digest.</em>
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> MessageDigest sha1 = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L95" href="#L95">95</a>
<a class="jxr_linenumber" name="L96" href="#L96">96</a> <strong class="jxr_keyword">static</strong> {
<a class="jxr_linenumber" name="L97" href="#L97">97</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L98" href="#L98">98</a> sha1 = MessageDigest.getInstance(<span class="jxr_string">"SHA1"</span>);
<a class="jxr_linenumber" name="L99" href="#L99">99</a> } <strong class="jxr_keyword">catch</strong> (NoSuchAlgorithmException e) {
<a class="jxr_linenumber" name="L100" href="#L100">100</a> LOGGER.error(e.getMessage());
<a class="jxr_linenumber" name="L101" href="#L101">101</a> }
<a class="jxr_linenumber" name="L102" href="#L102">102</a> }
<a class="jxr_linenumber" name="L103" href="#L103">103</a>
<a class="jxr_linenumber" name="L104" href="#L104">104</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L105" href="#L105">105</a> <em class="jxr_javadoccomment"> * Returns the name of the CMake analyzer.</em>
<a class="jxr_linenumber" name="L106" href="#L106">106</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L107" href="#L107">107</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L108" href="#L108">108</a> @Override
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <strong class="jxr_keyword">public</strong> String getName() {
<a class="jxr_linenumber" name="L110" href="#L110">110</a> <strong class="jxr_keyword">return</strong> <span class="jxr_string">"CMake Analyzer"</span>;
<a class="jxr_linenumber" name="L111" href="#L111">111</a> }
<a class="jxr_linenumber" name="L112" href="#L112">112</a>
<a class="jxr_linenumber" name="L113" href="#L113">113</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L114" href="#L114">114</a> <em class="jxr_javadoccomment"> * Tell that we are used for information collection.</em>
<a class="jxr_linenumber" name="L115" href="#L115">115</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L116" href="#L116">116</a> <em class="jxr_javadoccomment"> * @return INFORMATION_COLLECTION</em>
<a class="jxr_linenumber" name="L117" href="#L117">117</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L118" href="#L118">118</a> @Override
<a class="jxr_linenumber" name="L119" href="#L119">119</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
<a class="jxr_linenumber" name="L120" href="#L120">120</a> <strong class="jxr_keyword">return</strong> AnalysisPhase.INFORMATION_COLLECTION;
<a class="jxr_linenumber" name="L121" href="#L121">121</a> }
<a class="jxr_linenumber" name="L122" href="#L122">122</a>
<a class="jxr_linenumber" name="L123" href="#L123">123</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L124" href="#L124">124</a> <em class="jxr_javadoccomment"> * Returns the set of supported file extensions.</em>
<a class="jxr_linenumber" name="L125" href="#L125">125</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L126" href="#L126">126</a> <em class="jxr_javadoccomment"> * @return the set of supported file extensions</em>
<a class="jxr_linenumber" name="L127" href="#L127">127</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L128" href="#L128">128</a> @Override
<a class="jxr_linenumber" name="L129" href="#L129">129</a> <strong class="jxr_keyword">protected</strong> FileFilter getFileFilter() {
<a class="jxr_linenumber" name="L130" href="#L130">130</a> <strong class="jxr_keyword">return</strong> FILTER;
<a class="jxr_linenumber" name="L131" href="#L131">131</a> }
<a class="jxr_linenumber" name="L132" href="#L132">132</a>
<a class="jxr_linenumber" name="L133" href="#L133">133</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L134" href="#L134">134</a> <em class="jxr_javadoccomment"> * No-op initializer implementation.</em>
<a class="jxr_linenumber" name="L135" href="#L135">135</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L136" href="#L136">136</a> <em class="jxr_javadoccomment"> * @throws Exception never thrown</em>
<a class="jxr_linenumber" name="L137" href="#L137">137</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L138" href="#L138">138</a> @Override
<a class="jxr_linenumber" name="L139" href="#L139">139</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> initializeFileTypeAnalyzer() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L140" href="#L140">140</a> <em class="jxr_comment">// Nothing to do here.</em>
<a class="jxr_linenumber" name="L141" href="#L141">141</a> }
<a class="jxr_linenumber" name="L142" href="#L142">142</a>
<a class="jxr_linenumber" name="L143" href="#L143">143</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L144" href="#L144">144</a> <em class="jxr_javadoccomment"> * Analyzes python packages and adds evidence to the dependency.</em>
<a class="jxr_linenumber" name="L145" href="#L145">145</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L146" href="#L146">146</a> <em class="jxr_javadoccomment"> * @param dependency the dependency being analyzed</em>
<a class="jxr_linenumber" name="L147" href="#L147">147</a> <em class="jxr_javadoccomment"> * @param engine the engine being used to perform the scan</em>
<a class="jxr_linenumber" name="L148" href="#L148">148</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if there is an unrecoverable error analyzing the dependency</em>
<a class="jxr_linenumber" name="L149" href="#L149">149</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L150" href="#L150">150</a> @Override
<a class="jxr_linenumber" name="L151" href="#L151">151</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> analyzeFileType(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine)
<a class="jxr_linenumber" name="L152" href="#L152">152</a> <strong class="jxr_keyword">throws</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a> {
<a class="jxr_linenumber" name="L153" href="#L153">153</a> <strong class="jxr_keyword">final</strong> File file = dependency.getActualFile();
<a class="jxr_linenumber" name="L154" href="#L154">154</a> <strong class="jxr_keyword">final</strong> String parentName = file.getParentFile().getName();
<a class="jxr_linenumber" name="L155" href="#L155">155</a> <strong class="jxr_keyword">final</strong> String name = file.getName();
<a class="jxr_linenumber" name="L156" href="#L156">156</a> dependency.setDisplayFileName(String.format(<span class="jxr_string">"%s%c%s"</span>, parentName, File.separatorChar, name));
<a class="jxr_linenumber" name="L157" href="#L157">157</a> String contents;
<a class="jxr_linenumber" name="L158" href="#L158">158</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L159" href="#L159">159</a> contents = FileUtils.readFileToString(file).trim();
<a class="jxr_linenumber" name="L160" href="#L160">160</a> } <strong class="jxr_keyword">catch</strong> (IOException e) {
<a class="jxr_linenumber" name="L161" href="#L161">161</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(
<a class="jxr_linenumber" name="L162" href="#L162">162</a> <span class="jxr_string">"Problem occurred while reading dependency file."</span>, e);
<a class="jxr_linenumber" name="L163" href="#L163">163</a> }
<a class="jxr_linenumber" name="L164" href="#L164">164</a>
<a class="jxr_linenumber" name="L165" href="#L165">165</a> <strong class="jxr_keyword">if</strong> (StringUtils.isNotBlank(contents)) {
<a class="jxr_linenumber" name="L166" href="#L166">166</a> <strong class="jxr_keyword">final</strong> Matcher m = PROJECT.matcher(contents);
<a class="jxr_linenumber" name="L167" href="#L167">167</a> <strong class="jxr_keyword">int</strong> count = 0;
<a class="jxr_linenumber" name="L168" href="#L168">168</a> <strong class="jxr_keyword">while</strong> (m.find()) {
<a class="jxr_linenumber" name="L169" href="#L169">169</a> count++;
<a class="jxr_linenumber" name="L170" href="#L170">170</a> LOGGER.debug(String.format(
<a class="jxr_linenumber" name="L171" href="#L171">171</a> <span class="jxr_string">"Found project command match with %d groups: %s"</span>,
<a class="jxr_linenumber" name="L172" href="#L172">172</a> m.groupCount(), m.group(0)));
<a class="jxr_linenumber" name="L173" href="#L173">173</a> <strong class="jxr_keyword">final</strong> String group = m.group(1);
<a class="jxr_linenumber" name="L174" href="#L174">174</a> LOGGER.debug(<span class="jxr_string">"Group 1: "</span> + group);
<a class="jxr_linenumber" name="L175" href="#L175">175</a> dependency.getProductEvidence().addEvidence(name, <span class="jxr_string">"Project"</span>,
<a class="jxr_linenumber" name="L176" href="#L176">176</a> group, Confidence.HIGH);
<a class="jxr_linenumber" name="L177" href="#L177">177</a> }
<a class="jxr_linenumber" name="L178" href="#L178">178</a> LOGGER.debug(<span class="jxr_string">"Found {} matches."</span>, count);
<a class="jxr_linenumber" name="L179" href="#L179">179</a> analyzeSetVersionCommand(dependency, engine, contents);
<a class="jxr_linenumber" name="L180" href="#L180">180</a> }
<a class="jxr_linenumber" name="L181" href="#L181">181</a> }
<a class="jxr_linenumber" name="L182" href="#L182">182</a>
<a class="jxr_linenumber" name="L183" href="#L183">183</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L184" href="#L184">184</a> <em class="jxr_javadoccomment"> * Extracts the version information from the contents. If more then one version is found additional dependencies are added to</em>
<a class="jxr_linenumber" name="L185" href="#L185">185</a> <em class="jxr_javadoccomment"> * the dependency list.</em>
<a class="jxr_linenumber" name="L186" href="#L186">186</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L187" href="#L187">187</a> <em class="jxr_javadoccomment"> * @param dependency the dependency being analyzed</em>
<a class="jxr_linenumber" name="L188" href="#L188">188</a> <em class="jxr_javadoccomment"> * @param engine the dependency-check engine</em>
<a class="jxr_linenumber" name="L189" href="#L189">189</a> <em class="jxr_javadoccomment"> * @param contents the version information</em>
<a class="jxr_linenumber" name="L190" href="#L190">190</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L191" href="#L191">191</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> analyzeSetVersionCommand(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine, String contents) {
<a class="jxr_linenumber" name="L192" href="#L192">192</a> <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> currentDep = dependency;
<a class="jxr_linenumber" name="L193" href="#L193">193</a>
<a class="jxr_linenumber" name="L194" href="#L194">194</a> <strong class="jxr_keyword">final</strong> Matcher m = SET_VERSION.matcher(contents);
<a class="jxr_linenumber" name="L195" href="#L195">195</a> <strong class="jxr_keyword">int</strong> count = 0;
<a class="jxr_linenumber" name="L196" href="#L196">196</a> <strong class="jxr_keyword">while</strong> (m.find()) {
<a class="jxr_linenumber" name="L197" href="#L197">197</a> count++;
<a class="jxr_linenumber" name="L198" href="#L198">198</a> LOGGER.debug(<span class="jxr_string">"Found project command match with {} groups: {}"</span>,
<a class="jxr_linenumber" name="L199" href="#L199">199</a> m.groupCount(), m.group(0));
<a class="jxr_linenumber" name="L200" href="#L200">200</a> String product = m.group(1);
<a class="jxr_linenumber" name="L201" href="#L201">201</a> <strong class="jxr_keyword">final</strong> String version = m.group(2);
<a class="jxr_linenumber" name="L202" href="#L202">202</a> LOGGER.debug(<span class="jxr_string">"Group 1: "</span> + product);
<a class="jxr_linenumber" name="L203" href="#L203">203</a> LOGGER.debug(<span class="jxr_string">"Group 2: "</span> + version);
<a class="jxr_linenumber" name="L204" href="#L204">204</a> <strong class="jxr_keyword">final</strong> String aliasPrefix = <span class="jxr_string">"ALIASOF_"</span>;
<a class="jxr_linenumber" name="L205" href="#L205">205</a> <strong class="jxr_keyword">if</strong> (product.startsWith(aliasPrefix)) {
<a class="jxr_linenumber" name="L206" href="#L206">206</a> product = product.replaceFirst(aliasPrefix, <span class="jxr_string">""</span>);
<a class="jxr_linenumber" name="L207" href="#L207">207</a> }
<a class="jxr_linenumber" name="L208" href="#L208">208</a> <strong class="jxr_keyword">if</strong> (count &gt; 1) {
<a class="jxr_linenumber" name="L209" href="#L209">209</a> <em class="jxr_comment">//TODO - refactor so we do not assign to the parameter (checkstyle)</em>
<a class="jxr_linenumber" name="L210" href="#L210">210</a> currentDep = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a>(dependency.getActualFile());
<a class="jxr_linenumber" name="L211" href="#L211">211</a> currentDep.setDisplayFileName(String.format(<span class="jxr_string">"%s:%s"</span>, dependency.getDisplayFileName(), product));
<a class="jxr_linenumber" name="L212" href="#L212">212</a> <strong class="jxr_keyword">final</strong> String filePath = String.format(<span class="jxr_string">"%s:%s"</span>, dependency.getFilePath(), product);
<a class="jxr_linenumber" name="L213" href="#L213">213</a> currentDep.setFilePath(filePath);
<a class="jxr_linenumber" name="L214" href="#L214">214</a>
<a class="jxr_linenumber" name="L215" href="#L215">215</a> <em class="jxr_comment">// prevents coalescing into the dependency provided by engine</em>
<a class="jxr_linenumber" name="L216" href="#L216">216</a> currentDep.setSha1sum(Checksum.getHex(sha1.digest(filePath.getBytes())));
<a class="jxr_linenumber" name="L217" href="#L217">217</a> engine.getDependencies().add(currentDep);
<a class="jxr_linenumber" name="L218" href="#L218">218</a> }
<a class="jxr_linenumber" name="L219" href="#L219">219</a> <strong class="jxr_keyword">final</strong> String source = currentDep.getDisplayFileName();
<a class="jxr_linenumber" name="L220" href="#L220">220</a> currentDep.getProductEvidence().addEvidence(source, <span class="jxr_string">"Product"</span>,
<a class="jxr_linenumber" name="L221" href="#L221">221</a> product, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L222" href="#L222">222</a> currentDep.getVersionEvidence().addEvidence(source, <span class="jxr_string">"Version"</span>,
<a class="jxr_linenumber" name="L223" href="#L223">223</a> version, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L224" href="#L224">224</a> }
<a class="jxr_linenumber" name="L225" href="#L225">225</a> LOGGER.debug(String.format(<span class="jxr_string">"Found %d matches."</span>, count));
<a class="jxr_linenumber" name="L226" href="#L226">226</a> }
<a class="jxr_linenumber" name="L227" href="#L227">227</a>
<a class="jxr_linenumber" name="L228" href="#L228">228</a> @Override
<a class="jxr_linenumber" name="L229" href="#L229">229</a> <strong class="jxr_keyword">protected</strong> String getAnalyzerEnabledSettingKey() {
<a class="jxr_linenumber" name="L230" href="#L230">230</a> <strong class="jxr_keyword">return</strong> Settings.KEYS.ANALYZER_CMAKE_ENABLED;
<a class="jxr_linenumber" name="L231" href="#L231">231</a> }
<a class="jxr_linenumber" name="L232" href="#L232">232</a> }
<a class="jxr_linenumber" name="L107" href="#L107">107</a> <em class="jxr_javadoccomment"> * @return the name of the analyzer</em>
<a class="jxr_linenumber" name="L108" href="#L108">108</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L110" href="#L110">110</a> @Override
<a class="jxr_linenumber" name="L111" href="#L111">111</a> <strong class="jxr_keyword">public</strong> String getName() {
<a class="jxr_linenumber" name="L112" href="#L112">112</a> <strong class="jxr_keyword">return</strong> <span class="jxr_string">"CMake Analyzer"</span>;
<a class="jxr_linenumber" name="L113" href="#L113">113</a> }
<a class="jxr_linenumber" name="L114" href="#L114">114</a>
<a class="jxr_linenumber" name="L115" href="#L115">115</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L116" href="#L116">116</a> <em class="jxr_javadoccomment"> * Tell that we are used for information collection.</em>
<a class="jxr_linenumber" name="L117" href="#L117">117</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L118" href="#L118">118</a> <em class="jxr_javadoccomment"> * @return INFORMATION_COLLECTION</em>
<a class="jxr_linenumber" name="L119" href="#L119">119</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L120" href="#L120">120</a> @Override
<a class="jxr_linenumber" name="L121" href="#L121">121</a> <strong class="jxr_keyword">public</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> getAnalysisPhase() {
<a class="jxr_linenumber" name="L122" href="#L122">122</a> <strong class="jxr_keyword">return</strong> AnalysisPhase.INFORMATION_COLLECTION;
<a class="jxr_linenumber" name="L123" href="#L123">123</a> }
<a class="jxr_linenumber" name="L124" href="#L124">124</a>
<a class="jxr_linenumber" name="L125" href="#L125">125</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L126" href="#L126">126</a> <em class="jxr_javadoccomment"> * Returns the set of supported file extensions.</em>
<a class="jxr_linenumber" name="L127" href="#L127">127</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L128" href="#L128">128</a> <em class="jxr_javadoccomment"> * @return the set of supported file extensions</em>
<a class="jxr_linenumber" name="L129" href="#L129">129</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L130" href="#L130">130</a> @Override
<a class="jxr_linenumber" name="L131" href="#L131">131</a> <strong class="jxr_keyword">protected</strong> FileFilter getFileFilter() {
<a class="jxr_linenumber" name="L132" href="#L132">132</a> <strong class="jxr_keyword">return</strong> FILTER;
<a class="jxr_linenumber" name="L133" href="#L133">133</a> }
<a class="jxr_linenumber" name="L134" href="#L134">134</a>
<a class="jxr_linenumber" name="L135" href="#L135">135</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L136" href="#L136">136</a> <em class="jxr_javadoccomment"> * No-op initializer implementation.</em>
<a class="jxr_linenumber" name="L137" href="#L137">137</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L138" href="#L138">138</a> <em class="jxr_javadoccomment"> * @throws Exception never thrown</em>
<a class="jxr_linenumber" name="L139" href="#L139">139</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L140" href="#L140">140</a> @Override
<a class="jxr_linenumber" name="L141" href="#L141">141</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> initializeFileTypeAnalyzer() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L142" href="#L142">142</a> <em class="jxr_comment">// Nothing to do here.</em>
<a class="jxr_linenumber" name="L143" href="#L143">143</a> }
<a class="jxr_linenumber" name="L144" href="#L144">144</a>
<a class="jxr_linenumber" name="L145" href="#L145">145</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L146" href="#L146">146</a> <em class="jxr_javadoccomment"> * Analyzes python packages and adds evidence to the dependency.</em>
<a class="jxr_linenumber" name="L147" href="#L147">147</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L148" href="#L148">148</a> <em class="jxr_javadoccomment"> * @param dependency the dependency being analyzed</em>
<a class="jxr_linenumber" name="L149" href="#L149">149</a> <em class="jxr_javadoccomment"> * @param engine the engine being used to perform the scan</em>
<a class="jxr_linenumber" name="L150" href="#L150">150</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if there is an unrecoverable error analyzing the dependency</em>
<a class="jxr_linenumber" name="L151" href="#L151">151</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L152" href="#L152">152</a> @Override
<a class="jxr_linenumber" name="L153" href="#L153">153</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> analyzeFileType(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine)
<a class="jxr_linenumber" name="L154" href="#L154">154</a> <strong class="jxr_keyword">throws</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a> {
<a class="jxr_linenumber" name="L155" href="#L155">155</a> <strong class="jxr_keyword">final</strong> File file = dependency.getActualFile();
<a class="jxr_linenumber" name="L156" href="#L156">156</a> <strong class="jxr_keyword">final</strong> String parentName = file.getParentFile().getName();
<a class="jxr_linenumber" name="L157" href="#L157">157</a> <strong class="jxr_keyword">final</strong> String name = file.getName();
<a class="jxr_linenumber" name="L158" href="#L158">158</a> dependency.setDisplayFileName(String.format(<span class="jxr_string">"%s%c%s"</span>, parentName, File.separatorChar, name));
<a class="jxr_linenumber" name="L159" href="#L159">159</a> String contents;
<a class="jxr_linenumber" name="L160" href="#L160">160</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L161" href="#L161">161</a> contents = FileUtils.readFileToString(file).trim();
<a class="jxr_linenumber" name="L162" href="#L162">162</a> } <strong class="jxr_keyword">catch</strong> (IOException e) {
<a class="jxr_linenumber" name="L163" href="#L163">163</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(
<a class="jxr_linenumber" name="L164" href="#L164">164</a> <span class="jxr_string">"Problem occurred while reading dependency file."</span>, e);
<a class="jxr_linenumber" name="L165" href="#L165">165</a> }
<a class="jxr_linenumber" name="L166" href="#L166">166</a>
<a class="jxr_linenumber" name="L167" href="#L167">167</a> <strong class="jxr_keyword">if</strong> (StringUtils.isNotBlank(contents)) {
<a class="jxr_linenumber" name="L168" href="#L168">168</a> <strong class="jxr_keyword">final</strong> Matcher m = PROJECT.matcher(contents);
<a class="jxr_linenumber" name="L169" href="#L169">169</a> <strong class="jxr_keyword">int</strong> count = 0;
<a class="jxr_linenumber" name="L170" href="#L170">170</a> <strong class="jxr_keyword">while</strong> (m.find()) {
<a class="jxr_linenumber" name="L171" href="#L171">171</a> count++;
<a class="jxr_linenumber" name="L172" href="#L172">172</a> LOGGER.debug(String.format(
<a class="jxr_linenumber" name="L173" href="#L173">173</a> <span class="jxr_string">"Found project command match with %d groups: %s"</span>,
<a class="jxr_linenumber" name="L174" href="#L174">174</a> m.groupCount(), m.group(0)));
<a class="jxr_linenumber" name="L175" href="#L175">175</a> <strong class="jxr_keyword">final</strong> String group = m.group(1);
<a class="jxr_linenumber" name="L176" href="#L176">176</a> LOGGER.debug(<span class="jxr_string">"Group 1: "</span> + group);
<a class="jxr_linenumber" name="L177" href="#L177">177</a> dependency.getProductEvidence().addEvidence(name, <span class="jxr_string">"Project"</span>,
<a class="jxr_linenumber" name="L178" href="#L178">178</a> group, Confidence.HIGH);
<a class="jxr_linenumber" name="L179" href="#L179">179</a> }
<a class="jxr_linenumber" name="L180" href="#L180">180</a> LOGGER.debug(<span class="jxr_string">"Found {} matches."</span>, count);
<a class="jxr_linenumber" name="L181" href="#L181">181</a> analyzeSetVersionCommand(dependency, engine, contents);
<a class="jxr_linenumber" name="L182" href="#L182">182</a> }
<a class="jxr_linenumber" name="L183" href="#L183">183</a> }
<a class="jxr_linenumber" name="L184" href="#L184">184</a>
<a class="jxr_linenumber" name="L185" href="#L185">185</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L186" href="#L186">186</a> <em class="jxr_javadoccomment"> * Extracts the version information from the contents. If more then one version is found additional dependencies are added to</em>
<a class="jxr_linenumber" name="L187" href="#L187">187</a> <em class="jxr_javadoccomment"> * the dependency list.</em>
<a class="jxr_linenumber" name="L188" href="#L188">188</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L189" href="#L189">189</a> <em class="jxr_javadoccomment"> * @param dependency the dependency being analyzed</em>
<a class="jxr_linenumber" name="L190" href="#L190">190</a> <em class="jxr_javadoccomment"> * @param engine the dependency-check engine</em>
<a class="jxr_linenumber" name="L191" href="#L191">191</a> <em class="jxr_javadoccomment"> * @param contents the version information</em>
<a class="jxr_linenumber" name="L192" href="#L192">192</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L193" href="#L193">193</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> analyzeSetVersionCommand(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency, <a href="../../../../org/owasp/dependencycheck/Engine.html">Engine</a> engine, String contents) {
<a class="jxr_linenumber" name="L194" href="#L194">194</a> <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> currentDep = dependency;
<a class="jxr_linenumber" name="L195" href="#L195">195</a>
<a class="jxr_linenumber" name="L196" href="#L196">196</a> <strong class="jxr_keyword">final</strong> Matcher m = SET_VERSION.matcher(contents);
<a class="jxr_linenumber" name="L197" href="#L197">197</a> <strong class="jxr_keyword">int</strong> count = 0;
<a class="jxr_linenumber" name="L198" href="#L198">198</a> <strong class="jxr_keyword">while</strong> (m.find()) {
<a class="jxr_linenumber" name="L199" href="#L199">199</a> count++;
<a class="jxr_linenumber" name="L200" href="#L200">200</a> LOGGER.debug(<span class="jxr_string">"Found project command match with {} groups: {}"</span>,
<a class="jxr_linenumber" name="L201" href="#L201">201</a> m.groupCount(), m.group(0));
<a class="jxr_linenumber" name="L202" href="#L202">202</a> String product = m.group(1);
<a class="jxr_linenumber" name="L203" href="#L203">203</a> <strong class="jxr_keyword">final</strong> String version = m.group(2);
<a class="jxr_linenumber" name="L204" href="#L204">204</a> LOGGER.debug(<span class="jxr_string">"Group 1: "</span> + product);
<a class="jxr_linenumber" name="L205" href="#L205">205</a> LOGGER.debug(<span class="jxr_string">"Group 2: "</span> + version);
<a class="jxr_linenumber" name="L206" href="#L206">206</a> <strong class="jxr_keyword">final</strong> String aliasPrefix = <span class="jxr_string">"ALIASOF_"</span>;
<a class="jxr_linenumber" name="L207" href="#L207">207</a> <strong class="jxr_keyword">if</strong> (product.startsWith(aliasPrefix)) {
<a class="jxr_linenumber" name="L208" href="#L208">208</a> product = product.replaceFirst(aliasPrefix, <span class="jxr_string">""</span>);
<a class="jxr_linenumber" name="L209" href="#L209">209</a> }
<a class="jxr_linenumber" name="L210" href="#L210">210</a> <strong class="jxr_keyword">if</strong> (count &gt; 1) {
<a class="jxr_linenumber" name="L211" href="#L211">211</a> <em class="jxr_comment">//TODO - refactor so we do not assign to the parameter (checkstyle)</em>
<a class="jxr_linenumber" name="L212" href="#L212">212</a> currentDep = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a>(dependency.getActualFile());
<a class="jxr_linenumber" name="L213" href="#L213">213</a> currentDep.setDisplayFileName(String.format(<span class="jxr_string">"%s:%s"</span>, dependency.getDisplayFileName(), product));
<a class="jxr_linenumber" name="L214" href="#L214">214</a> <strong class="jxr_keyword">final</strong> String filePath = String.format(<span class="jxr_string">"%s:%s"</span>, dependency.getFilePath(), product);
<a class="jxr_linenumber" name="L215" href="#L215">215</a> currentDep.setFilePath(filePath);
<a class="jxr_linenumber" name="L216" href="#L216">216</a>
<a class="jxr_linenumber" name="L217" href="#L217">217</a> byte[] path;
<a class="jxr_linenumber" name="L218" href="#L218">218</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L219" href="#L219">219</a> path = filePath.getBytes(<span class="jxr_string">"UTF-8"</span>);
<a class="jxr_linenumber" name="L220" href="#L220">220</a> } <strong class="jxr_keyword">catch</strong> (UnsupportedEncodingException ex) {
<a class="jxr_linenumber" name="L221" href="#L221">221</a> path = filePath.getBytes();
<a class="jxr_linenumber" name="L222" href="#L222">222</a> }
<a class="jxr_linenumber" name="L223" href="#L223">223</a> currentDep.setSha1sum(Checksum.getHex(sha1.digest(path)));
<a class="jxr_linenumber" name="L224" href="#L224">224</a> engine.getDependencies().add(currentDep);
<a class="jxr_linenumber" name="L225" href="#L225">225</a> }
<a class="jxr_linenumber" name="L226" href="#L226">226</a> <strong class="jxr_keyword">final</strong> String source = currentDep.getDisplayFileName();
<a class="jxr_linenumber" name="L227" href="#L227">227</a> currentDep.getProductEvidence().addEvidence(source, <span class="jxr_string">"Product"</span>,
<a class="jxr_linenumber" name="L228" href="#L228">228</a> product, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L229" href="#L229">229</a> currentDep.getVersionEvidence().addEvidence(source, <span class="jxr_string">"Version"</span>,
<a class="jxr_linenumber" name="L230" href="#L230">230</a> version, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L231" href="#L231">231</a> }
<a class="jxr_linenumber" name="L232" href="#L232">232</a> LOGGER.debug(String.format(<span class="jxr_string">"Found %d matches."</span>, count));
<a class="jxr_linenumber" name="L233" href="#L233">233</a> }
<a class="jxr_linenumber" name="L234" href="#L234">234</a>
<a class="jxr_linenumber" name="L235" href="#L235">235</a> @Override
<a class="jxr_linenumber" name="L236" href="#L236">236</a> <strong class="jxr_keyword">protected</strong> String getAnalyzerEnabledSettingKey() {
<a class="jxr_linenumber" name="L237" href="#L237">237</a> <strong class="jxr_keyword">return</strong> Settings.KEYS.ANALYZER_CMAKE_ENABLED;
<a class="jxr_linenumber" name="L238" href="#L238">238</a> }
<a class="jxr_linenumber" name="L239" href="#L239">239</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

