github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-26 19:11:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

update to #657 to allow sorted vulnerable software in repots; also, sorting an array list is faster then building a treeset

Browse Source
This commit is contained in:
Jeremy Long
2017-02-21 06:38:31 -05:00
parent d31e0453bd
commit a5990ea6f3
3 changed files with 44 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
View File

@@ -18,10 +18,11 @@
package org.owasp.dependencycheck.dependency; package org.owasp.dependencycheck.dependency;
import java.io.Serializable; import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet; import java.util.HashSet;
import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import org.apache.commons.lang3.builder.CompareToBuilder; import org.apache.commons.lang3.builder.CompareToBuilder;
/** /**
@@ -139,6 +140,21 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
return references; return references;
} }
/**
* Returns the list of references. This is primarily used within the
* generated reports.
*
* @param sorted whether the returned list should be sorted
* @return the list of references
*/
public List<Reference> getReferences(boolean sorted) {
List<Reference> sortedRefs = new ArrayList<>(this.references);
if (sorted) {
Collections.sort(sortedRefs);
}
return sortedRefs;
}
/** /**
* Set the value of references. * Set the value of references.
* *
@@ -181,6 +197,21 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
return vulnerableSoftware; return vulnerableSoftware;
} }
/**
* Returns a sorted list of vulnerable software. This is primarily used for
* display within reports.
*
* @param sorted whether or not the list should be sorted
* @return the list of vulnerable software
*/
public List<VulnerableSoftware> getVulnerableSoftware(boolean sorted) {
List<VulnerableSoftware> sortedVulnerableSoftware = new ArrayList<>(this.vulnerableSoftware);
if (sorted) {
Collections.sort(sortedVulnerableSoftware);
}
return sortedVulnerableSoftware;
}
/** /**
* Set the value of vulnerableSoftware. * Set the value of vulnerableSoftware.
* *
@@ -398,15 +429,14 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
final StringBuilder sb = new StringBuilder("Vulnerability "); final StringBuilder sb = new StringBuilder("Vulnerability ");
sb.append(this.name); sb.append(this.name);
sb.append("\nReferences:\n"); sb.append("\nReferences:\n");
SortedSet<Reference> sortedReferences = new TreeSet<Reference>(this.references); for (Reference reference : getReferences(true)) {
for (Reference reference : sortedReferences) {
sb.append("=> "); sb.append("=> ");
sb.append(reference); sb.append(reference);
sb.append("\n"); sb.append("\n");
} }
sb.append("\nSoftware:\n"); sb.append("\nSoftware:\n");
SortedSet<VulnerableSoftware> sortedVulnerableSoftware = new TreeSet<VulnerableSoftware>(this.vulnerableSoftware);
for (VulnerableSoftware software : sortedVulnerableSoftware) { for (VulnerableSoftware software : getVulnerableSoftware(true)) {
sb.append("=> "); sb.append("=> ");
sb.append(software); sb.append(software);
sb.append("\n"); sb.append("\n");

