From 97238b764f3a65400a7e6ee2f022fc51f4cf34e9 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Fri, 3 Jan 2014 14:56:18 -0500 Subject: [PATCH] findbugs/checkstyle patches Former-commit-id: b796c6631e20064fe2098721995a271b6cb44f66 --- .../analyzer/DependencyBundlingAnalyzer.java | 2 +- .../java/org/owasp/dependencycheck/data/nvdcve/CveDB.java | 4 +++- .../org/owasp/dependencycheck/data/update/ProcessTask.java | 6 ++++++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java index 3de8b935e..819e75fb6 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java @@ -218,7 +218,7 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal final String oneParent = one.getParent(); final String twoParent = two.getParent(); if (oneParent != null) { - if (twoParent != null && oneParent.equals(twoParent)) { + if (oneParent.equals(twoParent)) { fileName1 = one.getName(); fileName2 = two.getName(); } else { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java index 8d86230ca..043cb51e8 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java @@ -409,9 +409,10 @@ public class CveDB { */ Properties getProperties() { final Properties prop = new Properties(); + PreparedStatement ps = null; ResultSet rs = null; try { - final PreparedStatement ps = getConnection().prepareStatement(SELECT_PROPERTIES); + ps = getConnection().prepareStatement(SELECT_PROPERTIES); rs = ps.executeQuery(); while (rs.next()) { prop.setProperty(rs.getString(1), rs.getString(2)); @@ -421,6 +422,7 @@ public class CveDB { Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, msg); Logger.getLogger(CveDB.class.getName()).log(Level.FINE, null, ex); } finally { + DBUtils.closeStatement(ps); DBUtils.closeResultSet(rs); } return prop; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/ProcessTask.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/ProcessTask.java index 9b2063e8c..21fc06603 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/ProcessTask.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/ProcessTask.java @@ -140,6 +140,12 @@ public class ProcessTask implements Callable { saxParser.parse(file, cve20Handler); } + /** + * Processes the NVD CVE XML file and imports the data into the DB. + * + * @throws UpdateException thrown if there is an error loading the data into + * the database + */ private void processFiles() throws UpdateException { String msg = String.format("Processing Started for NVD CVE - %s", filePair.getNvdCveInfo().getId()); Logger.getLogger(StandardUpdate.class.getName()).log(Level.INFO, msg);