1270
xref/org/owasp/dependencycheck/analyzer/CPEAnalyzer.html
View File

File diff suppressed because it is too large Load Diff

2
xref/org/owasp/dependencycheck/analyzer/CentralAnalyzer.html
View File

@@ -246,6 +246,6 @@
<a class="jxr_linenumber" name="L238" href="#L238">238</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzer.html
View File

@@ -170,6 +170,6 @@
<a class="jxr_linenumber" name="L162" href="#L162">162</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/CpeSuppressionAnalyzer.html
View File

@@ -83,6 +83,6 @@
<a class="jxr_linenumber" name="L75" href="#L75">75</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.html
View File

@@ -436,6 +436,6 @@
<a class="jxr_linenumber" name="L428" href="#L428">428</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.html
View File

@@ -491,6 +491,6 @@
<a class="jxr_linenumber" name="L483" href="#L483">483</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/FileNameAnalyzer.html
View File

@@ -120,6 +120,6 @@
<a class="jxr_linenumber" name="L112" href="#L112">112</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/FileTypeAnalyzer.html
View File

@@ -41,6 +41,6 @@
<a class="jxr_linenumber" name="L33" href="#L33">33</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/HintAnalyzer.html
View File

@@ -184,6 +184,6 @@
<a class="jxr_linenumber" name="L176" href="#L176">176</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

