From a82537fed98d5717d4ce936a27c30bde006cef90 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 1 Sep 2013 15:11:49 -0400 Subject: [PATCH] minor checkstyle updates Former-commit-id: 937ba487b5a25de622f81fa9bdc54daf0e15c18e --- .../dependencycheck/analyzer/NvdCveAnalyzer.java | 3 --- .../concurrency/DirectoryLockException.java | 3 +++ .../concurrency/DirectorySpinLock.java | 2 +- .../concurrency/InvalidDirectoryException.java | 3 +++ .../concurrency/package-info.java | 11 +++++++++++ .../dependencycheck/data/cpe/BaseIndex.java | 13 +++++++++++-- .../dependencycheck/data/cpe/CpeIndexReader.java | 2 +- .../dependencycheck/data/cpe/CpeIndexWriter.java | 2 +- .../data/nvdcve/NvdCve20Handler.java | 2 -- .../data/update/DataStoreMetaInfo.java | 2 +- .../data/update/DatabaseUpdater.java | 16 ++++++++++++---- .../dependencycheck/data/update/NvdCveInfo.java | 2 ++ .../owasp/dependencycheck/utils/FileUtils.java | 9 ++++++--- 13 files changed, 52 insertions(+), 18 deletions(-) create mode 100644 dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/package-info.java diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java index d7e1f7c74..7c6be8a04 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java @@ -23,12 +23,9 @@ import java.sql.SQLException; import java.util.List; import java.util.Set; import org.owasp.dependencycheck.Engine; -import org.owasp.dependencycheck.analyzer.AnalysisException; -import org.owasp.dependencycheck.analyzer.AnalysisPhase; import org.owasp.dependencycheck.dependency.Dependency; import org.owasp.dependencycheck.dependency.Vulnerability; import org.owasp.dependencycheck.dependency.Identifier; -import org.owasp.dependencycheck.analyzer.Analyzer; import org.owasp.dependencycheck.data.nvdcve.CveDB; import org.owasp.dependencycheck.data.nvdcve.DatabaseException; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectoryLockException.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectoryLockException.java index 5985152a1..3fbc7ae95 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectoryLockException.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectoryLockException.java @@ -25,6 +25,9 @@ package org.owasp.dependencycheck.concurrency; */ public class DirectoryLockException extends Exception { + /** + * Default serial version UID. + */ private static final long serialVersionUID = 1L; /** diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectorySpinLock.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectorySpinLock.java index 001f344bf..2261846ed 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectorySpinLock.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectorySpinLock.java @@ -219,7 +219,7 @@ public class DirectorySpinLock implements Closeable /*, AutoCloseable*/ { /** * Releases any locks and closes the underlying channel. * - * @throws IOException + * @throws IOException if an IO Exception occurs */ @Override public void close() throws IOException { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/InvalidDirectoryException.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/InvalidDirectoryException.java index 3faa54ffa..08b29acff 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/InvalidDirectoryException.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/InvalidDirectoryException.java @@ -25,6 +25,9 @@ package org.owasp.dependencycheck.concurrency; */ public class InvalidDirectoryException extends Exception { + /** + * Default serial version UID. + */ private static final long serialVersionUID = 1L; /** diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/package-info.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/package-info.java new file mode 100644 index 000000000..ab7fba4fd --- /dev/null +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/package-info.java @@ -0,0 +1,11 @@ +/** + * + * + * org.owasp.dependencycheck.concurrency + * + * + * Contains classes used to create shared and exclusive locks on directories. + * + * + */ +package org.owasp.dependencycheck.concurrency; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/BaseIndex.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/BaseIndex.java index 1f6e84d91..f895a99e8 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/BaseIndex.