github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 00:33:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

updates and bug fixes for CPE data

Browse Source 
Former-commit-id: 367da7219f76f370e87aa410d70a83553e71d828
This commit is contained in:
Jeremy Long
2012-12-29 08:28:23 -05:00
parent 76899996c2
commit 9e489c0c55
28 changed files with 1277 additions and 161664 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/test/java/org/codesecure/dependencycheck/data/cpe/CPEAnalyzerTest.java
View File

@@ -113,40 +113,14 @@ public class CPEAnalyzerTest extends BaseIndexTestCase {
assertTrue("Incorrect match", depends.getIdentifiers().get(0).getValue().equals(expResult));
}
/**
* Test of searchCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testSearchCPE_3args() throws Exception {
System.out.println("searchCPE - 3 args");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
List<Entry> result = instance.searchCPE(vendor, product, version);
assertEquals(expResult, result.get(0).getName());
vendor = "apache software foundation";
product = "struts 2 core";
version = "2.3.1.2";
expResult = "cpe:/a:apache:struts:2.3.1.2";
result = instance.searchCPE(vendor, product, version);
assertEquals(expResult, result.get(0).getName());
instance.close();
}
/**
* Test of searchCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testSearchCPE_5args() throws Exception {
System.out.println("searchCPE - 5 args");
public void testSearchCPE() throws Exception {
System.out.println("searchCPE");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";

47
src/test/java/org/codesecure/dependencycheck/data/cpe/xml/ImporterTest.java
View File

@@ -1,47 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.cpe.xml;
import java.io.File;
import junit.framework.TestCase;
import org.codesecure.dependencycheck.data.cpe.xml.Importer;
import org.xml.sax.Attributes;
/**
*
* @author jeremy
*/
public class ImporterTest extends TestCase {
public ImporterTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of all methods within class CPEHandler.
* @throws Exception is thrown when an excretion occurs.
*/
public void testHandler() throws Exception {
System.out.println("importXML");
File path = new File(this.getClass().getClassLoader().getResource("official-cpe-dictionary_v2.2.xml").getPath());
Importer.importXML(path.getCanonicalPath());
}
}

133
src/test/java/org/codesecure/dependencycheck/data/lucene/FieldAnalyzerTest.java Normal file
View File

@@ -0,0 +1,133 @@
package org.codesecure.dependencycheck.data.lucene;
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
import java.util.Map;
import java.util.HashMap;
import org.apache.lucene.queryparser.classic.QueryParser;
import org.apache.lucene.analysis.standard.StandardAnalyzer;
import org.apache.lucene.analysis.Analyzer;
import org.apache.lucene.search.ScoreDoc;
import org.apache.lucene.search.TopScoreDocCollector;
import org.apache.lucene.search.IndexSearcher;
import org.apache.lucene.index.IndexReader;
import org.apache.lucene.search.Query;
import java.io.IOException;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.TextField;
import org.apache.lucene.document.Document;
import org.apache.lucene.index.DirectoryReader;
import org.apache.lucene.index.IndexWriter;
import org.apache.lucene.index.IndexWriterConfig;
import org.apache.lucene.store.RAMDirectory;
import org.apache.lucene.store.Directory;
import org.apache.lucene.util.Version;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class FieldAnalyzerTest {
public FieldAnalyzerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@Test
public void testAnalyzers() throws Exception {
Analyzer analyzer = new FieldAnalyzer(Version.LUCENE_40);
Directory index = new RAMDirectory();
String field1 = "product";
String text1 = "springframework";
String field2 = "vendor";
String text2 = "springsource";
createIndex(analyzer, index, field1, text1, field2, text2);
//Analyzer searchingAnalyzer = new SearchFieldAnalyzer(Version.LUCENE_40);
String querystr = "product:\"(Spring Framework Core)\" vendor:(SpringSource)";
SearchFieldAnalyzer searchAnalyzerProduct = new SearchFieldAnalyzer(Version.LUCENE_40);
SearchFieldAnalyzer searchAnalyzerVendor = new SearchFieldAnalyzer(Version.LUCENE_40);
HashMap<String,Analyzer> map = new HashMap<String,Analyzer>();
map.put(field1, searchAnalyzerProduct);
map.put(field2, searchAnalyzerVendor);
PerFieldAnalyzerWrapper wrapper = new PerFieldAnalyzerWrapper(new StandardAnalyzer(Version.LUCENE_40), map);
QueryParser parser = new QueryParser(Version.LUCENE_40, field1, wrapper);
Query q = parser.parse(querystr);
//System.out.println(q.toString());
int hitsPerPage = 10;
IndexReader reader = DirectoryReader.open(index);
IndexSearcher searcher = new IndexSearcher(reader);
TopScoreDocCollector collector = TopScoreDocCollector.create(hitsPerPage, true);
searcher.search(q, collector);
ScoreDoc[] hits = collector.topDocs().scoreDocs;
assertEquals("Did not find 1 document?", 1, hits.length);
searchAnalyzerProduct.clear(); //ensure we don't have anything left over from the previuos search.
searchAnalyzerVendor.clear();
querystr = "product:(Apache Struts) vendor:(Apache)";
Query q2 = parser.parse(querystr);
//System.out.println(q2.toString());
assertFalse("second parsing contains previousWord from the TokenPairConcatenatingFilter", q2.toString().contains("core"));
}
private void createIndex(Analyzer analyzer, Directory index, String field1, String text1, String field2, String text2) throws IOException {
IndexWriterConfig config = new IndexWriterConfig(Version.LUCENE_40, analyzer);
IndexWriter w = new IndexWriter(index, config);
addDoc(w, field1, text1, field2, text2);
w.close();
}
private static void addDoc(IndexWriter w, String field1, String text1, String field2, String text2) throws IOException {
Document doc = new Document();
doc.add(new TextField(field1, text1, Field.Store.YES));
doc.add(new TextField(field2, text2, Field.Store.YES));
w.addDocument(doc);
}
}