677
xref/org/owasp/dependencycheck/analyzer/JarAnalyzer.html
View File

@@ -328,7 +328,7 @@
<a class="jxr_linenumber" name="L320" href="#L320">320</a> foundSomething |= setPomEvidence(dependency, pom, classes);
<a class="jxr_linenumber" name="L321" href="#L321">321</a> }
<a class="jxr_linenumber" name="L322" href="#L322">322</a> } <strong class="jxr_keyword">catch</strong> (AnalysisException ex) {
<a class="jxr_linenumber" name="L323" href="#L323">323</a> LOGGER.warn(<span class="jxr_string">"An error occured while analyzing '{}'."</span>, dependency.getActualFilePath());
<a class="jxr_linenumber" name="L323" href="#L323">323</a> LOGGER.warn(<span class="jxr_string">"An error occurred while analyzing '{}'."</span>, dependency.getActualFilePath());
<a class="jxr_linenumber" name="L324" href="#L324">324</a> LOGGER.trace(<span class="jxr_string">""</span>, ex);
<a class="jxr_linenumber" name="L325" href="#L325">325</a> }
<a class="jxr_linenumber" name="L326" href="#L326">326</a> }
@@ -843,351 +843,348 @@
<a class="jxr_linenumber" name="L835" href="#L835">835</a> }
<a class="jxr_linenumber" name="L836" href="#L836">836</a>
<a class="jxr_linenumber" name="L837" href="#L837">837</a> <strong class="jxr_keyword">if</strong> (pos &gt; 0) {
<a class="jxr_linenumber" name="L838" href="#L838">838</a> <strong class="jxr_keyword">final</strong> StringBuilder sb = <strong class="jxr_keyword">new</strong> StringBuilder(pos + 3);
<a class="jxr_linenumber" name="L839" href="#L839">839</a> sb.append(desc.substring(0, pos));
<a class="jxr_linenumber" name="L840" href="#L840">840</a> sb.append(<span class="jxr_string">"..."</span>);
<a class="jxr_linenumber" name="L841" href="#L841">841</a> desc = sb.toString();
<a class="jxr_linenumber" name="L842" href="#L842">842</a> }
<a class="jxr_linenumber" name="L843" href="#L843">843</a> dependency.getProductEvidence().addEvidence(source, key, desc, Confidence.LOW);
<a class="jxr_linenumber" name="L844" href="#L844">844</a> dependency.getVendorEvidence().addEvidence(source, key, desc, Confidence.LOW);
<a class="jxr_linenumber" name="L845" href="#L845">845</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L846" href="#L846">846</a> dependency.getProductEvidence().addEvidence(source, key, desc, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L847" href="#L847">847</a> dependency.getVendorEvidence().addEvidence(source, key, desc, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L848" href="#L848">848</a> }
<a class="jxr_linenumber" name="L849" href="#L849">849</a> <strong class="jxr_keyword">return</strong> desc;
<a class="jxr_linenumber" name="L850" href="#L850">850</a> }
<a class="jxr_linenumber" name="L851" href="#L851">851</a>
<a class="jxr_linenumber" name="L852" href="#L852">852</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L853" href="#L853">853</a> <em class="jxr_javadoccomment"> * Adds a license to the given dependency.</em>
<a class="jxr_linenumber" name="L854" href="#L854">854</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L855" href="#L855">855</a> <em class="jxr_javadoccomment"> * @param d a dependency</em>
<a class="jxr_linenumber" name="L856" href="#L856">856</a> <em class="jxr_javadoccomment"> * @param license the license</em>
<a class="jxr_linenumber" name="L857" href="#L857">857</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L858" href="#L858">858</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> addLicense(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> d, String license) {
<a class="jxr_linenumber" name="L859" href="#L859">859</a> <strong class="jxr_keyword">if</strong> (d.getLicense() == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L860" href="#L860">860</a> d.setLicense(license);
<a class="jxr_linenumber" name="L861" href="#L861">861</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (!d.getLicense().contains(license)) {
<a class="jxr_linenumber" name="L862" href="#L862">862</a> d.setLicense(d.getLicense() + NEWLINE + license);
<a class="jxr_linenumber" name="L863" href="#L863">863</a> }
<a class="jxr_linenumber" name="L864" href="#L864">864</a> }
<a class="jxr_linenumber" name="L865" href="#L865">865</a>
<a class="jxr_linenumber" name="L866" href="#L866">866</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L867" href="#L867">867</a> <em class="jxr_javadoccomment"> * The parent directory for the individual directories per archive.</em>
<a class="jxr_linenumber" name="L868" href="#L868">868</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L869" href="#L869">869</a> <strong class="jxr_keyword">private</strong> File tempFileLocation = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L870" href="#L870">870</a>
<a class="jxr_linenumber" name="L871" href="#L871">871</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L872" href="#L872">872</a> <em class="jxr_javadoccomment"> * Initializes the JarAnalyzer.</em>
<a class="jxr_linenumber" name="L873" href="#L873">873</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L874" href="#L874">874</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown if there is an exception creating a temporary directory</em>
<a class="jxr_linenumber" name="L875" href="#L875">875</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L876" href="#L876">876</a> @Override
<a class="jxr_linenumber" name="L877" href="#L877">877</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> initializeFileTypeAnalyzer() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L878" href="#L878">878</a> <strong class="jxr_keyword">final</strong> File baseDir = Settings.getTempDirectory();
<a class="jxr_linenumber" name="L879" href="#L879">879</a> tempFileLocation = File.createTempFile(<span class="jxr_string">"check"</span>, <span class="jxr_string">"tmp"</span>, baseDir);
<a class="jxr_linenumber" name="L880" href="#L880">880</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.delete()) {
<a class="jxr_linenumber" name="L881" href="#L881">881</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to delete temporary file '%s'."</span>, tempFileLocation.getAbsolutePath());
<a class="jxr_linenumber" name="L882" href="#L882">882</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(msg);
<a class="jxr_linenumber" name="L883" href="#L883">883</a> }
<a class="jxr_linenumber" name="L884" href="#L884">884</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.mkdirs()) {
<a class="jxr_linenumber" name="L885" href="#L885">885</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to create directory '%s'."</span>, tempFileLocation.getAbsolutePath());
<a class="jxr_linenumber" name="L886" href="#L886">886</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(msg);
<a class="jxr_linenumber" name="L887" href="#L887">887</a> }
<a class="jxr_linenumber" name="L888" href="#L888">888</a> }
<a class="jxr_linenumber" name="L889" href="#L889">889</a>
<a class="jxr_linenumber" name="L890" href="#L890">890</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L891" href="#L891">891</a> <em class="jxr_javadoccomment"> * Deletes any files extracted from the JAR during analysis.</em>
<a class="jxr_linenumber" name="L892" href="#L892">892</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L893" href="#L893">893</a> @Override
<a class="jxr_linenumber" name="L894" href="#L894">894</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
<a class="jxr_linenumber" name="L895" href="#L895">895</a> <strong class="jxr_keyword">if</strong> (tempFileLocation != <strong class="jxr_keyword">null</strong> &amp;&amp; tempFileLocation.exists()) {
<a class="jxr_linenumber" name="L896" href="#L896">896</a> LOGGER.debug(<span class="jxr_string">"Attempting to delete temporary files"</span>);
<a class="jxr_linenumber" name="L897" href="#L897">897</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">boolean</strong> success = FileUtils.delete(tempFileLocation);
<a class="jxr_linenumber" name="L898" href="#L898">898</a> <strong class="jxr_keyword">if</strong> (!success) {
<a class="jxr_linenumber" name="L899" href="#L899">899</a> LOGGER.warn(<span class="jxr_string">"Failed to delete some temporary files, see the log for more details"</span>);
<a class="jxr_linenumber" name="L900" href="#L900">900</a> }
<a class="jxr_linenumber" name="L901" href="#L901">901</a> }
<a class="jxr_linenumber" name="L902" href="#L902">902</a> }
<a class="jxr_linenumber" name="L903" href="#L903">903</a>
<a class="jxr_linenumber" name="L904" href="#L904">904</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L905" href="#L905">905</a> <em class="jxr_javadoccomment"> * Determines if the key value pair from the manifest is for an "import" type entry for package names.</em>
<a class="jxr_linenumber" name="L906" href="#L906">906</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L907" href="#L907">907</a> <em class="jxr_javadoccomment"> * @param key the key from the manifest</em>
<a class="jxr_linenumber" name="L908" href="#L908">908</a> <em class="jxr_javadoccomment"> * @param value the value from the manifest</em>
<a class="jxr_linenumber" name="L909" href="#L909">909</a> <em class="jxr_javadoccomment"> * @return true or false depending on if it is believed the entry is an "import" entry</em>
<a class="jxr_linenumber" name="L910" href="#L910">910</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L911" href="#L911">911</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> isImportPackage(String key, String value) {
<a class="jxr_linenumber" name="L912" href="#L912">912</a> <strong class="jxr_keyword">final</strong> Pattern packageRx = Pattern.compile(<span class="jxr_string">"^([a-zA-Z0-9_#&#92;&#92;$&#92;&#92;*&#92;&#92;.]+&#92;&#92;s*[,;]&#92;&#92;s*)+([a-zA-Z0-9_#&#92;&#92;$&#92;&#92;*&#92;&#92;.]+&#92;&#92;s*)?$"</span>);
<a class="jxr_linenumber" name="L913" href="#L913">913</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">boolean</strong> matches = packageRx.matcher(value).matches();
<a class="jxr_linenumber" name="L914" href="#L914">914</a> <strong class="jxr_keyword">return</strong> matches &amp;&amp; (key.contains(<span class="jxr_string">"import"</span>) || key.contains(<span class="jxr_string">"include"</span>) || value.length() &gt; 10);
<a class="jxr_linenumber" name="L915" href="#L915">915</a> }
<a class="jxr_linenumber" name="L916" href="#L916">916</a>
<a class="jxr_linenumber" name="L917" href="#L917">917</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L918" href="#L918">918</a> <em class="jxr_javadoccomment"> * Cycles through an enumeration of JarEntries, contained within the dependency, and returns a list of the class names. This</em>
<a class="jxr_linenumber" name="L919" href="#L919">919</a> <em class="jxr_javadoccomment"> * does not include core Java package names (i.e. java.* or javax.*).</em>
<a class="jxr_linenumber" name="L920" href="#L920">920</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L921" href="#L921">921</a> <em class="jxr_javadoccomment"> * @param dependency the dependency being analyzed</em>
<a class="jxr_linenumber" name="L922" href="#L922">922</a> <em class="jxr_javadoccomment"> * @return an list of fully qualified class names</em>
<a class="jxr_linenumber" name="L923" href="#L923">923</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L924" href="#L924">924</a> <strong class="jxr_keyword">private</strong> List&lt;ClassNameInformation&gt; collectClassNames(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency) {
<a class="jxr_linenumber" name="L925" href="#L925">925</a> <strong class="jxr_keyword">final</strong> List&lt;ClassNameInformation&gt; classNames = <strong class="jxr_keyword">new</strong> ArrayList&lt;ClassNameInformation&gt;();
<a class="jxr_linenumber" name="L926" href="#L926">926</a> JarFile jar = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L927" href="#L927">927</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L928" href="#L928">928</a> jar = <strong class="jxr_keyword">new</strong> JarFile(dependency.getActualFilePath());
<a class="jxr_linenumber" name="L929" href="#L929">929</a> <strong class="jxr_keyword">final</strong> Enumeration&lt;JarEntry&gt; entries = jar.entries();
<a class="jxr_linenumber" name="L930" href="#L930">930</a> <strong class="jxr_keyword">while</strong> (entries.hasMoreElements()) {
<a class="jxr_linenumber" name="L931" href="#L931">931</a> <strong class="jxr_keyword">final</strong> JarEntry entry = entries.nextElement();
<a class="jxr_linenumber" name="L932" href="#L932">932</a> <strong class="jxr_keyword">final</strong> String name = entry.getName().toLowerCase();
<a class="jxr_linenumber" name="L933" href="#L933">933</a> <em class="jxr_comment">//no longer stripping "|com&#92;&#92;.sun" - there are some com.sun jar files with CVEs.</em>
<a class="jxr_linenumber" name="L934" href="#L934">934</a> <strong class="jxr_keyword">if</strong> (name.endsWith(<span class="jxr_string">".class"</span>) &amp;&amp; !name.matches(<span class="jxr_string">"^javax?&#92;&#92;..*$"</span>)) {
<a class="jxr_linenumber" name="L935" href="#L935">935</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a> className = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a>(name.substring(0, name.length() - 6));
<a class="jxr_linenumber" name="L936" href="#L936">936</a> classNames.add(className);
<a class="jxr_linenumber" name="L937" href="#L937">937</a> }
<a class="jxr_linenumber" name="L938" href="#L938">938</a> }
<a class="jxr_linenumber" name="L939" href="#L939">939</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="L940" href="#L940">940</a> LOGGER.warn(<span class="jxr_string">"Unable to open jar file '{}'."</span>, dependency.getFileName());
<a class="jxr_linenumber" name="L941" href="#L941">941</a> LOGGER.debug(<span class="jxr_string">""</span>, ex);
<a class="jxr_linenumber" name="L942" href="#L942">942</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L943" href="#L943">943</a> <strong class="jxr_keyword">if</strong> (jar != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L944" href="#L944">944</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L945" href="#L945">945</a> jar.close();
<a class="jxr_linenumber" name="L946" href="#L946">946</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="L947" href="#L947">947</a> LOGGER.trace(<span class="jxr_string">""</span>, ex);
<a class="jxr_linenumber" name="L948" href="#L948">948</a> }
<a class="jxr_linenumber" name="L949" href="#L949">949</a> }
<a class="jxr_linenumber" name="L950" href="#L950">950</a> }
<a class="jxr_linenumber" name="L951" href="#L951">951</a> <strong class="jxr_keyword">return</strong> classNames;
<a class="jxr_linenumber" name="L952" href="#L952">952</a> }
<a class="jxr_linenumber" name="L953" href="#L953">953</a>
<a class="jxr_linenumber" name="L954" href="#L954">954</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L955" href="#L955">955</a> <em class="jxr_javadoccomment"> * Cycles through the list of class names and places the package levels 0-3 into the provided maps for vendor and product.</em>
<a class="jxr_linenumber" name="L956" href="#L956">956</a> <em class="jxr_javadoccomment"> * This is helpful when analyzing vendor/product as many times this is included in the package name.</em>
<a class="jxr_linenumber" name="L957" href="#L957">957</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L958" href="#L958">958</a> <em class="jxr_javadoccomment"> * @param classNames a list of class names</em>
<a class="jxr_linenumber" name="L959" href="#L959">959</a> <em class="jxr_javadoccomment"> * @param vendor HashMap of possible vendor names from package names (e.g. owasp)</em>
<a class="jxr_linenumber" name="L960" href="#L960">960</a> <em class="jxr_javadoccomment"> * @param product HashMap of possible product names from package names (e.g. dependencycheck)</em>
