github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-20 08:14:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

use try with resources

Browse Source
This commit is contained in:
Jeremy Long
2017-03-11 13:26:56 -05:00
parent 8856ff04ec
commit 8ea6b08a0a
1 changed files with 38 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -247,28 +247,12 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
* @return whether or not evidence was added to the dependency * @return whether or not evidence was added to the dependency
*/ */
protected boolean analyzePOM(Dependency dependency, List<ClassNameInformation> classes, Engine engine) throws AnalysisException { protected boolean analyzePOM(Dependency dependency, List<ClassNameInformation> classes, Engine engine) throws AnalysisException {
JarFile jar = null; try (JarFile jar = new JarFile(dependency.getActualFilePath())) {
List<String> pomEntries; List<String> pomEntries = retrievePomListing(jar);
try {
jar = new JarFile(dependency.getActualFilePath());
pomEntries = retrievePomListing(jar);
} catch (IOException ex) {
LOGGER.warn("Unable to read JarFile '{}'.", dependency.getActualFilePath());
LOGGER.trace("", ex);
if (jar != null) {
try {
jar.close();
} catch (IOException ex1) {
LOGGER.trace("", ex1);
}
}
return false;
}
if (pomEntries != null && pomEntries.size() <= 1) { if (pomEntries != null && pomEntries.size() <= 1) {
try { String path;
String path = null; File pomFile;
Properties pomProperties = null; Properties pomProperties = null;
File pomFile = null;
if (pomEntries.size() == 1) { if (pomEntries.size() == 1) {
path = pomEntries.get(0); path = pomEntries.get(0);
pomFile = extractPom(path, jar); pomFile = extractPom(path, jar);
@@ -282,20 +266,10 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
if (pom != null && pomProperties != null) { if (pom != null && pomProperties != null) {
pom.processProperties(pomProperties); pom.processProperties(pomProperties);
} }
if (pom != null) { return pom != null && setPomEvidence(dependency, pom, classes);
return setPomEvidence(dependency, pom, classes);
}
return false;
} else { } else {
return false; return false;
} }
} finally {
try {
jar.close();
} catch (IOException ex) {
LOGGER.trace("", ex);
}
}
} }
//reported possible null dereference on pomEntries is on a non-feasible path //reported possible null dereference on pomEntries is on a non-feasible path
@@ -328,9 +302,8 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
LOGGER.trace("", ex); LOGGER.trace("", ex);
} }
} }
try {
jar.close();
} catch (IOException ex) { } catch (IOException ex) {
LOGGER.warn("Unable to read JarFile '{}'.", dependency.getActualFilePath());
LOGGER.trace("", ex); LOGGER.trace("", ex);
} }
return false; return false;
@@ -437,11 +410,11 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
* otherwise false * otherwise false
*/ */
public static boolean setPomEvidence(Dependency dependency, Model pom, List<ClassNameInformation> classes) { public static boolean setPomEvidence(Dependency dependency, Model pom, List<ClassNameInformation> classes) {
if (pom == null) {
return false;
}
boolean foundSomething = false; boolean foundSomething = false;
boolean addAsIdentifier = true; boolean addAsIdentifier = true;
if (pom == null) {
return foundSomething;
}
String groupid = pom.getGroupId(); String groupid = pom.getGroupId();
String parentGroupId = pom.getParentGroupId(); String parentGroupId = pom.getParentGroupId();
String artifactid = pom.getArtifactId(); String artifactid = pom.getArtifactId();