From 92d306f7777d7f169f25b12e5f57adfbc9ffe183 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Mon, 3 Jun 2013 20:07:39 -0400 Subject: [PATCH] findbugs fixes Former-commit-id: 390c00542b8ee16746118126bd9d6b7f4f98b546 --- .../owasp/dependencycheck/analyzer/JarAnalyzer.java | 7 +++---- .../data/nvdcve/xml/DatabaseUpdater.java | 10 ++++++---- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java b/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java index 5006a71b5..9fffbd282 100644 --- a/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java +++ b/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java @@ -224,8 +224,6 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer { * @throws AnalysisException is thrown if there is an exception parsing the pom. * @return whether or not evidence was added to the dependency */ - //@edu.umd.cs.findbugs.annotations.SuppressWarnings(value = "OS_OPEN_STREAM", - //justification = "The reader on line 259 is closed by closing the zipEntry") protected boolean analyzePOM(Dependency dependency) throws AnalysisException { boolean foundSomething = false; final JarFile jar; @@ -238,7 +236,6 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer { Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg, ex); return foundSomething; } - final List poms = new ArrayList(); List pomEntries; try { pomEntries = retrievePomListing(jar); @@ -283,6 +280,8 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer { * @return a Properties object or null if no pom.properties was found * @throws IOException thrown if there is an exception reading the pom.properties */ + @edu.umd.cs.findbugs.annotations.SuppressWarnings(value = "OS_OPEN_STREAM", + justification = "The reader is closed by closing the zipEntry") private Properties retrievePomProperties(String path, final JarFile jar) throws IOException { Properties pomProperties = null; String propPath = path.substring(0, path.length() - 7) + "pom.properies"; @@ -726,7 +725,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer { * within the text. * @return the interpolated text. */ - private String interpolateString(String text, Properties properties) { + protected String interpolateString(String text, Properties properties) { //${project.build.directory} if (properties == null || text == null) { return text; diff --git a/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java b/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java index c31802a30..b6b0865fb 100644 --- a/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java +++ b/src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java @@ -140,21 +140,23 @@ public class DatabaseUpdater implements CachedWebDataSource { } catch (ClassNotFoundException ex) { throw new UpdateException(ex); } finally { + boolean deleted = false; try { if (outputPath != null && outputPath.exists()) { - outputPath.delete(); + deleted = outputPath.delete(); } } finally { - if (outputPath != null && outputPath.exists()) { + if (outputPath != null && (outputPath.exists() || !deleted)) { outputPath.deleteOnExit(); } } try { + deleted = false; if (outputPath12 != null && outputPath12.exists()) { - outputPath12.delete(); + deleted = outputPath12.delete(); } } finally { - if (outputPath12 != null && outputPath12.exists()) { + if (outputPath12 != null && (outputPath12.exists() || !deleted)) { outputPath12.deleteOnExit(); } }