<a class="jxr_linenumber" name="L961" href="#L961">961</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L962" href="#L962">962</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> analyzeFullyQualifiedClassNames(List&lt;ClassNameInformation&gt; classNames,
<a class="jxr_linenumber" name="L963" href="#L963">963</a> Map&lt;String, Integer&gt; vendor, Map&lt;String, Integer&gt; product) {
<a class="jxr_linenumber" name="L964" href="#L964">964</a> <strong class="jxr_keyword">for</strong> (ClassNameInformation entry : classNames) {
<a class="jxr_linenumber" name="L965" href="#L965">965</a> <strong class="jxr_keyword">final</strong> List&lt;String&gt; list = entry.getPackageStructure();
<a class="jxr_linenumber" name="L966" href="#L966">966</a> addEntry(vendor, list.get(0));
<a class="jxr_linenumber" name="L967" href="#L967">967</a>
<a class="jxr_linenumber" name="L968" href="#L968">968</a> <strong class="jxr_keyword">if</strong> (list.size() == 2) {
<a class="jxr_linenumber" name="L969" href="#L969">969</a> addEntry(product, list.get(1));
<a class="jxr_linenumber" name="L970" href="#L970">970</a> }
<a class="jxr_linenumber" name="L971" href="#L971">971</a> <strong class="jxr_keyword">if</strong> (list.size() == 3) {
<a class="jxr_linenumber" name="L972" href="#L972">972</a> addEntry(vendor, list.get(1));
<a class="jxr_linenumber" name="L973" href="#L973">973</a> addEntry(product, list.get(1));
<a class="jxr_linenumber" name="L974" href="#L974">974</a> addEntry(product, list.get(2));
<a class="jxr_linenumber" name="L975" href="#L975">975</a> }
<a class="jxr_linenumber" name="L976" href="#L976">976</a> <strong class="jxr_keyword">if</strong> (list.size() &gt;= 4) {
<a class="jxr_linenumber" name="L977" href="#L977">977</a> addEntry(vendor, list.get(1));
<a class="jxr_linenumber" name="L978" href="#L978">978</a> addEntry(vendor, list.get(2));
<a class="jxr_linenumber" name="L979" href="#L979">979</a> addEntry(product, list.get(1));
<a class="jxr_linenumber" name="L980" href="#L980">980</a> addEntry(product, list.get(2));
<a class="jxr_linenumber" name="L981" href="#L981">981</a> addEntry(product, list.get(3));
<a class="jxr_linenumber" name="L982" href="#L982">982</a> }
<a class="jxr_linenumber" name="L983" href="#L983">983</a> }
<a class="jxr_linenumber" name="L984" href="#L984">984</a> }
<a class="jxr_linenumber" name="L985" href="#L985">985</a>
<a class="jxr_linenumber" name="L986" href="#L986">986</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L987" href="#L987">987</a> <em class="jxr_javadoccomment"> * Adds an entry to the specified collection and sets the Integer (e.g. the count) to 1. If the entry already exists in the</em>
<a class="jxr_linenumber" name="L988" href="#L988">988</a> <em class="jxr_javadoccomment"> * collection then the Integer is incremented by 1.</em>
<a class="jxr_linenumber" name="L989" href="#L989">989</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L990" href="#L990">990</a> <em class="jxr_javadoccomment"> * @param collection a collection of strings and their occurrence count</em>
<a class="jxr_linenumber" name="L991" href="#L991">991</a> <em class="jxr_javadoccomment"> * @param key the key to add to the collection</em>
<a class="jxr_linenumber" name="L992" href="#L992">992</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L993" href="#L993">993</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> addEntry(Map&lt;String, Integer&gt; collection, String key) {
<a class="jxr_linenumber" name="L994" href="#L994">994</a> <strong class="jxr_keyword">if</strong> (collection.containsKey(key)) {
<a class="jxr_linenumber" name="L995" href="#L995">995</a> collection.put(key, collection.get(key) + 1);
<a class="jxr_linenumber" name="L996" href="#L996">996</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L997" href="#L997">997</a> collection.put(key, 1);
<a class="jxr_linenumber" name="L998" href="#L998">998</a> }
<a class="jxr_linenumber" name="L999" href="#L999">999</a> }
<a class="jxr_linenumber" name="L1000" href="#L1000">1000</a>
<a class="jxr_linenumber" name="L1001" href="#L1001">1001</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1002" href="#L1002">1002</a> <em class="jxr_javadoccomment"> * Cycles through the collection of class name information to see if parts of the package names are contained in the provided</em>
<a class="jxr_linenumber" name="L1003" href="#L1003">1003</a> <em class="jxr_javadoccomment"> * value. If found, it will be added as the HIGHEST confidence evidence because we have more then one source corroborating the</em>
<a class="jxr_linenumber" name="L1004" href="#L1004">1004</a> <em class="jxr_javadoccomment"> * value.</em>
<a class="jxr_linenumber" name="L1005" href="#L1005">1005</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1006" href="#L1006">1006</a> <em class="jxr_javadoccomment"> * @param classes a collection of class name information</em>
<a class="jxr_linenumber" name="L1007" href="#L1007">1007</a> <em class="jxr_javadoccomment"> * @param value the value to check to see if it contains a package name</em>
<a class="jxr_linenumber" name="L1008" href="#L1008">1008</a> <em class="jxr_javadoccomment"> * @param evidence the evidence collection to add new entries too</em>
<a class="jxr_linenumber" name="L1009" href="#L1009">1009</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1010" href="#L1010">1010</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> addMatchingValues(List&lt;ClassNameInformation&gt; classes, String value, <a href="../../../../org/owasp/dependencycheck/dependency/EvidenceCollection.html">EvidenceCollection</a> evidence) {
<a class="jxr_linenumber" name="L1011" href="#L1011">1011</a> <strong class="jxr_keyword">if</strong> (value == <strong class="jxr_keyword">null</strong> || value.isEmpty() || classes == <strong class="jxr_keyword">null</strong> || classes.isEmpty()) {
<a class="jxr_linenumber" name="L1012" href="#L1012">1012</a> <strong class="jxr_keyword">return</strong>;
<a class="jxr_linenumber" name="L1013" href="#L1013">1013</a> }
<a class="jxr_linenumber" name="L1014" href="#L1014">1014</a> <strong class="jxr_keyword">final</strong> String text = value.toLowerCase();
<a class="jxr_linenumber" name="L1015" href="#L1015">1015</a> <strong class="jxr_keyword">for</strong> (ClassNameInformation cni : classes) {
<a class="jxr_linenumber" name="L1016" href="#L1016">1016</a> <strong class="jxr_keyword">for</strong> (String key : cni.getPackageStructure()) {
<a class="jxr_linenumber" name="L1017" href="#L1017">1017</a> <strong class="jxr_keyword">if</strong> (text.contains(key)) { <em class="jxr_comment">//note, package structure elements are already lowercase.</em>
<a class="jxr_linenumber" name="L1018" href="#L1018">1018</a> evidence.addEvidence(<span class="jxr_string">"jar"</span>, <span class="jxr_string">"package name"</span>, key, Confidence.HIGHEST);
<a class="jxr_linenumber" name="L1019" href="#L1019">1019</a> }
<a class="jxr_linenumber" name="L1020" href="#L1020">1020</a> }
<a class="jxr_linenumber" name="L1021" href="#L1021">1021</a> }
<a class="jxr_linenumber" name="L1022" href="#L1022">1022</a> }
<a class="jxr_linenumber" name="L1023" href="#L1023">1023</a>
<a class="jxr_linenumber" name="L1024" href="#L1024">1024</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1025" href="#L1025">1025</a> <em class="jxr_javadoccomment"> * Simple check to see if the attribute from a manifest is just a package name.</em>
<a class="jxr_linenumber" name="L1026" href="#L1026">1026</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1027" href="#L1027">1027</a> <em class="jxr_javadoccomment"> * @param key the key of the value to check</em>
<a class="jxr_linenumber" name="L1028" href="#L1028">1028</a> <em class="jxr_javadoccomment"> * @param value the value to check</em>
<a class="jxr_linenumber" name="L1029" href="#L1029">1029</a> <em class="jxr_javadoccomment"> * @return true if the value looks like a java package name, otherwise false</em>
<a class="jxr_linenumber" name="L1030" href="#L1030">1030</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1031" href="#L1031">1031</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> isPackage(String key, String value) {
<a class="jxr_linenumber" name="L838" href="#L838">838</a> desc = desc.substring(0, pos) + <span class="jxr_string">"..."</span>;
<a class="jxr_linenumber" name="L839" href="#L839">839</a> }
<a class="jxr_linenumber" name="L840" href="#L840">840</a> dependency.getProductEvidence().addEvidence(source, key, desc, Confidence.LOW);
<a class="jxr_linenumber" name="L841" href="#L841">841</a> dependency.getVendorEvidence().addEvidence(source, key, desc, Confidence.LOW);
<a class="jxr_linenumber" name="L842" href="#L842">842</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L843" href="#L843">843</a> dependency.getProductEvidence().addEvidence(source, key, desc, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L844" href="#L844">844</a> dependency.getVendorEvidence().addEvidence(source, key, desc, Confidence.MEDIUM);
<a class="jxr_linenumber" name="L845" href="#L845">845</a> }
<a class="jxr_linenumber" name="L846" href="#L846">846</a> <strong class="jxr_keyword">return</strong> desc;
<a class="jxr_linenumber" name="L847" href="#L847">847</a> }
<a class="jxr_linenumber" name="L848" href="#L848">848</a>
<a class="jxr_linenumber" name="L849" href="#L849">849</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L850" href="#L850">850</a> <em class="jxr_javadoccomment"> * Adds a license to the given dependency.</em>
<a class="jxr_linenumber" name="L851" href="#L851">851</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L852" href="#L852">852</a> <em class="jxr_javadoccomment"> * @param d a dependency</em>
<a class="jxr_linenumber" name="L853" href="#L853">853</a> <em class="jxr_javadoccomment"> * @param license the license</em>
<a class="jxr_linenumber" name="L854" href="#L854">854</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L855" href="#L855">855</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> addLicense(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> d, String license) {
<a class="jxr_linenumber" name="L856" href="#L856">856</a> <strong class="jxr_keyword">if</strong> (d.getLicense() == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L857" href="#L857">857</a> d.setLicense(license);
<a class="jxr_linenumber" name="L858" href="#L858">858</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (!d.getLicense().contains(license)) {
<a class="jxr_linenumber" name="L859" href="#L859">859</a> d.setLicense(d.getLicense() + NEWLINE + license);
<a class="jxr_linenumber" name="L860" href="#L860">860</a> }
<a class="jxr_linenumber" name="L861" href="#L861">861</a> }
<a class="jxr_linenumber" name="L862" href="#L862">862</a>
<a class="jxr_linenumber" name="L863" href="#L863">863</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L864" href="#L864">864</a> <em class="jxr_javadoccomment"> * The parent directory for the individual directories per archive.</em>
<a class="jxr_linenumber" name="L865" href="#L865">865</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L866" href="#L866">866</a> <strong class="jxr_keyword">private</strong> File tempFileLocation = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L867" href="#L867">867</a>
<a class="jxr_linenumber" name="L868" href="#L868">868</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L869" href="#L869">869</a> <em class="jxr_javadoccomment"> * Initializes the JarAnalyzer.</em>
<a class="jxr_linenumber" name="L870" href="#L870">870</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L871" href="#L871">871</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown if there is an exception creating a temporary directory</em>
<a class="jxr_linenumber" name="L872" href="#L872">872</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L873" href="#L873">873</a> @Override
<a class="jxr_linenumber" name="L874" href="#L874">874</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> initializeFileTypeAnalyzer() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L875" href="#L875">875</a> <strong class="jxr_keyword">final</strong> File baseDir = Settings.getTempDirectory();
<a class="jxr_linenumber" name="L876" href="#L876">876</a> tempFileLocation = File.createTempFile(<span class="jxr_string">"check"</span>, <span class="jxr_string">"tmp"</span>, baseDir);
<a class="jxr_linenumber" name="L877" href="#L877">877</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.delete()) {
<a class="jxr_linenumber" name="L878" href="#L878">878</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to delete temporary file '%s'."</span>, tempFileLocation.getAbsolutePath());
<a class="jxr_linenumber" name="L879" href="#L879">879</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(msg);
<a class="jxr_linenumber" name="L880" href="#L880">880</a> }
<a class="jxr_linenumber" name="L881" href="#L881">881</a> <strong class="jxr_keyword">if</strong> (!tempFileLocation.mkdirs()) {
<a class="jxr_linenumber" name="L882" href="#L882">882</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to create directory '%s'."</span>, tempFileLocation.getAbsolutePath());
<a class="jxr_linenumber" name="L883" href="#L883">883</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(msg);
<a class="jxr_linenumber" name="L884" href="#L884">884</a> }
<a class="jxr_linenumber" name="L885" href="#L885">885</a> }
<a class="jxr_linenumber" name="L886" href="#L886">886</a>
<a class="jxr_linenumber" name="L887" href="#L887">887</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L888" href="#L888">888</a> <em class="jxr_javadoccomment"> * Deletes any files extracted from the JAR during analysis.</em>
<a class="jxr_linenumber" name="L889" href="#L889">889</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L890" href="#L890">890</a> @Override
<a class="jxr_linenumber" name="L891" href="#L891">891</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> close() {
<a class="jxr_linenumber" name="L892" href="#L892">892</a> <strong class="jxr_keyword">if</strong> (tempFileLocation != <strong class="jxr_keyword">null</strong> &amp;&amp; tempFileLocation.exists()) {
<a class="jxr_linenumber" name="L893" href="#L893">893</a> LOGGER.debug(<span class="jxr_string">"Attempting to delete temporary files"</span>);
<a class="jxr_linenumber" name="L894" href="#L894">894</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">boolean</strong> success = FileUtils.delete(tempFileLocation);
<a class="jxr_linenumber" name="L895" href="#L895">895</a> <strong class="jxr_keyword">if</strong> (!success) {
<a class="jxr_linenumber" name="L896" href="#L896">896</a> LOGGER.warn(<span class="jxr_string">"Failed to delete some temporary files, see the log for more details"</span>);
<a class="jxr_linenumber" name="L897" href="#L897">897</a> }
<a class="jxr_linenumber" name="L898" href="#L898">898</a> }
<a class="jxr_linenumber" name="L899" href="#L899">899</a> }
<a class="jxr_linenumber" name="L900" href="#L900">900</a>
<a class="jxr_linenumber" name="L901" href="#L901">901</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L902" href="#L902">902</a> <em class="jxr_javadoccomment"> * Determines if the key value pair from the manifest is for an "import" type entry for package names.</em>
<a class="jxr_linenumber" name="L903" href="#L903">903</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L904" href="#L904">904</a> <em class="jxr_javadoccomment"> * @param key the key from the manifest</em>
<a class="jxr_linenumber" name="L905" href="#L905">905</a> <em class="jxr_javadoccomment"> * @param value the value from the manifest</em>
