mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-21 00:29:21 +01:00
code cleanup and java 7 exception handling improvements
This commit is contained in:
Jeremy Long
@@ -626,7 +626,6 @@ public class Engine implements FileFilter {
|
|||||||
* Initializes the given analyzer.
|
* Initializes the given analyzer.
|
||||||
*
|
*
|
||||||
* @param analyzer the analyzer to initialize
|
* @param analyzer the analyzer to initialize
|
||||||
* @return the initialized analyzer
|
|
||||||
* @throws InitializationException thrown when there is a problem
|
* @throws InitializationException thrown when there is a problem
|
||||||
* initializing the analyzer
|
* initializing the analyzer
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -571,9 +571,6 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
try {
|
try {
|
||||||
out = new FileOutputStream(outputFile);
|
out = new FileOutputStream(outputFile);
|
||||||
IOUtils.copy(inputStream, out);
|
IOUtils.copy(inputStream, out);
|
||||||
} catch (FileNotFoundException ex) {
|
|
||||||
LOGGER.debug("", ex);
|
|
||||||
throw new ArchiveExtractionException(ex);
|
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new ArchiveExtractionException(ex);
|
throw new ArchiveExtractionException(ex);
|
||||||
|
|||||||
@@ -25,15 +25,8 @@ import java.io.InputStream;
|
|||||||
import java.io.InputStreamReader;
|
import java.io.InputStreamReader;
|
||||||
import java.io.Reader;
|
import java.io.Reader;
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
import java.util.ArrayList;
|
import java.util.*;
|
||||||
import java.util.Enumeration;
|
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
import java.util.Map.Entry;
|
import java.util.Map.Entry;
|
||||||
import java.util.Properties;
|
|
||||||
import java.util.Set;
|
|
||||||
import java.util.StringTokenizer;
|
|
||||||
import java.util.concurrent.atomic.AtomicInteger;
|
import java.util.concurrent.atomic.AtomicInteger;
|
||||||
import java.util.jar.Attributes;
|
import java.util.jar.Attributes;
|
||||||
import java.util.jar.JarEntry;
|
import java.util.jar.JarEntry;
|
||||||
@@ -350,8 +343,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
* @param path the path to the pom.xml within the JarFile
|
* @param path the path to the pom.xml within the JarFile
|
||||||
* @param jar the JarFile to load the pom.properties from
|
* @param jar the JarFile to load the pom.properties from
|
||||||
* @return a Properties object or null if no pom.properties was found
|
* @return a Properties object or null if no pom.properties was found
|
||||||
* @throws IOException thrown if there is an exception reading the
|
|
||||||
* pom.properties
|
|
||||||
*/
|
*/
|
||||||
private Properties retrievePomProperties(String path, final JarFile jar) {
|
private Properties retrievePomProperties(String path, final JarFile jar) {
|
||||||
Properties pomProperties = null;
|
Properties pomProperties = null;
|
||||||
@@ -1127,7 +1118,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
* package structure. Up to the first four levels of the package
|
* package structure. Up to the first four levels of the package
|
||||||
* structure are stored, excluding a leading "org" or "com".
|
* structure are stored, excluding a leading "org" or "com".