17
src/test/java/org/codesecure/dependencycheck/data/nvdcve/IndexIntegrationTest.java → src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdaterIntegrationTest.java
View File

@@ -2,19 +2,20 @@
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve;
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.util.Map;
import org.codesecure.dependencycheck.data.nvdcve.BaseIndexTestCase;
import org.junit.*;
/**
*
*
* @author Jeremy
*/
public class IndexIntegrationTest extends BaseIndexTestCase {
public class IndexUpdaterIntegrationTest extends BaseIndexTestCase {
public IndexIntegrationTest(String testName) {
public IndexUpdaterIntegrationTest(String testName) {
super(testName);
}
@@ -40,8 +41,8 @@ public class IndexIntegrationTest extends BaseIndexTestCase {
@Test
public void testRetrieveCurrentTimestampFromWeb() throws Exception {
System.out.println("retrieveCurrentTimestampFromWeb");
Index instance = new Index();
Map<String, Index.NvdCveUrl> result = instance.retrieveCurrentTimestampsFromWeb();
IndexUpdater instance = new IndexUpdater();
Map<String, IndexUpdater.NvdCveUrl> result = instance.retrieveCurrentTimestampsFromWeb();
assertEquals(12, result.size());
}
@@ -51,7 +52,7 @@ public class IndexIntegrationTest extends BaseIndexTestCase {
@Test
public void testUpdate() throws Exception {
System.out.println("update");
Index instance = new Index();
IndexUpdater instance = new IndexUpdater();
instance.update();
}
@@ -61,7 +62,7 @@ public class IndexIntegrationTest extends BaseIndexTestCase {
@Test
public void testUpdateNeeded() throws Exception {
System.out.println("updateNeeded");
Index instance = new Index();
IndexUpdater instance = new IndexUpdater();
instance.updateNeeded();
//if an exception is thrown this test fails. However, because it depends on the
// order of the tests what this will return I am just testing for the exception.

1
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParserTest.java
View File

@@ -9,7 +9,6 @@ import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.lucene.index.CorruptIndexException;
import org.codesecure.dependencycheck.data.nvdcve.InvalidDataException;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;

105
src/test/java/org/codesecure/dependencycheck/utils/CliParserTest.java
View File

@@ -53,7 +53,6 @@ public class CliParserTest extends TestCase {
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
@@ -73,7 +72,6 @@ public class CliParserTest extends TestCase {
assertFalse(instance.isGetVersion());
assertTrue(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
@@ -91,31 +89,6 @@ public class CliParserTest extends TestCase {
assertTrue(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar and cpe args, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_scan_cpe() throws Exception {
System.out.println("parse -cpe file -scan file");
String[] args = {"-scan", "file", "-cpe", "file"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (ParseException ex) {
assertTrue(ex.getMessage().contains("an option from this group has already been selected"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
@@ -146,7 +119,6 @@ public class CliParserTest extends TestCase {
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
@@ -170,8 +142,6 @@ public class CliParserTest extends TestCase {
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
@@ -194,7 +164,6 @@ public class CliParserTest extends TestCase {
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
@@ -215,78 +184,6 @@ public class CliParserTest extends TestCase {
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertTrue(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with cpe arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_cpe() throws Exception {
System.out.println("parse -cpe");
String[] args = {"-cpe"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (ParseException ex) {
assertTrue(ex.getMessage().contains("Missing argument"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_cpe_unknownFile() throws Exception {
System.out.println("parse -cpe cpe.that.does.not.exist");
String[] args = {"-cpe", "cpe.that.does.not.exist"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (FileNotFoundException ex) {
assertTrue(ex.getMessage().contains("Invalid file argument"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_cpe_withFileExists() throws Exception {
System.out.println("parse -cpe checkSumTest.file");
File path = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String[] args = {"-cpe", path.getCanonicalPath()};
CliParser instance = new CliParser();
instance.parse(args);
assertEquals(path.getCanonicalPath(), instance.getCpeFile());
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertTrue(instance.isLoadCPE());
}
/**
@@ -342,7 +239,7 @@ public class CliParserTest extends TestCase {
String text = (new String(baos.toByteArray()));
String[] lines = text.split(System.getProperty("line.separator"));
assertTrue(lines[0].startsWith("usage: "));
assertTrue((lines.length>2));
assertTrue((lines.length > 2));
} catch (IOException ex) {
System.setOut(out);
fail("CliParser.printVersionInfo did not write anything to system.out.");