<a class="jxr_linenumber" name="L906" href="#L906">906</a> <em class="jxr_javadoccomment"> * @return true or false depending on if it is believed the entry is an "import" entry</em>
<a class="jxr_linenumber" name="L907" href="#L907">907</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L908" href="#L908">908</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> isImportPackage(String key, String value) {
<a class="jxr_linenumber" name="L909" href="#L909">909</a> <strong class="jxr_keyword">final</strong> Pattern packageRx = Pattern.compile(<span class="jxr_string">"^([a-zA-Z0-9_#&#92;&#92;$&#92;&#92;*&#92;&#92;.]+&#92;&#92;s*[,;]&#92;&#92;s*)+([a-zA-Z0-9_#&#92;&#92;$&#92;&#92;*&#92;&#92;.]+&#92;&#92;s*)?$"</span>);
<a class="jxr_linenumber" name="L910" href="#L910">910</a> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">boolean</strong> matches = packageRx.matcher(value).matches();
<a class="jxr_linenumber" name="L911" href="#L911">911</a> <strong class="jxr_keyword">return</strong> matches &amp;&amp; (key.contains(<span class="jxr_string">"import"</span>) || key.contains(<span class="jxr_string">"include"</span>) || value.length() &gt; 10);
<a class="jxr_linenumber" name="L912" href="#L912">912</a> }
<a class="jxr_linenumber" name="L913" href="#L913">913</a>
<a class="jxr_linenumber" name="L914" href="#L914">914</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L915" href="#L915">915</a> <em class="jxr_javadoccomment"> * Cycles through an enumeration of JarEntries, contained within the dependency, and returns a list of the class names. This</em>
<a class="jxr_linenumber" name="L916" href="#L916">916</a> <em class="jxr_javadoccomment"> * does not include core Java package names (i.e. java.* or javax.*).</em>
<a class="jxr_linenumber" name="L917" href="#L917">917</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L918" href="#L918">918</a> <em class="jxr_javadoccomment"> * @param dependency the dependency being analyzed</em>
<a class="jxr_linenumber" name="L919" href="#L919">919</a> <em class="jxr_javadoccomment"> * @return an list of fully qualified class names</em>
<a class="jxr_linenumber" name="L920" href="#L920">920</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L921" href="#L921">921</a> <strong class="jxr_keyword">private</strong> List&lt;ClassNameInformation&gt; collectClassNames(<a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency) {
<a class="jxr_linenumber" name="L922" href="#L922">922</a> <strong class="jxr_keyword">final</strong> List&lt;ClassNameInformation&gt; classNames = <strong class="jxr_keyword">new</strong> ArrayList&lt;ClassNameInformation&gt;();
<a class="jxr_linenumber" name="L923" href="#L923">923</a> JarFile jar = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L924" href="#L924">924</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L925" href="#L925">925</a> jar = <strong class="jxr_keyword">new</strong> JarFile(dependency.getActualFilePath());
<a class="jxr_linenumber" name="L926" href="#L926">926</a> <strong class="jxr_keyword">final</strong> Enumeration&lt;JarEntry&gt; entries = jar.entries();
<a class="jxr_linenumber" name="L927" href="#L927">927</a> <strong class="jxr_keyword">while</strong> (entries.hasMoreElements()) {
<a class="jxr_linenumber" name="L928" href="#L928">928</a> <strong class="jxr_keyword">final</strong> JarEntry entry = entries.nextElement();
<a class="jxr_linenumber" name="L929" href="#L929">929</a> <strong class="jxr_keyword">final</strong> String name = entry.getName().toLowerCase();
<a class="jxr_linenumber" name="L930" href="#L930">930</a> <em class="jxr_comment">//no longer stripping "|com&#92;&#92;.sun" - there are some com.sun jar files with CVEs.</em>
<a class="jxr_linenumber" name="L931" href="#L931">931</a> <strong class="jxr_keyword">if</strong> (name.endsWith(<span class="jxr_string">".class"</span>) &amp;&amp; !name.matches(<span class="jxr_string">"^javax?&#92;&#92;..*$"</span>)) {
<a class="jxr_linenumber" name="L932" href="#L932">932</a> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a> className = <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a>(name.substring(0, name.length() - 6));
<a class="jxr_linenumber" name="L933" href="#L933">933</a> classNames.add(className);
<a class="jxr_linenumber" name="L934" href="#L934">934</a> }
<a class="jxr_linenumber" name="L935" href="#L935">935</a> }
<a class="jxr_linenumber" name="L936" href="#L936">936</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="L937" href="#L937">937</a> LOGGER.warn(<span class="jxr_string">"Unable to open jar file '{}'."</span>, dependency.getFileName());
<a class="jxr_linenumber" name="L938" href="#L938">938</a> LOGGER.debug(<span class="jxr_string">""</span>, ex);
<a class="jxr_linenumber" name="L939" href="#L939">939</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L940" href="#L940">940</a> <strong class="jxr_keyword">if</strong> (jar != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L941" href="#L941">941</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L942" href="#L942">942</a> jar.close();
<a class="jxr_linenumber" name="L943" href="#L943">943</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="L944" href="#L944">944</a> LOGGER.trace(<span class="jxr_string">""</span>, ex);
<a class="jxr_linenumber" name="L945" href="#L945">945</a> }
<a class="jxr_linenumber" name="L946" href="#L946">946</a> }
<a class="jxr_linenumber" name="L947" href="#L947">947</a> }
<a class="jxr_linenumber" name="L948" href="#L948">948</a> <strong class="jxr_keyword">return</strong> classNames;
<a class="jxr_linenumber" name="L949" href="#L949">949</a> }
<a class="jxr_linenumber" name="L950" href="#L950">950</a>
<a class="jxr_linenumber" name="L951" href="#L951">951</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L952" href="#L952">952</a> <em class="jxr_javadoccomment"> * Cycles through the list of class names and places the package levels 0-3 into the provided maps for vendor and product.</em>
<a class="jxr_linenumber" name="L953" href="#L953">953</a> <em class="jxr_javadoccomment"> * This is helpful when analyzing vendor/product as many times this is included in the package name.</em>
<a class="jxr_linenumber" name="L954" href="#L954">954</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L955" href="#L955">955</a> <em class="jxr_javadoccomment"> * @param classNames a list of class names</em>
<a class="jxr_linenumber" name="L956" href="#L956">956</a> <em class="jxr_javadoccomment"> * @param vendor HashMap of possible vendor names from package names (e.g. owasp)</em>
<a class="jxr_linenumber" name="L957" href="#L957">957</a> <em class="jxr_javadoccomment"> * @param product HashMap of possible product names from package names (e.g. dependencycheck)</em>
<a class="jxr_linenumber" name="L958" href="#L958">958</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L959" href="#L959">959</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> analyzeFullyQualifiedClassNames(List&lt;ClassNameInformation&gt; classNames,
<a class="jxr_linenumber" name="L960" href="#L960">960</a> Map&lt;String, Integer&gt; vendor, Map&lt;String, Integer&gt; product) {
<a class="jxr_linenumber" name="L961" href="#L961">961</a> <strong class="jxr_keyword">for</strong> (ClassNameInformation entry : classNames) {
<a class="jxr_linenumber" name="L962" href="#L962">962</a> <strong class="jxr_keyword">final</strong> List&lt;String&gt; list = entry.getPackageStructure();
<a class="jxr_linenumber" name="L963" href="#L963">963</a> addEntry(vendor, list.get(0));
<a class="jxr_linenumber" name="L964" href="#L964">964</a>
<a class="jxr_linenumber" name="L965" href="#L965">965</a> <strong class="jxr_keyword">if</strong> (list.size() == 2) {
<a class="jxr_linenumber" name="L966" href="#L966">966</a> addEntry(product, list.get(1));
<a class="jxr_linenumber" name="L967" href="#L967">967</a> }
<a class="jxr_linenumber" name="L968" href="#L968">968</a> <strong class="jxr_keyword">if</strong> (list.size() == 3) {
<a class="jxr_linenumber" name="L969" href="#L969">969</a> addEntry(vendor, list.get(1));
<a class="jxr_linenumber" name="L970" href="#L970">970</a> addEntry(product, list.get(1));
<a class="jxr_linenumber" name="L971" href="#L971">971</a> addEntry(product, list.get(2));
<a class="jxr_linenumber" name="L972" href="#L972">972</a> }
<a class="jxr_linenumber" name="L973" href="#L973">973</a> <strong class="jxr_keyword">if</strong> (list.size() &gt;= 4) {
<a class="jxr_linenumber" name="L974" href="#L974">974</a> addEntry(vendor, list.get(1));
<a class="jxr_linenumber" name="L975" href="#L975">975</a> addEntry(vendor, list.get(2));
<a class="jxr_linenumber" name="L976" href="#L976">976</a> addEntry(product, list.get(1));
<a class="jxr_linenumber" name="L977" href="#L977">977</a> addEntry(product, list.get(2));
<a class="jxr_linenumber" name="L978" href="#L978">978</a> addEntry(product, list.get(3));
<a class="jxr_linenumber" name="L979" href="#L979">979</a> }
<a class="jxr_linenumber" name="L980" href="#L980">980</a> }
<a class="jxr_linenumber" name="L981" href="#L981">981</a> }
<a class="jxr_linenumber" name="L982" href="#L982">982</a>
<a class="jxr_linenumber" name="L983" href="#L983">983</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L984" href="#L984">984</a> <em class="jxr_javadoccomment"> * Adds an entry to the specified collection and sets the Integer (e.g. the count) to 1. If the entry already exists in the</em>
<a class="jxr_linenumber" name="L985" href="#L985">985</a> <em class="jxr_javadoccomment"> * collection then the Integer is incremented by 1.</em>
<a class="jxr_linenumber" name="L986" href="#L986">986</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L987" href="#L987">987</a> <em class="jxr_javadoccomment"> * @param collection a collection of strings and their occurrence count</em>
<a class="jxr_linenumber" name="L988" href="#L988">988</a> <em class="jxr_javadoccomment"> * @param key the key to add to the collection</em>
<a class="jxr_linenumber" name="L989" href="#L989">989</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L990" href="#L990">990</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> addEntry(Map&lt;String, Integer&gt; collection, String key) {
<a class="jxr_linenumber" name="L991" href="#L991">991</a> <strong class="jxr_keyword">if</strong> (collection.containsKey(key)) {
<a class="jxr_linenumber" name="L992" href="#L992">992</a> collection.put(key, collection.get(key) + 1);
<a class="jxr_linenumber" name="L993" href="#L993">993</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L994" href="#L994">994</a> collection.put(key, 1);
<a class="jxr_linenumber" name="L995" href="#L995">995</a> }
<a class="jxr_linenumber" name="L996" href="#L996">996</a> }
<a class="jxr_linenumber" name="L997" href="#L997">997</a>
<a class="jxr_linenumber" name="L998" href="#L998">998</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L999" href="#L999">999</a> <em class="jxr_javadoccomment"> * Cycles through the collection of class name information to see if parts of the package names are contained in the provided</em>
<a class="jxr_linenumber" name="L1000" href="#L1000">1000</a> <em class="jxr_javadoccomment"> * value. If found, it will be added as the HIGHEST confidence evidence because we have more then one source corroborating the</em>
<a class="jxr_linenumber" name="L1001" href="#L1001">1001</a> <em class="jxr_javadoccomment"> * value.</em>
<a class="jxr_linenumber" name="L1002" href="#L1002">1002</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1003" href="#L1003">1003</a> <em class="jxr_javadoccomment"> * @param classes a collection of class name information</em>
<a class="jxr_linenumber" name="L1004" href="#L1004">1004</a> <em class="jxr_javadoccomment"> * @param value the value to check to see if it contains a package name</em>
<a class="jxr_linenumber" name="L1005" href="#L1005">1005</a> <em class="jxr_javadoccomment"> * @param evidence the evidence collection to add new entries too</em>
<a class="jxr_linenumber" name="L1006" href="#L1006">1006</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1007" href="#L1007">1007</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> addMatchingValues(List&lt;ClassNameInformation&gt; classes, String value, <a href="../../../../org/owasp/dependencycheck/dependency/EvidenceCollection.html">EvidenceCollection</a> evidence) {
<a class="jxr_linenumber" name="L1008" href="#L1008">1008</a> <strong class="jxr_keyword">if</strong> (value == <strong class="jxr_keyword">null</strong> || value.isEmpty() || classes == <strong class="jxr_keyword">null</strong> || classes.isEmpty()) {
<a class="jxr_linenumber" name="L1009" href="#L1009">1009</a> <strong class="jxr_keyword">return</strong>;
<a class="jxr_linenumber" name="L1010" href="#L1010">1010</a> }
<a class="jxr_linenumber" name="L1011" href="#L1011">1011</a> <strong class="jxr_keyword">final</strong> String text = value.toLowerCase();
<a class="jxr_linenumber" name="L1012" href="#L1012">1012</a> <strong class="jxr_keyword">for</strong> (ClassNameInformation cni : classes) {
<a class="jxr_linenumber" name="L1013" href="#L1013">1013</a> <strong class="jxr_keyword">for</strong> (String key : cni.getPackageStructure()) {
<a class="jxr_linenumber" name="L1014" href="#L1014">1014</a> <strong class="jxr_keyword">if</strong> (text.contains(key)) { <em class="jxr_comment">//note, package structure elements are already lowercase.</em>
<a class="jxr_linenumber" name="L1015" href="#L1015">1015</a> evidence.addEvidence(<span class="jxr_string">"jar"</span>, <span class="jxr_string">"package name"</span>, key, Confidence.HIGHEST);
<a class="jxr_linenumber" name="L1016" href="#L1016">1016</a> }
<a class="jxr_linenumber" name="L1017" href="#L1017">1017</a> }
<a class="jxr_linenumber" name="L1018" href="#L1018">1018</a> }
<a class="jxr_linenumber" name="L1019" href="#L1019">1019</a> }
<a class="jxr_linenumber" name="L1020" href="#L1020">1020</a>
<a class="jxr_linenumber" name="L1021" href="#L1021">1021</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1022" href="#L1022">1022</a> <em class="jxr_javadoccomment"> * Simple check to see if the attribute from a manifest is just a package name.</em>
<a class="jxr_linenumber" name="L1023" href="#L1023">1023</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1024" href="#L1024">1024</a> <em class="jxr_javadoccomment"> * @param key the key of the value to check</em>
<a class="jxr_linenumber" name="L1025" href="#L1025">1025</a> <em class="jxr_javadoccomment"> * @param value the value to check</em>
<a class="jxr_linenumber" name="L1026" href="#L1026">1026</a> <em class="jxr_javadoccomment"> * @return true if the value looks like a java package name, otherwise false</em>
<a class="jxr_linenumber" name="L1027" href="#L1027">1027</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1028" href="#L1028">1028</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> isPackage(String key, String value) {
<a class="jxr_linenumber" name="L1029" href="#L1029">1029</a>
<a class="jxr_linenumber" name="L1030" href="#L1030">1030</a> <strong class="jxr_keyword">return</strong> !key.matches(<span class="jxr_string">".*(version|title|vendor|name|license|description).*"</span>)
<a class="jxr_linenumber" name="L1031" href="#L1031">1031</a> &amp;&amp; value.matches(<span class="jxr_string">"^([a-zA-Z_][a-zA-Z0-9_&#92;&#92;$]*(&#92;&#92;.[a-zA-Z_][a-zA-Z0-9_&#92;&#92;$]*)*)?$"</span>);
<a class="jxr_linenumber" name="L1032" href="#L1032">1032</a>
<a class="jxr_linenumber" name="L1033" href="#L1033">1033</a> <strong class="jxr_keyword">return</strong> !key.matches(<span class="jxr_string">".*(version|title|vendor|name|license|description).*"</span>)
