From 947499726a39c07f032a141431971a17af2b4910 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Wed, 15 Mar 2017 07:36:28 -0400 Subject: [PATCH] initial attempt --- .../taskdefs/DependencyCheckTaskTest.java | 8 ++++- .../dependencycheck/data/nvdcve/CveDB.java | 31 ++++++++++--------- .../owasp/dependencycheck/BaseDBTestCase.java | 1 + .../update/NvdCveUpdaterIntegrationTest.java | 4 +-- 4 files changed, 26 insertions(+), 18 deletions(-) diff --git a/dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java b/dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java index de9f62c1e..5cb27bdc3 100644 --- a/dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java +++ b/dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java @@ -30,6 +30,8 @@ import org.owasp.dependencycheck.BaseDBTestCase; import org.owasp.dependencycheck.utils.Settings; import static org.junit.Assert.assertTrue; +import org.owasp.dependencycheck.data.nvdcve.CveDB; +import org.owasp.dependencycheck.data.nvdcve.DatabaseException; /** @@ -48,6 +50,7 @@ public class DependencyCheckTaskTest { public void setUp() throws Exception { Settings.initialize(); BaseDBTestCase.ensureDBExists(); + CveDB.getInstance().openDatabase(); final String buildFile = this.getClass().getClassLoader().getResource("build.xml").getPath(); buildFileRule.configureProject(buildFile); } @@ -57,6 +60,10 @@ public class DependencyCheckTaskTest { //no cleanup... //executeTarget("cleanup"); Settings.cleanup(true); + try { + CveDB.getInstance().closeDatabase(); + } catch (DatabaseException ex) { + } } /** @@ -73,7 +80,6 @@ public class DependencyCheckTaskTest { buildFileRule.executeTarget("test.fileset"); assertTrue("DependencyCheck report was not generated", report.exists()); - } /** diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java index 0a966a24b..ffaabf023 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java @@ -75,7 +75,7 @@ public final class CveDB { /** * The bundle of statements used when accessing the database. */ - private final ResourceBundle statementBundle; + private ResourceBundle statementBundle; /** * Database properties object containing the 'properties' from the database * table. @@ -84,7 +84,7 @@ public final class CveDB { /** * The prepared statements. */ - private final EnumMap preparedStatements; + private EnumMap preparedStatements; /** * The enum value names must match the keys of the statements in the @@ -203,12 +203,6 @@ public final class CveDB { */ private CveDB() throws DatabaseException { openDatabase(); - final String databaseProductName = determineDatabaseProductName(); - statementBundle = databaseProductName != null - ? ResourceBundle.getBundle("data/dbStatements", new Locale(databaseProductName)) - : ResourceBundle.getBundle("data/dbStatements"); - preparedStatements = prepareStatements(); - databaseProperties = new DatabaseProperties(this); } /** @@ -237,6 +231,12 @@ public final class CveDB { public synchronized void openDatabase() throws DatabaseException { if (!isOpen()) { connection = ConnectionFactory.getConnection(); + final String databaseProductName = determineDatabaseProductName(); + statementBundle = databaseProductName != null + ? ResourceBundle.getBundle("data/dbStatements", new Locale(databaseProductName)) + : ResourceBundle.getBundle("data/dbStatements"); + preparedStatements = prepareStatements(); + databaseProperties = new DatabaseProperties(this); } } @@ -257,7 +257,8 @@ public final class CveDB { LOGGER.debug("", ex); } connection = null; - instance = null; + preparedStatements = null; + databaseProperties = null; } } @@ -266,7 +267,7 @@ public final class CveDB { * * @return whether the database connection is open or closed */ - private boolean isOpen() { + private synchronized boolean isOpen() { return connection != null; } @@ -277,7 +278,7 @@ public final class CveDB { * @throws DatabaseException thrown if there is an error preparing the * statements */ - private EnumMap prepareStatements() + private synchronized EnumMap prepareStatements() throws DatabaseException { final EnumMap result = new EnumMap<>(PreparedStatementCveDb.class); @@ -301,7 +302,7 @@ public final class CveDB { /** * Closes all prepared statements. */ - private void closeStatements() { + private synchronized void closeStatements() { for (PreparedStatement preparedStatement : preparedStatements.values()) { DBUtils.closeStatement(preparedStatement); } @@ -315,7 +316,7 @@ public final class CveDB { * @return the prepared statement * @throws SQLException thrown if a SQL Exception occurs */ - private PreparedStatement getPreparedStatement(PreparedStatementCveDb key) throws SQLException { + private synchronized PreparedStatement getPreparedStatement(PreparedStatementCveDb key) throws SQLException { final PreparedStatement preparedStatement = preparedStatements.get(key); preparedStatement.clearParameters(); return preparedStatement; @@ -351,7 +352,7 @@ public final class CveDB { * * @return the value of databaseProperties */ - public DatabaseProperties getDatabaseProperties() { + public synchronized DatabaseProperties getDatabaseProperties() { return databaseProperties; } @@ -360,7 +361,7 @@ public final class CveDB { * * @return the database properties */ - protected DatabaseProperties reloadProperties() { + protected synchronized DatabaseProperties reloadProperties() { databaseProperties = new DatabaseProperties(this); return databaseProperties; } diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java index 5582c69f8..79e372d13 100644 --- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java +++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java @@ -51,6 +51,7 @@ public abstract class BaseDBTestCase extends BaseTest { @Before public void setUpDb() throws Exception { ensureDBExists(); + CveDB.getInstance().openDatabase(); } @AfterClass diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java index d2305a956..5ebe3351f 100644 --- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java +++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java @@ -20,7 +20,7 @@ package org.owasp.dependencycheck.data.update; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.fail; import org.junit.Test; -import org.owasp.dependencycheck.BaseTest; +import org.owasp.dependencycheck.BaseDBTestCase; import org.owasp.dependencycheck.data.update.exception.UpdateException; import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve; @@ -28,7 +28,7 @@ import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve; * * @author Jeremy Long */ -public class NvdCveUpdaterIntegrationTest extends BaseTest { +public class NvdCveUpdaterIntegrationTest extends BaseDBTestCase { public NvdCveUpdater getUpdater() { NvdCveUpdater instance = new NvdCveUpdater();