|
||||||
* Example:</p>
|
* Example:</p>
|
||||||
* <code>ClassNameInformation obj = new ClassNameInformation("org.owasp.dependencycheck.analyzer.JarAnalyzer");
|
* <code>ClassNameInformation obj = new ClassNameInformation("org/owasp/dependencycheck/analyzer/JarAnalyzer");
|
||||||
* System.out.println(obj.getName());
|
* System.out.println(obj.getName());
|
||||||
* for (String p : obj.getPackageStructure())
|
* for (String p : obj.getPackageStructure())
|
||||||
* System.out.println(p);
|
* System.out.println(p);
|
||||||
@@ -1155,9 +1146,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
if (tmp.length <= end) {
|
if (tmp.length <= end) {
|
||||||
end = tmp.length - 1;
|
end = tmp.length - 1;
|
||||||
}
|
}
|
||||||
for (int i = start; i <= end; i++) {
|
packageStructure.addAll(Arrays.asList(tmp).subList(start, end + 1));
|
||||||
packageStructure.add(tmp[i]);
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
packageStructure.add(name);
|
packageStructure.add(name);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -98,7 +98,7 @@ public class EngineVersionCheck implements CachedWebDataSource {
|
|||||||
final boolean enabled = Settings.getBoolean(Settings.KEYS.UPDATE_VERSION_CHECK_ENABLED, true);
|
final boolean enabled = Settings.getBoolean(Settings.KEYS.UPDATE_VERSION_CHECK_ENABLED, true);
|
||||||
final String original = Settings.getString(Settings.KEYS.CVE_ORIGINAL_MODIFIED_20_URL);
|
final String original = Settings.getString(Settings.KEYS.CVE_ORIGINAL_MODIFIED_20_URL);
|
||||||
final String current = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
|
final String current = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
|
||||||
/**
|
/*
|
||||||
* Only update if auto-update is enabled, the engine check is
|
* Only update if auto-update is enabled, the engine check is
|
||||||
* enabled, and the NVD CVE URLs have not been modified (i.e. the
|
* enabled, and the NVD CVE URLs have not been modified (i.e. the
|
||||||
* user has not configured them to point to an internal source).
|
* user has not configured them to point to an internal source).
|
||||||
|
|||||||
@@ -182,9 +182,7 @@ public class NvdCve20Handler extends DefaultHandler {
|
|||||||
totalNumberOfApplicationEntries += 1;
|
totalNumberOfApplicationEntries += 1;
|
||||||
try {
|
try {
|
||||||
saveEntry(vulnerability);
|
saveEntry(vulnerability);
|
||||||
} catch (DatabaseException ex) {
|
} catch (DatabaseException | CorruptIndexException ex) {
|
||||||
throw new SAXException(ex);
|
|
||||||
} catch (CorruptIndexException ex) {
|
|
||||||
throw new SAXException(ex);
|
throw new SAXException(ex);
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
throw new SAXException(ex);
|
throw new SAXException(ex);
|
||||||
|
|||||||
@@ -167,8 +167,6 @@ public class ProcessTask implements Callable<ProcessTask> {
|
|||||||
importXML(filePair.getFirst(), filePair.getSecond());
|
importXML(filePair.getFirst(), filePair.getSecond());
|
||||||
cveDB.commit();
|
cveDB.commit();
|
||||||
properties.save(filePair.getNvdCveInfo());
|
properties.save(filePair.getNvdCveInfo());
|
||||||
} catch (FileNotFoundException ex) {
|
|
||||||
throw new UpdateException(ex);
|
|
||||||
} catch (ParserConfigurationException | SAXException | SQLException | DatabaseException | ClassNotFoundException | IOException ex) {
|
} catch (ParserConfigurationException | SAXException | SQLException | DatabaseException | ClassNotFoundException | IOException ex) {
|
||||||
throw new UpdateException(ex);
|
throw new UpdateException(ex);
|
||||||
} finally {
|
} finally {
|
||||||
|
|||||||
@@ -156,7 +156,7 @@ public class HintParser {
|
|||||||
hints.setHintRules(handler.getHintRules());
|
hints.setHintRules(handler.getHintRules());
|
||||||
hints.setVendorDuplicatingHintRules(handler.getVendorDuplicatingHintRules());
|
hints.setVendorDuplicatingHintRules(handler.getVendorDuplicatingHintRules());
|
||||||
return hints;
|
return hints;
|
||||||
} catch (ParserConfigurationException ex) {
|
} catch (ParserConfigurationException | FileNotFoundException ex) {
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new HintParseException(ex);
|
throw new HintParseException(ex);
|
||||||
} catch (SAXException ex) {
|