<a class="jxr_linenumber" name="L1034" href="#L1034">1034</a> &amp;&amp; value.matches(<span class="jxr_string">"^([a-zA-Z_][a-zA-Z0-9_&#92;&#92;$]*(&#92;&#92;.[a-zA-Z_][a-zA-Z0-9_&#92;&#92;$]*)*)?$"</span>);
<a class="jxr_linenumber" name="L1035" href="#L1035">1035</a>
<a class="jxr_linenumber" name="L1036" href="#L1036">1036</a> }
<a class="jxr_linenumber" name="L1037" href="#L1037">1037</a>
<a class="jxr_linenumber" name="L1038" href="#L1038">1038</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1039" href="#L1039">1039</a> <em class="jxr_javadoccomment"> * Extracts the license information from the pom and adds it to the dependency.</em>
<a class="jxr_linenumber" name="L1040" href="#L1040">1040</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1041" href="#L1041">1041</a> <em class="jxr_javadoccomment"> * @param pom the pom object</em>
<a class="jxr_linenumber" name="L1042" href="#L1042">1042</a> <em class="jxr_javadoccomment"> * @param dependency the dependency to add license information too</em>
<a class="jxr_linenumber" name="L1043" href="#L1043">1043</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1044" href="#L1044">1044</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> extractLicense(<a href="../../../../org/owasp/dependencycheck/xml/pom/Model.html">Model</a> pom, <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency) {
<a class="jxr_linenumber" name="L1045" href="#L1045">1045</a> <em class="jxr_comment">//license</em>
<a class="jxr_linenumber" name="L1046" href="#L1046">1046</a> <strong class="jxr_keyword">if</strong> (pom.getLicenses() != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1047" href="#L1047">1047</a> String license = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L1048" href="#L1048">1048</a> <strong class="jxr_keyword">for</strong> (License lic : pom.getLicenses()) {
<a class="jxr_linenumber" name="L1049" href="#L1049">1049</a> String tmp = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L1050" href="#L1050">1050</a> <strong class="jxr_keyword">if</strong> (lic.getName() != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1051" href="#L1051">1051</a> tmp = lic.getName();
<a class="jxr_linenumber" name="L1052" href="#L1052">1052</a> }
<a class="jxr_linenumber" name="L1053" href="#L1053">1053</a> <strong class="jxr_keyword">if</strong> (lic.getUrl() != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1054" href="#L1054">1054</a> <strong class="jxr_keyword">if</strong> (tmp == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1055" href="#L1055">1055</a> tmp = lic.getUrl();
<a class="jxr_linenumber" name="L1056" href="#L1056">1056</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L1057" href="#L1057">1057</a> tmp += <span class="jxr_string">": "</span> + lic.getUrl();
<a class="jxr_linenumber" name="L1058" href="#L1058">1058</a> }
<a class="jxr_linenumber" name="L1033" href="#L1033">1033</a> }
<a class="jxr_linenumber" name="L1034" href="#L1034">1034</a>
<a class="jxr_linenumber" name="L1035" href="#L1035">1035</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1036" href="#L1036">1036</a> <em class="jxr_javadoccomment"> * Extracts the license information from the pom and adds it to the dependency.</em>
<a class="jxr_linenumber" name="L1037" href="#L1037">1037</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1038" href="#L1038">1038</a> <em class="jxr_javadoccomment"> * @param pom the pom object</em>
<a class="jxr_linenumber" name="L1039" href="#L1039">1039</a> <em class="jxr_javadoccomment"> * @param dependency the dependency to add license information too</em>
<a class="jxr_linenumber" name="L1040" href="#L1040">1040</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1041" href="#L1041">1041</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> extractLicense(<a href="../../../../org/owasp/dependencycheck/xml/pom/Model.html">Model</a> pom, <a href="../../../../org/owasp/dependencycheck/dependency/Dependency.html">Dependency</a> dependency) {
<a class="jxr_linenumber" name="L1042" href="#L1042">1042</a> <em class="jxr_comment">//license</em>
<a class="jxr_linenumber" name="L1043" href="#L1043">1043</a> <strong class="jxr_keyword">if</strong> (pom.getLicenses() != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1044" href="#L1044">1044</a> String license = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L1045" href="#L1045">1045</a> <strong class="jxr_keyword">for</strong> (License lic : pom.getLicenses()) {
<a class="jxr_linenumber" name="L1046" href="#L1046">1046</a> String tmp = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L1047" href="#L1047">1047</a> <strong class="jxr_keyword">if</strong> (lic.getName() != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1048" href="#L1048">1048</a> tmp = lic.getName();
<a class="jxr_linenumber" name="L1049" href="#L1049">1049</a> }
<a class="jxr_linenumber" name="L1050" href="#L1050">1050</a> <strong class="jxr_keyword">if</strong> (lic.getUrl() != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1051" href="#L1051">1051</a> <strong class="jxr_keyword">if</strong> (tmp == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1052" href="#L1052">1052</a> tmp = lic.getUrl();
<a class="jxr_linenumber" name="L1053" href="#L1053">1053</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L1054" href="#L1054">1054</a> tmp += <span class="jxr_string">": "</span> + lic.getUrl();
<a class="jxr_linenumber" name="L1055" href="#L1055">1055</a> }
<a class="jxr_linenumber" name="L1056" href="#L1056">1056</a> }
<a class="jxr_linenumber" name="L1057" href="#L1057">1057</a> <strong class="jxr_keyword">if</strong> (tmp == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1058" href="#L1058">1058</a> <strong class="jxr_keyword">continue</strong>;
<a class="jxr_linenumber" name="L1059" href="#L1059">1059</a> }
<a class="jxr_linenumber" name="L1060" href="#L1060">1060</a> <strong class="jxr_keyword">if</strong> (tmp == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1061" href="#L1061">1061</a> <strong class="jxr_keyword">continue</strong>;
<a class="jxr_linenumber" name="L1060" href="#L1060">1060</a> <strong class="jxr_keyword">if</strong> (HTML_DETECTION_PATTERN.matcher(tmp).find()) {
<a class="jxr_linenumber" name="L1061" href="#L1061">1061</a> tmp = Jsoup.parse(tmp).text();
<a class="jxr_linenumber" name="L1062" href="#L1062">1062</a> }
<a class="jxr_linenumber" name="L1063" href="#L1063">1063</a> <strong class="jxr_keyword">if</strong> (HTML_DETECTION_PATTERN.matcher(tmp).find()) {
<a class="jxr_linenumber" name="L1064" href="#L1064">1064</a> tmp = Jsoup.parse(tmp).text();
<a class="jxr_linenumber" name="L1065" href="#L1065">1065</a> }
<a class="jxr_linenumber" name="L1066" href="#L1066">1066</a> <strong class="jxr_keyword">if</strong> (license == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1067" href="#L1067">1067</a> license = tmp;
<a class="jxr_linenumber" name="L1068" href="#L1068">1068</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L1069" href="#L1069">1069</a> license += <span class="jxr_string">"\n"</span> + tmp;
<a class="jxr_linenumber" name="L1070" href="#L1070">1070</a> }
<a class="jxr_linenumber" name="L1071" href="#L1071">1071</a> }
<a class="jxr_linenumber" name="L1072" href="#L1072">1072</a> <strong class="jxr_keyword">if</strong> (license != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1073" href="#L1073">1073</a> dependency.setLicense(license);
<a class="jxr_linenumber" name="L1074" href="#L1074">1074</a>
<a class="jxr_linenumber" name="L1075" href="#L1075">1075</a> }
<a class="jxr_linenumber" name="L1076" href="#L1076">1076</a> }
<a class="jxr_linenumber" name="L1077" href="#L1077">1077</a> }
<a class="jxr_linenumber" name="L1078" href="#L1078">1078</a>
<a class="jxr_linenumber" name="L1079" href="#L1079">1079</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1080" href="#L1080">1080</a> <em class="jxr_javadoccomment"> * Stores information about a class name.</em>
<a class="jxr_linenumber" name="L1081" href="#L1081">1081</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1082" href="#L1082">1082</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a> {
<a class="jxr_linenumber" name="L1083" href="#L1083">1083</a>
<a class="jxr_linenumber" name="L1084" href="#L1084">1084</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1085" href="#L1085">1085</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L1086" href="#L1086">1086</a> <em class="jxr_javadoccomment"> * Stores information about a given class name. This class will keep the fully qualified class name and a list of the</em>
<a class="jxr_linenumber" name="L1087" href="#L1087">1087</a> <em class="jxr_javadoccomment"> * important parts of the package structure. Up to the first four levels of the package structure are stored, excluding a</em>
<a class="jxr_linenumber" name="L1088" href="#L1088">1088</a> <em class="jxr_javadoccomment"> * leading "org" or "com". Example:&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L1089" href="#L1089">1089</a> <em class="jxr_javadoccomment"> * &lt;code&gt;ClassNameInformation obj = new ClassNameInformation("org.owasp.dependencycheck.analyzer.JarAnalyzer");</em>
<a class="jxr_linenumber" name="L1090" href="#L1090">1090</a> <em class="jxr_javadoccomment"> * System.out.println(obj.getName());</em>
<a class="jxr_linenumber" name="L1091" href="#L1091">1091</a> <em class="jxr_javadoccomment"> * for (String p : obj.getPackageStructure())</em>
<a class="jxr_linenumber" name="L1092" href="#L1092">1092</a> <em class="jxr_javadoccomment"> * System.out.println(p);</em>
<a class="jxr_linenumber" name="L1093" href="#L1093">1093</a> <em class="jxr_javadoccomment"> * &lt;/code&gt;</em>
<a class="jxr_linenumber" name="L1094" href="#L1094">1094</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L1095" href="#L1095">1095</a> <em class="jxr_javadoccomment"> * Would result in:&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L1096" href="#L1096">1096</a> <em class="jxr_javadoccomment"> * &lt;code&gt;org.owasp.dependencycheck.analyzer.JarAnalyzer</em>
<a class="jxr_linenumber" name="L1097" href="#L1097">1097</a> <em class="jxr_javadoccomment"> * owasp</em>
<a class="jxr_linenumber" name="L1098" href="#L1098">1098</a> <em class="jxr_javadoccomment"> * dependencycheck</em>
<a class="jxr_linenumber" name="L1099" href="#L1099">1099</a> <em class="jxr_javadoccomment"> * analyzer</em>
<a class="jxr_linenumber" name="L1100" href="#L1100">1100</a> <em class="jxr_javadoccomment"> * jaranalyzer&lt;/code&gt;</em>
<a class="jxr_linenumber" name="L1101" href="#L1101">1101</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1102" href="#L1102">1102</a> <em class="jxr_javadoccomment"> * @param className a fully qualified class name</em>
<a class="jxr_linenumber" name="L1103" href="#L1103">1103</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1104" href="#L1104">1104</a> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a>(String className) {
<a class="jxr_linenumber" name="L1105" href="#L1105">1105</a> name = className;
<a class="jxr_linenumber" name="L1106" href="#L1106">1106</a> <strong class="jxr_keyword">if</strong> (name.contains(<span class="jxr_string">"/"</span>)) {
<a class="jxr_linenumber" name="L1107" href="#L1107">1107</a> <strong class="jxr_keyword">final</strong> String[] tmp = className.toLowerCase().split(<span class="jxr_string">"/"</span>);
<a class="jxr_linenumber" name="L1108" href="#L1108">1108</a> <strong class="jxr_keyword">int</strong> start = 0;
<a class="jxr_linenumber" name="L1109" href="#L1109">1109</a> <strong class="jxr_keyword">int</strong> end = 3;
<a class="jxr_linenumber" name="L1110" href="#L1110">1110</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"com"</span>.equals(tmp[0]) || <span class="jxr_string">"org"</span>.equals(tmp[0])) {
<a class="jxr_linenumber" name="L1111" href="#L1111">1111</a> start = 1;
<a class="jxr_linenumber" name="L1112" href="#L1112">1112</a> end = 4;
<a class="jxr_linenumber" name="L1063" href="#L1063">1063</a> <strong class="jxr_keyword">if</strong> (license == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1064" href="#L1064">1064</a> license = tmp;
<a class="jxr_linenumber" name="L1065" href="#L1065">1065</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L1066" href="#L1066">1066</a> license += <span class="jxr_string">"\n"</span> + tmp;
<a class="jxr_linenumber" name="L1067" href="#L1067">1067</a> }
<a class="jxr_linenumber" name="L1068" href="#L1068">1068</a> }
<a class="jxr_linenumber" name="L1069" href="#L1069">1069</a> <strong class="jxr_keyword">if</strong> (license != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L1070" href="#L1070">1070</a> dependency.setLicense(license);
<a class="jxr_linenumber" name="L1071" href="#L1071">1071</a>
<a class="jxr_linenumber" name="L1072" href="#L1072">1072</a> }
<a class="jxr_linenumber" name="L1073" href="#L1073">1073</a> }
<a class="jxr_linenumber" name="L1074" href="#L1074">1074</a> }
<a class="jxr_linenumber" name="L1075" href="#L1075">1075</a>
<a class="jxr_linenumber" name="L1076" href="#L1076">1076</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1077" href="#L1077">1077</a> <em class="jxr_javadoccomment"> * Stores information about a class name.</em>
<a class="jxr_linenumber" name="L1078" href="#L1078">1078</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1079" href="#L1079">1079</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a> {
<a class="jxr_linenumber" name="L1080" href="#L1080">1080</a>
<a class="jxr_linenumber" name="L1081" href="#L1081">1081</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1082" href="#L1082">1082</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L1083" href="#L1083">1083</a> <em class="jxr_javadoccomment"> * Stores information about a given class name. This class will keep the fully qualified class name and a list of the</em>
<a class="jxr_linenumber" name="L1084" href="#L1084">1084</a> <em class="jxr_javadoccomment"> * important parts of the package structure. Up to the first four levels of the package structure are stored, excluding a</em>
<a class="jxr_linenumber" name="L1085" href="#L1085">1085</a> <em class="jxr_javadoccomment"> * leading "org" or "com". Example:&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L1086" href="#L1086">1086</a> <em class="jxr_javadoccomment"> * &lt;code&gt;ClassNameInformation obj = new ClassNameInformation("org.owasp.dependencycheck.analyzer.JarAnalyzer");</em>
<a class="jxr_linenumber" name="L1087" href="#L1087">1087</a> <em class="jxr_javadoccomment"> * System.out.println(obj.getName());</em>
<a class="jxr_linenumber" name="L1088" href="#L1088">1088</a> <em class="jxr_javadoccomment"> * for (String p : obj.getPackageStructure())</em>
<a class="jxr_linenumber" name="L1089" href="#L1089">1089</a> <em class="jxr_javadoccomment"> * System.out.println(p);</em>
<a class="jxr_linenumber" name="L1090" href="#L1090">1090</a> <em class="jxr_javadoccomment"> * &lt;/code&gt;</em>
<a class="jxr_linenumber" name="L1091" href="#L1091">1091</a> <em class="jxr_javadoccomment"> * &lt;p&gt;</em>
<a class="jxr_linenumber" name="L1092" href="#L1092">1092</a> <em class="jxr_javadoccomment"> * Would result in:&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L1093" href="#L1093">1093</a> <em class="jxr_javadoccomment"> * &lt;code&gt;org.owasp.dependencycheck.analyzer.JarAnalyzer</em>
<a class="jxr_linenumber" name="L1094" href="#L1094">1094</a> <em class="jxr_javadoccomment"> * owasp</em>
<a class="jxr_linenumber" name="L1095" href="#L1095">1095</a> <em class="jxr_javadoccomment"> * dependencycheck</em>
<a class="jxr_linenumber" name="L1096" href="#L1096">1096</a> <em class="jxr_javadoccomment"> * analyzer</em>
<a class="jxr_linenumber" name="L1097" href="#L1097">1097</a> <em class="jxr_javadoccomment"> * jaranalyzer&lt;/code&gt;</em>