8
dependency-check-core/src/main/resources/templates/HtmlReport.vsl
View File

@@ -842,7 +842,7 @@ Getting Help: <a href="https://groups.google.com/forum/#!forum/dependency-check"
<p>$enc.html($vuln.description) <p>$enc.html($vuln.description)
#if ($vuln.getReferences().size()>0) #if ($vuln.getReferences().size()>0)
<ul> <ul>
#foreach($ref in $vuln.getReferences()) #foreach($ref in $vuln.getReferences(true))
<li>$enc.html($ref.source) - <a target="_blank" href="$enc.html($ref.url)">$ref.name</a></li> <li>$enc.html($ref.source) - <a target="_blank" href="$enc.html($ref.url)">$ref.name</a></li>
#end #end
</ul> </ul>
@@ -857,7 +857,7 @@ Getting Help: <a href="https://groups.google.com/forum/#!forum/dependency-check"
<p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs$vsctr', 'show all', 'show less');">show all</a>)<ul> <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs$vsctr', 'show all', 'show less');">show all</a>)<ul>
<li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedCPE)">$enc.html($vuln.matchedCPE)</a> #if($vuln.hasMatchedAllPreviousCPE()) and all previous versions#end</li> <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedCPE)">$enc.html($vuln.matchedCPE)</a> #if($vuln.hasMatchedAllPreviousCPE()) and all previous versions#end</li>
<li class="vs$vsctr">...</li> <li class="vs$vsctr">...</li>
#foreach($vs in $vuln.getVulnerableSoftware()) #foreach($vs in $vuln.getVulnerableSoftware(true))
<li class="vs$vsctr hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.name)">$enc.html($vs.name)</a> #if($vs.hasPreviousVersion()) and all previous versions#end</li> <li class="vs$vsctr hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.name)">$enc.html($vs.name)</a> #if($vs.hasPreviousVersion()) and all previous versions#end</li>
#end #end
</ul></p> </ul></p>
@@ -977,7 +977,7 @@ Getting Help: <a href="https://groups.google.com/forum/#!forum/dependency-check"
<p>$enc.html($vuln.description) <p>$enc.html($vuln.description)
#if ($vuln.getReferences().size()>0) #if ($vuln.getReferences().size()>0)
<ul> <ul>
#foreach($ref in $vuln.getReferences()) #foreach($ref in $vuln.getReferences(true))
<li>$enc.html($ref.source) - <a target="_blank" href="$enc.html($ref.url)">$ref.name</a></li> <li>$enc.html($ref.source) - <a target="_blank" href="$enc.html($ref.url)">$ref.name</a></li>
#end #end
</ul> </ul>
@@ -991,7 +991,7 @@ Getting Help: <a href="https://groups.google.com/forum/#!forum/dependency-check"
<p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs$vsctr', 'show all', 'show less');">show all</a>)<ul> <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs$vsctr', 'show all', 'show less');">show all</a>)<ul>
<li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedCPE)">$enc.html($vuln.matchedCPE)</a> #if($vuln.hasMatchedAllPreviousCPE()) and all previous versions#end</li> <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedCPE)">$enc.html($vuln.matchedCPE)</a> #if($vuln.hasMatchedAllPreviousCPE()) and all previous versions#end</li>
<li class="vs$vsctr">...</li> <li class="vs$vsctr">...</li>
#foreach($vs in $vuln.getVulnerableSoftware()) #foreach($vs in $vuln.getVulnerableSoftware(true))
<li class="vs$vsctr hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.name)">$enc.html($vs.name)</a> #if($vs.hasPreviousVersion()) and all previous versions#end</li> <li class="vs$vsctr hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.name)">$enc.html($vs.name)</a> #if($vs.hasPreviousVersion()) and all previous versions#end</li>
#end #end
</ul></p> </ul></p>

8
dependency-check-core/src/main/resources/templates/XmlReport.vsl
View File

@@ -141,7 +141,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#end #end
<description>$enc.xml($vuln.description)</description> <description>$enc.xml($vuln.description)</description>
<references> <references>
#foreach($ref in $vuln.getReferences()) #foreach($ref in $vuln.getReferences(true))
<reference> <reference>
<source>$enc.xml($ref.source)</source> <source>$enc.xml($ref.source)</source>
<url>$enc.xml($ref.url)</url> <url>$enc.xml($ref.url)</url>
@@ -150,7 +150,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#end #end
</references> </references>
<vulnerableSoftware> <vulnerableSoftware>
#foreach($vs in $vuln.getVulnerableSoftware()) #foreach($vs in $vuln.getVulnerableSoftware(true))
<software#if($vs.hasPreviousVersion()) allPreviousVersion="true"#end>$enc.xml($vs.name)</software> <software#if($vs.hasPreviousVersion()) allPreviousVersion="true"#end>$enc.xml($vs.name)</software>
#end #end
</vulnerableSoftware> </vulnerableSoftware>
@@ -172,7 +172,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#end #end
<description>$enc.xml($vuln.description)</description> <description>$enc.xml($vuln.description)</description>
<references> <references>
#foreach($ref in $vuln.getReferences()) #foreach($ref in $vuln.getReferences(true))
<reference> <reference>
<source>$enc.xml($ref.source)</source> <source>$enc.xml($ref.source)</source>
<url>$enc.xml($ref.url)</url> <url>$enc.xml($ref.url)</url>
@@ -181,7 +181,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#end #end
</references> </references>
<vulnerableSoftware> <vulnerableSoftware>
#foreach($vs in $vuln.getVulnerableSoftware()) #foreach($vs in $vuln.getVulnerableSoftware(true))
<software#if($vs.hasPreviousVersion()) allPreviousVersion="true"#end>$enc.xml($vs.name)</software> <software#if($vs.hasPreviousVersion()) allPreviousVersion="true"#end>$enc.xml($vs.name)</software>
#end #end
</vulnerableSoftware> </vulnerableSoftware>