code cleanup and java 7 exception handling improvements

dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java

@@ -626,7 +626,6 @@ public class Engine implements FileFilter {
      * Initializes the given analyzer.
      *
      * @param analyzer the analyzer to initialize
-     * @return the initialized analyzer
      * @throws InitializationException thrown when there is a problem
      * initializing the analyzer
      */

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java

@@ -571,9 +571,6 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
         try {
             out = new FileOutputStream(outputFile);
             IOUtils.copy(inputStream, out);
-        } catch (FileNotFoundException ex) {
-            LOGGER.debug("", ex);
-            throw new ArchiveExtractionException(ex);
         } catch (IOException ex) {
             LOGGER.debug("", ex);
             throw new ArchiveExtractionException(ex);

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java

@@ -25,15 +25,8 @@ import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import java.io.UnsupportedEncodingException;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 import java.util.Map.Entry;
-import java.util.Properties;
-import java.util.Set;
-import java.util.StringTokenizer;
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.jar.Attributes;
 import java.util.jar.JarEntry;
@@ -350,8 +343,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      * @param path the path to the pom.xml within the JarFile
      * @param jar the JarFile to load the pom.properties from
      * @return a Properties object or null if no pom.properties was found
-     * @throws IOException thrown if there is an exception reading the
-     * pom.properties
      */
     private Properties retrievePomProperties(String path, final JarFile jar) {
         Properties pomProperties = null;
@@ -1127,7 +1118,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
          * package structure. Up to the first four levels of the package
          * structure are stored, excluding a leading "org" or "com".
          * Example:</p>
-         * <code>ClassNameInformation obj = new ClassNameInformation("org.owasp.dependencycheck.analyzer.JarAnalyzer");
+         * <code>ClassNameInformation obj = new ClassNameInformation("org/owasp/dependencycheck/analyzer/JarAnalyzer");
          * System.out.println(obj.getName());
          * for (String p : obj.getPackageStructure())
          *     System.out.println(p);
@@ -1155,9 +1146,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
                 if (tmp.length <= end) {
                     end = tmp.length - 1;
                 }
-                for (int i = start; i <= end; i++) {
-                    packageStructure.add(tmp[i]);
-                }
+                packageStructure.addAll(Arrays.asList(tmp).subList(start, end + 1));
             } else {
                 packageStructure.add(name);
             }

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/EngineVersionCheck.java

@@ -98,7 +98,7 @@ public class EngineVersionCheck implements CachedWebDataSource {
             final boolean enabled = Settings.getBoolean(Settings.KEYS.UPDATE_VERSION_CHECK_ENABLED, true);
             final String original = Settings.getString(Settings.KEYS.CVE_ORIGINAL_MODIFIED_20_URL);
             final String current = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
-            /**
+            /*
              * Only update if auto-update is enabled, the engine check is
              * enabled, and the NVD CVE URLs have not been modified (i.e. the
              * user has not configured them to point to an internal source).

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/NvdCve20Handler.java

@@ -182,9 +182,7 @@ public class NvdCve20Handler extends DefaultHandler {
                 totalNumberOfApplicationEntries += 1;
                 try {
                     saveEntry(vulnerability);
-                } catch (DatabaseException ex) {
-                    throw new SAXException(ex);
-                } catch (CorruptIndexException ex) {
+                } catch (DatabaseException | CorruptIndexException ex) {
                     throw new SAXException(ex);
                 } catch (IOException ex) {
                     throw new SAXException(ex);

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/ProcessTask.java

@@ -167,8 +167,6 @@ public class ProcessTask implements Callable<ProcessTask> {
             importXML(filePair.getFirst(), filePair.getSecond());
             cveDB.commit();
             properties.save(filePair.getNvdCveInfo());
-        } catch (FileNotFoundException ex) {
-            throw new UpdateException(ex);
         } catch (ParserConfigurationException | SAXException | SQLException | DatabaseException | ClassNotFoundException | IOException ex) {
             throw new UpdateException(ex);
         } finally {

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintParser.java

@@ -156,7 +156,7 @@ public class HintParser {
             hints.setHintRules(handler.getHintRules());
             hints.setVendorDuplicatingHintRules(handler.getVendorDuplicatingHintRules());
             return hints;
-        } catch (ParserConfigurationException ex) {
+        } catch (ParserConfigurationException | FileNotFoundException ex) {
             LOGGER.debug("", ex);
             throw new HintParseException(ex);
         } catch (SAXException ex) {
@@ -166,9 +166,6 @@ public class HintParser {
                 LOGGER.debug("", ex);
                 throw new HintParseException(ex);
             }
-        } catch (FileNotFoundException ex) {
-            LOGGER.debug("", ex);
-            throw new HintParseException(ex);
         } catch (IOException ex) {
             LOGGER.debug("", ex);
             throw new HintParseException(ex);

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/PomParser.java

@@ -98,10 +98,7 @@ public class PomParser {
             final InputSource in = new InputSource(reader);
             xmlReader.parse(in);
             return handler.getModel();
-        } catch (ParserConfigurationException | SAXException ex) {
-            LOGGER.debug("", ex);
-            throw new PomParseException(ex);
-        } catch (FileNotFoundException ex) {
+        } catch (ParserConfigurationException | SAXException | FileNotFoundException ex) {
             LOGGER.debug("", ex);
             throw new PomParseException(ex);
         } catch (IOException ex) {

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionErrorHandler.java

@@ -18,6 +18,8 @@
 package org.owasp.dependencycheck.xml.suppression;
 
 import org.owasp.dependencycheck.utils.XmlUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.xml.sax.ErrorHandler;
 import org.xml.sax.SAXException;
 import org.xml.sax.SAXParseException;
@@ -32,7 +34,7 @@ public class SuppressionErrorHandler implements ErrorHandler {
     /**
      * The logger.
      */
-    //private static final Logger LOGGER = LoggerFactory.getLogger(SuppressionErrorHandler.class);
+    private static final Logger LOGGER = LoggerFactory.getLogger(SuppressionErrorHandler.class);
 
     /**
      * Logs warnings.
@@ -42,7 +44,7 @@ public class SuppressionErrorHandler implements ErrorHandler {
      */
     @Override
     public void warning(SAXParseException ex) throws SAXException {
-        //LOGGER.debug("", ex);
+        LOGGER.trace("", ex);
     }
 
     /**
@@ -60,7 +62,7 @@ public class SuppressionErrorHandler implements ErrorHandler {
      * Handles fatal exceptions.
      *
      * @param ex a fatal exception
-     * @throws SAXException is always
+     * @throws SAXException is always thrown
      */
     @Override
     public void fatalError(SAXParseException ex) throws SAXException {

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionParser.java

@@ -136,7 +136,7 @@ public class SuppressionParser {
             final InputSource in = new InputSource(reader);
             xmlReader.parse(in);
             return handler.getSuppressionRules();
-        } catch (ParserConfigurationException ex) {
+        } catch (ParserConfigurationException | FileNotFoundException ex) {
             LOGGER.debug("", ex);
             throw new SuppressionParseException(ex);
         } catch (SAXException ex) {
@@ -146,9 +146,6 @@ public class SuppressionParser {
                 LOGGER.debug("", ex);
                 throw new SuppressionParseException(ex);
             }
-        } catch (FileNotFoundException ex) {
-            LOGGER.debug("", ex);
-            throw new SuppressionParseException(ex);
         } catch (IOException ex) {
             LOGGER.debug("", ex);
             throw new SuppressionParseException(ex);