<a class="jxr_linenumber" name="L1098" href="#L1098">1098</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1099" href="#L1099">1099</a> <em class="jxr_javadoccomment"> * @param className a fully qualified class name</em>
<a class="jxr_linenumber" name="L1100" href="#L1100">1100</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1101" href="#L1101">1101</a> <a href="../../../../org/owasp/dependencycheck/analyzer/JarAnalyzer.html">ClassNameInformation</a>(String className) {
<a class="jxr_linenumber" name="L1102" href="#L1102">1102</a> name = className;
<a class="jxr_linenumber" name="L1103" href="#L1103">1103</a> <strong class="jxr_keyword">if</strong> (name.contains(<span class="jxr_string">"/"</span>)) {
<a class="jxr_linenumber" name="L1104" href="#L1104">1104</a> <strong class="jxr_keyword">final</strong> String[] tmp = className.toLowerCase().split(<span class="jxr_string">"/"</span>);
<a class="jxr_linenumber" name="L1105" href="#L1105">1105</a> <strong class="jxr_keyword">int</strong> start = 0;
<a class="jxr_linenumber" name="L1106" href="#L1106">1106</a> <strong class="jxr_keyword">int</strong> end = 3;
<a class="jxr_linenumber" name="L1107" href="#L1107">1107</a> <strong class="jxr_keyword">if</strong> (<span class="jxr_string">"com"</span>.equals(tmp[0]) || <span class="jxr_string">"org"</span>.equals(tmp[0])) {
<a class="jxr_linenumber" name="L1108" href="#L1108">1108</a> start = 1;
<a class="jxr_linenumber" name="L1109" href="#L1109">1109</a> end = 4;
<a class="jxr_linenumber" name="L1110" href="#L1110">1110</a> }
<a class="jxr_linenumber" name="L1111" href="#L1111">1111</a> <strong class="jxr_keyword">if</strong> (tmp.length &lt;= end) {
<a class="jxr_linenumber" name="L1112" href="#L1112">1112</a> end = tmp.length - 1;
<a class="jxr_linenumber" name="L1113" href="#L1113">1113</a> }
<a class="jxr_linenumber" name="L1114" href="#L1114">1114</a> <strong class="jxr_keyword">if</strong> (tmp.length &lt;= end) {
<a class="jxr_linenumber" name="L1115" href="#L1115">1115</a> end = tmp.length - 1;
<a class="jxr_linenumber" name="L1114" href="#L1114">1114</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = start; i &lt;= end; i++) {
<a class="jxr_linenumber" name="L1115" href="#L1115">1115</a> packageStructure.add(tmp[i]);
<a class="jxr_linenumber" name="L1116" href="#L1116">1116</a> }
<a class="jxr_linenumber" name="L1117" href="#L1117">1117</a> <strong class="jxr_keyword">for</strong> (<strong class="jxr_keyword">int</strong> i = start; i &lt;= end; i++) {
<a class="jxr_linenumber" name="L1118" href="#L1118">1118</a> packageStructure.add(tmp[i]);
<a class="jxr_linenumber" name="L1119" href="#L1119">1119</a> }
<a class="jxr_linenumber" name="L1120" href="#L1120">1120</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L1121" href="#L1121">1121</a> packageStructure.add(name);
<a class="jxr_linenumber" name="L1122" href="#L1122">1122</a> }
<a class="jxr_linenumber" name="L1123" href="#L1123">1123</a> }
<a class="jxr_linenumber" name="L1124" href="#L1124">1124</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1125" href="#L1125">1125</a> <em class="jxr_javadoccomment"> * The fully qualified class name.</em>
<a class="jxr_linenumber" name="L1126" href="#L1126">1126</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1127" href="#L1127">1127</a> <strong class="jxr_keyword">private</strong> String name;
<a class="jxr_linenumber" name="L1128" href="#L1128">1128</a>
<a class="jxr_linenumber" name="L1129" href="#L1129">1129</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1130" href="#L1130">1130</a> <em class="jxr_javadoccomment"> * Get the value of name</em>
<a class="jxr_linenumber" name="L1131" href="#L1131">1131</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1132" href="#L1132">1132</a> <em class="jxr_javadoccomment"> * @return the value of name</em>
<a class="jxr_linenumber" name="L1133" href="#L1133">1133</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1134" href="#L1134">1134</a> <strong class="jxr_keyword">public</strong> String getName() {
<a class="jxr_linenumber" name="L1135" href="#L1135">1135</a> <strong class="jxr_keyword">return</strong> name;
<a class="jxr_linenumber" name="L1136" href="#L1136">1136</a> }
<a class="jxr_linenumber" name="L1137" href="#L1137">1137</a>
<a class="jxr_linenumber" name="L1138" href="#L1138">1138</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1139" href="#L1139">1139</a> <em class="jxr_javadoccomment"> * Set the value of name</em>
<a class="jxr_linenumber" name="L1140" href="#L1140">1140</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1141" href="#L1141">1141</a> <em class="jxr_javadoccomment"> * @param name new value of name</em>
<a class="jxr_linenumber" name="L1142" href="#L1142">1142</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1143" href="#L1143">1143</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setName(String name) {
<a class="jxr_linenumber" name="L1144" href="#L1144">1144</a> <strong class="jxr_keyword">this</strong>.name = name;
<a class="jxr_linenumber" name="L1145" href="#L1145">1145</a> }
<a class="jxr_linenumber" name="L1146" href="#L1146">1146</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1147" href="#L1147">1147</a> <em class="jxr_javadoccomment"> * Up to the first four levels of the package structure, excluding a leading "org" or "com".</em>
<a class="jxr_linenumber" name="L1148" href="#L1148">1148</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1149" href="#L1149">1149</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">final</strong> ArrayList&lt;String&gt; packageStructure = <strong class="jxr_keyword">new</strong> ArrayList&lt;String&gt;();
<a class="jxr_linenumber" name="L1150" href="#L1150">1150</a>
<a class="jxr_linenumber" name="L1151" href="#L1151">1151</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1152" href="#L1152">1152</a> <em class="jxr_javadoccomment"> * Get the value of packageStructure</em>
<a class="jxr_linenumber" name="L1153" href="#L1153">1153</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1154" href="#L1154">1154</a> <em class="jxr_javadoccomment"> * @return the value of packageStructure</em>
<a class="jxr_linenumber" name="L1155" href="#L1155">1155</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1156" href="#L1156">1156</a> <strong class="jxr_keyword">public</strong> ArrayList&lt;String&gt; getPackageStructure() {
<a class="jxr_linenumber" name="L1157" href="#L1157">1157</a> <strong class="jxr_keyword">return</strong> packageStructure;
<a class="jxr_linenumber" name="L1158" href="#L1158">1158</a> }
<a class="jxr_linenumber" name="L1159" href="#L1159">1159</a> }
<a class="jxr_linenumber" name="L1160" href="#L1160">1160</a>
<a class="jxr_linenumber" name="L1161" href="#L1161">1161</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1162" href="#L1162">1162</a> <em class="jxr_javadoccomment"> * Retrieves the next temporary directory to extract an archive too.</em>
<a class="jxr_linenumber" name="L1163" href="#L1163">1163</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1164" href="#L1164">1164</a> <em class="jxr_javadoccomment"> * @return a directory</em>
<a class="jxr_linenumber" name="L1165" href="#L1165">1165</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if unable to create temporary directory</em>
<a class="jxr_linenumber" name="L1166" href="#L1166">1166</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1167" href="#L1167">1167</a> <strong class="jxr_keyword">private</strong> File getNextTempDirectory() <strong class="jxr_keyword">throws</strong> AnalysisException {
<a class="jxr_linenumber" name="L1168" href="#L1168">1168</a> dirCount += 1;
<a class="jxr_linenumber" name="L1169" href="#L1169">1169</a> <strong class="jxr_keyword">final</strong> File directory = <strong class="jxr_keyword">new</strong> File(tempFileLocation, String.valueOf(dirCount));
<a class="jxr_linenumber" name="L1170" href="#L1170">1170</a> <em class="jxr_comment">//getting an exception for some directories not being able to be created; might be because the directory already exists?</em>
<a class="jxr_linenumber" name="L1171" href="#L1171">1171</a> <strong class="jxr_keyword">if</strong> (directory.exists()) {
<a class="jxr_linenumber" name="L1172" href="#L1172">1172</a> <strong class="jxr_keyword">return</strong> getNextTempDirectory();
<a class="jxr_linenumber" name="L1173" href="#L1173">1173</a> }
<a class="jxr_linenumber" name="L1174" href="#L1174">1174</a> <strong class="jxr_keyword">if</strong> (!directory.mkdirs()) {
<a class="jxr_linenumber" name="L1175" href="#L1175">1175</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to create temp directory '%s'."</span>, directory.getAbsolutePath());
<a class="jxr_linenumber" name="L1176" href="#L1176">1176</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(msg);
<a class="jxr_linenumber" name="L1177" href="#L1177">1177</a> }
<a class="jxr_linenumber" name="L1178" href="#L1178">1178</a> <strong class="jxr_keyword">return</strong> directory;
<a class="jxr_linenumber" name="L1179" href="#L1179">1179</a> }
<a class="jxr_linenumber" name="L1180" href="#L1180">1180</a> }
<a class="jxr_linenumber" name="L1117" href="#L1117">1117</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L1118" href="#L1118">1118</a> packageStructure.add(name);
<a class="jxr_linenumber" name="L1119" href="#L1119">1119</a> }
<a class="jxr_linenumber" name="L1120" href="#L1120">1120</a> }
<a class="jxr_linenumber" name="L1121" href="#L1121">1121</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1122" href="#L1122">1122</a> <em class="jxr_javadoccomment"> * The fully qualified class name.</em>
<a class="jxr_linenumber" name="L1123" href="#L1123">1123</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1124" href="#L1124">1124</a> <strong class="jxr_keyword">private</strong> String name;
<a class="jxr_linenumber" name="L1125" href="#L1125">1125</a>
<a class="jxr_linenumber" name="L1126" href="#L1126">1126</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1127" href="#L1127">1127</a> <em class="jxr_javadoccomment"> * Get the value of name</em>
<a class="jxr_linenumber" name="L1128" href="#L1128">1128</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1129" href="#L1129">1129</a> <em class="jxr_javadoccomment"> * @return the value of name</em>
<a class="jxr_linenumber" name="L1130" href="#L1130">1130</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1131" href="#L1131">1131</a> <strong class="jxr_keyword">public</strong> String getName() {
<a class="jxr_linenumber" name="L1132" href="#L1132">1132</a> <strong class="jxr_keyword">return</strong> name;
<a class="jxr_linenumber" name="L1133" href="#L1133">1133</a> }
<a class="jxr_linenumber" name="L1134" href="#L1134">1134</a>
<a class="jxr_linenumber" name="L1135" href="#L1135">1135</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1136" href="#L1136">1136</a> <em class="jxr_javadoccomment"> * Set the value of name</em>
<a class="jxr_linenumber" name="L1137" href="#L1137">1137</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1138" href="#L1138">1138</a> <em class="jxr_javadoccomment"> * @param name new value of name</em>
<a class="jxr_linenumber" name="L1139" href="#L1139">1139</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1140" href="#L1140">1140</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setName(String name) {
<a class="jxr_linenumber" name="L1141" href="#L1141">1141</a> <strong class="jxr_keyword">this</strong>.name = name;
<a class="jxr_linenumber" name="L1142" href="#L1142">1142</a> }
<a class="jxr_linenumber" name="L1143" href="#L1143">1143</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1144" href="#L1144">1144</a> <em class="jxr_javadoccomment"> * Up to the first four levels of the package structure, excluding a leading "org" or "com".</em>
<a class="jxr_linenumber" name="L1145" href="#L1145">1145</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1146" href="#L1146">1146</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">final</strong> ArrayList&lt;String&gt; packageStructure = <strong class="jxr_keyword">new</strong> ArrayList&lt;String&gt;();
<a class="jxr_linenumber" name="L1147" href="#L1147">1147</a>
<a class="jxr_linenumber" name="L1148" href="#L1148">1148</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1149" href="#L1149">1149</a> <em class="jxr_javadoccomment"> * Get the value of packageStructure</em>
<a class="jxr_linenumber" name="L1150" href="#L1150">1150</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1151" href="#L1151">1151</a> <em class="jxr_javadoccomment"> * @return the value of packageStructure</em>
<a class="jxr_linenumber" name="L1152" href="#L1152">1152</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1153" href="#L1153">1153</a> <strong class="jxr_keyword">public</strong> ArrayList&lt;String&gt; getPackageStructure() {
<a class="jxr_linenumber" name="L1154" href="#L1154">1154</a> <strong class="jxr_keyword">return</strong> packageStructure;
<a class="jxr_linenumber" name="L1155" href="#L1155">1155</a> }
<a class="jxr_linenumber" name="L1156" href="#L1156">1156</a> }
<a class="jxr_linenumber" name="L1157" href="#L1157">1157</a>
<a class="jxr_linenumber" name="L1158" href="#L1158">1158</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L1159" href="#L1159">1159</a> <em class="jxr_javadoccomment"> * Retrieves the next temporary directory to extract an archive too.</em>
<a class="jxr_linenumber" name="L1160" href="#L1160">1160</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L1161" href="#L1161">1161</a> <em class="jxr_javadoccomment"> * @return a directory</em>
<a class="jxr_linenumber" name="L1162" href="#L1162">1162</a> <em class="jxr_javadoccomment"> * @throws AnalysisException thrown if unable to create temporary directory</em>
<a class="jxr_linenumber" name="L1163" href="#L1163">1163</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L1164" href="#L1164">1164</a> <strong class="jxr_keyword">private</strong> File getNextTempDirectory() <strong class="jxr_keyword">throws</strong> AnalysisException {
<a class="jxr_linenumber" name="L1165" href="#L1165">1165</a> dirCount += 1;
<a class="jxr_linenumber" name="L1166" href="#L1166">1166</a> <strong class="jxr_keyword">final</strong> File directory = <strong class="jxr_keyword">new</strong> File(tempFileLocation, String.valueOf(dirCount));
<a class="jxr_linenumber" name="L1167" href="#L1167">1167</a> <em class="jxr_comment">//getting an exception for some directories not being able to be created; might be because the directory already exists?</em>
<a class="jxr_linenumber" name="L1168" href="#L1168">1168</a> <strong class="jxr_keyword">if</strong> (directory.exists()) {
<a class="jxr_linenumber" name="L1169" href="#L1169">1169</a> <strong class="jxr_keyword">return</strong> getNextTempDirectory();
<a class="jxr_linenumber" name="L1170" href="#L1170">1170</a> }
<a class="jxr_linenumber" name="L1171" href="#L1171">1171</a> <strong class="jxr_keyword">if</strong> (!directory.mkdirs()) {
<a class="jxr_linenumber" name="L1172" href="#L1172">1172</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"Unable to create temp directory '%s'."</span>, directory.getAbsolutePath());
<a class="jxr_linenumber" name="L1173" href="#L1173">1173</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(msg);
<a class="jxr_linenumber" name="L1174" href="#L1174">1174</a> }
<a class="jxr_linenumber" name="L1175" href="#L1175">1175</a> <strong class="jxr_keyword">return</strong> directory;
<a class="jxr_linenumber" name="L1176" href="#L1176">1176</a> }
<a class="jxr_linenumber" name="L1177" href="#L1177">1177</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/NexusAnalyzer.html
View File