} catch (SAXException ex) {
|
||||||
@@ -166,9 +166,6 @@ public class HintParser {
|
|||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new HintParseException(ex);
|
throw new HintParseException(ex);
|
||||||
}
|
}
|
||||||
} catch (FileNotFoundException ex) {
|
|
||||||
LOGGER.debug("", ex);
|
|
||||||
throw new HintParseException(ex);
|
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new HintParseException(ex);
|
throw new HintParseException(ex);
|
||||||
|
|||||||
@@ -98,10 +98,7 @@ public class PomParser {
|
|||||||
final InputSource in = new InputSource(reader);
|
final InputSource in = new InputSource(reader);
|
||||||
xmlReader.parse(in);
|
xmlReader.parse(in);
|
||||||
return handler.getModel();
|
return handler.getModel();
|
||||||
} catch (ParserConfigurationException | SAXException ex) {
|
} catch (ParserConfigurationException | SAXException | FileNotFoundException ex) {
|
||||||
LOGGER.debug("", ex);
|
|
||||||
throw new PomParseException(ex);
|
|
||||||
} catch (FileNotFoundException ex) {
|
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new PomParseException(ex);
|
throw new PomParseException(ex);
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
|
|||||||
@@ -18,6 +18,8 @@
|
|||||||
package org.owasp.dependencycheck.xml.suppression;
|
package org.owasp.dependencycheck.xml.suppression;
|
||||||
|
|
||||||
import org.owasp.dependencycheck.utils.XmlUtils;
|
import org.owasp.dependencycheck.utils.XmlUtils;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
import org.xml.sax.ErrorHandler;
|
import org.xml.sax.ErrorHandler;
|
||||||
import org.xml.sax.SAXException;
|
import org.xml.sax.SAXException;
|
||||||
import org.xml.sax.SAXParseException;
|
import org.xml.sax.SAXParseException;
|
||||||
@@ -32,7 +34,7 @@ public class SuppressionErrorHandler implements ErrorHandler {
|
|||||||
/**
|
/**
|
||||||
* The logger.
|
* The logger.
|
||||||
*/
|
*/
|
||||||
//private static final Logger LOGGER = LoggerFactory.getLogger(SuppressionErrorHandler.class);
|
private static final Logger LOGGER = LoggerFactory.getLogger(SuppressionErrorHandler.class);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Logs warnings.
|
* Logs warnings.
|
||||||
@@ -42,7 +44,7 @@ public class SuppressionErrorHandler implements ErrorHandler {
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void warning(SAXParseException ex) throws SAXException {
|
public void warning(SAXParseException ex) throws SAXException {
|
||||||
//LOGGER.debug("", ex);
|
LOGGER.trace("", ex);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -60,7 +62,7 @@ public class SuppressionErrorHandler implements ErrorHandler {
|
|||||||
* Handles fatal exceptions.
|
* Handles fatal exceptions.
|
||||||
*
|
*
|
||||||
* @param ex a fatal exception
|
* @param ex a fatal exception
|
||||||
* @throws SAXException is always
|
* @throws SAXException is always thrown
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void fatalError(SAXParseException ex) throws SAXException {
|
public void fatalError(SAXParseException ex) throws SAXException {
|
||||||
|
|||||||
@@ -136,7 +136,7 @@ public class SuppressionParser {
|
|||||||
final InputSource in = new InputSource(reader);
|
final InputSource in = new InputSource(reader);
|
||||||
xmlReader.parse(in);
|
xmlReader.parse(in);
|
||||||
return handler.getSuppressionRules();
|
return handler.getSuppressionRules();
|
||||||
} catch (ParserConfigurationException ex) {
|
} catch (ParserConfigurationException | FileNotFoundException ex) {
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new SuppressionParseException(ex);
|
throw new SuppressionParseException(ex);
|
||||||
} catch (SAXException ex) {
|
} catch (SAXException ex) {
|
||||||
@@ -146,9 +146,6 @@ public class SuppressionParser {
|
|||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new SuppressionParseException(ex);
|
throw new SuppressionParseException(ex);
|
||||||
}
|
}
|
||||||
} catch (FileNotFoundException ex) {
|
|
||||||
LOGGER.debug("", ex);
|
|
||||||
throw new SuppressionParseException(ex);
|
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
throw new SuppressionParseException(ex);
|
throw new SuppressionParseException(ex);
|
||||||
|
|||||||
Reference in New Issue
Block a user