@@ -268,6 +268,6 @@
<a class="jxr_linenumber" name="L260" href="#L260">260</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.html
View File

@@ -195,6 +195,6 @@
<a class="jxr_linenumber" name="L187" href="#L187">187</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/NuspecAnalyzer.html
View File

@@ -172,6 +172,6 @@
<a class="jxr_linenumber" name="L164" href="#L164">164</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.html
View File

@@ -162,6 +162,6 @@
<a class="jxr_linenumber" name="L154" href="#L154">154</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.html
View File

@@ -183,6 +183,6 @@
<a class="jxr_linenumber" name="L175" href="#L175">175</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/PythonDistributionAnalyzer.html
View File

@@ -382,6 +382,6 @@
<a class="jxr_linenumber" name="L374" href="#L374">374</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/PythonPackageAnalyzer.html
View File

@@ -324,6 +324,6 @@
<a class="jxr_linenumber" name="L316" href="#L316">316</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

16
xref/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.html
View File

@@ -59,8 +59,8 @@
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/AnalysisPhase.html">AnalysisPhase</a> ANALYSIS_PHASE = AnalysisPhase.PRE_INFORMATION_COLLECTION;
<a class="jxr_linenumber" name="L53" href="#L53">53</a>
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> FileFilter FILTER =
<a class="jxr_linenumber" name="L55" href="#L55">55</a> FileFilterBuilder.newInstance().addFilenames(<span class="jxr_string">"Gemfile.lock"</span>).build();
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> FileFilter FILTER
<a class="jxr_linenumber" name="L55" href="#L55">55</a> = FileFilterBuilder.newInstance().addFilenames(<span class="jxr_string">"Gemfile.lock"</span>).build();
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String NAME = <span class="jxr_string">"Name: "</span>;
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VERSION = <span class="jxr_string">"Version: "</span>;
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ADVISORY = <span class="jxr_string">"Advisory: "</span>;
@@ -121,7 +121,7 @@
<a class="jxr_linenumber" name="L113" href="#L113">113</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Bundle-audit error stream unexpectedly not ready."</span>);
<a class="jxr_linenumber" name="L114" href="#L114">114</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L115" href="#L115">115</a> <strong class="jxr_keyword">final</strong> String line = reader.readLine();
<a class="jxr_linenumber" name="L116" href="#L116">116</a> <strong class="jxr_keyword">if</strong> (!line.contains(<span class="jxr_string">"Errno::ENOENT"</span>)) {
<a class="jxr_linenumber" name="L116" href="#L116">116</a> <strong class="jxr_keyword">if</strong> (line == <strong class="jxr_keyword">null</strong> || !line.contains(<span class="jxr_string">"Errno::ENOENT"</span>)) {
<a class="jxr_linenumber" name="L117" href="#L117">117</a> LOGGER.warn(<span class="jxr_string">"Unexpected bundle-audit output. Disabling {}: {}"</span>, ANALYZER_NAME, line);
<a class="jxr_linenumber" name="L118" href="#L118">118</a> setEnabled(false);
<a class="jxr_linenumber" name="L119" href="#L119">119</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/exception/AnalysisException.html">AnalysisException</a>(<span class="jxr_string">"Unexpected bundle-audit output."</span>);
@@ -134,8 +134,8 @@
<a class="jxr_linenumber" name="L126" href="#L126">126</a> }
<a class="jxr_linenumber" name="L127" href="#L127">127</a> }
<a class="jxr_linenumber" name="L128" href="#L128">128</a> <strong class="jxr_keyword">if</strong> (isEnabled()) {
<a class="jxr_linenumber" name="L129" href="#L129">129</a> LOGGER.info(ANALYZER_NAME + <span class="jxr_string">" is enabled. It is necessary to manually run \&quot;bundle-audit update\&quot; "</span> +
<a class="jxr_linenumber" name="L130" href="#L130">130</a> <span class="jxr_string">"occasionally to keep its database up to date."</span>);
<a class="jxr_linenumber" name="L129" href="#L129">129</a> LOGGER.info(ANALYZER_NAME + <span class="jxr_string">" is enabled. It is necessary to manually run \&quot;bundle-audit update\&quot; "</span>
<a class="jxr_linenumber" name="L130" href="#L130">130</a> + <span class="jxr_string">"occasionally to keep its database up to date."</span>);
<a class="jxr_linenumber" name="L131" href="#L131">131</a> }
<a class="jxr_linenumber" name="L132" href="#L132">132</a> }
<a class="jxr_linenumber" name="L133" href="#L133">133</a>
@@ -170,8 +170,8 @@
<a class="jxr_linenumber" name="L162" href="#L162">162</a> }
<a class="jxr_linenumber" name="L163" href="#L163">163</a>
<a class="jxr_linenumber" name="L164" href="#L164">164</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L165" href="#L165">165</a> <em class="jxr_javadoccomment"> * If {@link #analyzeFileType(Dependency, Engine)} is called, then we have successfully initialized, and it will</em>
<a class="jxr_linenumber" name="L166" href="#L166">166</a> <em class="jxr_javadoccomment"> * be necessary to disable {@link RubyGemspecAnalyzer}.</em>
<a class="jxr_linenumber" name="L165" href="#L165">165</a> <em class="jxr_javadoccomment"> * If {@link #analyzeFileType(Dependency, Engine)} is called, then we have successfully initialized, and it will be necessary</em>
<a class="jxr_linenumber" name="L166" href="#L166">166</a> <em class="jxr_javadoccomment"> * to disable {@link RubyGemspecAnalyzer}.</em>
<a class="jxr_linenumber" name="L167" href="#L167">167</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L168" href="#L168">168</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> needToDisableGemspecAnalyzer = <strong class="jxr_keyword">true</strong>;
<a class="jxr_linenumber" name="L169" href="#L169">169</a>
@@ -334,6 +334,6 @@
<a class="jxr_linenumber" name="L326" href="#L326">326</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzer.html
View File

@@ -169,6 +169,6 @@
<a class="jxr_linenumber" name="L161" href="#L161">161</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzer.html
View File

@@ -83,6 +83,6 @@
<a class="jxr_linenumber" name="L75" href="#L75">75</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/exception/AnalysisException.html
View File

@@ -74,6 +74,6 @@
<a class="jxr_linenumber" name="L66" href="#L66">66</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/exception/ArchiveExtractionException.html
View File

@@ -74,6 +74,6 @@
<a class="jxr_linenumber" name="L66" href="#L66">66</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
<div id="footer">Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/exception/package-frame.html
View File

@@ -3,7 +3,7 @@
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Dependency-Check 1.3.3 Reference Package org.owasp.dependencycheck.analyzer.exception</title>
<title>Dependency-Check 1.3.4 Reference Package org.owasp.dependencycheck.analyzer.exception</title>
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
</head>
<body>

4
xref/org/owasp/dependencycheck/analyzer/exception/package-summary.html
View File

@@ -3,7 +3,7 @@
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Dependency-Check 1.3.3 Reference Package org.owasp.dependencycheck.analyzer.exception</title>
<title>Dependency-Check 1.3.4 Reference Package org.owasp.dependencycheck.analyzer.exception</title>
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
</head>
<body>
@@ -68,7 +68,7 @@
</div>
<hr />
<div id="footer">
Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.
Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.
</div>
</body>
</html>

2
xref/org/owasp/dependencycheck/analyzer/package-frame.html
View File

@@ -3,7 +3,7 @@
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Dependency-Check 1.3.3 Reference Package org.owasp.dependencycheck.analyzer</title>
<title>Dependency-Check 1.3.4 Reference Package org.owasp.dependencycheck.analyzer</title>
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
</head>
<body>

4
xref/org/owasp/dependencycheck/analyzer/package-summary.html
View File

@@ -3,7 +3,7 @@
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Dependency-Check 1.3.3 Reference Package org.owasp.dependencycheck.analyzer</title>
<title>Dependency-Check 1.3.4 Reference Package org.owasp.dependencycheck.analyzer</title>
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="style" />
</head>
<body>
@@ -223,7 +223,7 @@
</div>
<hr />
<div id="footer">
Copyright &#169; 2012&#x2013;2015 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.
Copyright &#169; 2012&#x2013;2016 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.
</div>
</body>
</html>