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/BaseIndex.java @@ -36,11 +36,20 @@ public abstract class BaseIndex { /** * The Lucene directory containing the index. */ - protected Directory directory; + private Directory directory; /** * Indicates whether or not the Lucene Index is open. */ - protected boolean indexOpen = false; + private boolean indexOpen = false; + + /** + * Gets the directory. + * + * @return the directory + */ + public Directory getDirectory() { + return directory; + } /** * Opens the CPE Index. diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexReader.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexReader.java index dfee343e5..68f9344f4 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexReader.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexReader.java @@ -79,7 +79,7 @@ public class CpeIndexReader extends BaseIndex { public void open() throws IOException { //TODO add spinlock (shared) super.open(); - indexReader = DirectoryReader.open(directory); + indexReader = DirectoryReader.open(getDirectory()); indexSearcher = new IndexSearcher(indexReader); searchingAnalyzer = createSearchingAnalyzer(); queryParser = new QueryParser(Version.LUCENE_43, Fields.DOCUMENT_KEY, searchingAnalyzer); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexWriter.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexWriter.java index cc4c194c4..7efe09f7c 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexWriter.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexWriter.java @@ -63,7 +63,7 @@ public class CpeIndexWriter extends BaseIndex { super.open(); indexingAnalyzer = createIndexingAnalyzer(); final IndexWriterConfig conf = new IndexWriterConfig(Version.LUCENE_43, indexingAnalyzer); - indexWriter = new IndexWriter(directory, conf); + indexWriter = new IndexWriter(getDirectory(), conf); } /** diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java index 0a4b439f9..da5686320 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java @@ -25,8 +25,6 @@ import java.util.logging.Level; import java.util.logging.Logger; import org.apache.lucene.index.CorruptIndexException; import org.owasp.dependencycheck.data.cpe.CpeIndexWriter; -import org.owasp.dependencycheck.data.nvdcve.CveDB; -import org.owasp.dependencycheck.data.nvdcve.DatabaseException; import org.owasp.dependencycheck.dependency.Reference; import org.owasp.dependencycheck.dependency.Vulnerability; import org.owasp.dependencycheck.dependency.VulnerableSoftware; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.java index 3d25c8e22..d589abe6a 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.java @@ -104,7 +104,7 @@ public class DataStoreMetaInfo { * Loads the data's meta properties. */ private void loadProperties() { - File file = getPropertiesFile(); + final File file = getPropertiesFile(); if (file.exists()) { InputStream is = null; try { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java index 9af48b57b..f69ae3c63 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java @@ -54,6 +54,7 @@ import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.BATCH; import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.MODIFIED; /** + * Class responsible for updating the CPE and NVDCVE data stores. * * @author Jeremy Long (jeremy.long@owasp.org) */ @@ -74,7 +75,7 @@ public class DatabaseUpdater implements CachedWebDataSource { /** * A flag indicating whether or not the batch update should be performed. */ - protected boolean doBatchUpdate; + private boolean doBatchUpdate; /** * Get the value of doBatchUpdate @@ -266,6 +267,12 @@ public class DatabaseUpdater implements CachedWebDataSource { } } + /** + * Performs the batch update based on the configured batch update URL. + * + * @throws UpdateException thrown if there is an exception during the update + * process + */ private void performBatchUpdate() throws UpdateException { if (properties.isBatchUpdateMode() && doBatchUpdate) { final String batchSrc = Settings.getString(Settings.KEYS.BATCH_UPDATE_URL); @@ -419,7 +426,7 @@ public class DatabaseUpdater implements CachedWebDataSource { } } - NvdCveInfo batchInfo = currentlyPublished.get(BATCH); + final NvdCveInfo batchInfo = currentlyPublished.get(BATCH); if (properties.isBatchUpdateMode() && batchInfo != null) { final long lastUpdated = Long.parseLong(properties.getProperty(DataStoreMetaInfo.BATCH, "0")); if (lastUpdated != batchInfo.getTimestamp()) { @@ -477,7 +484,8 @@ public class DatabaseUpdater implements CachedWebDataSource { } } } catch (NumberFormatException ex) { - Logger.getLogger(DataStoreMetaInfo.class.getName()).log(Level.WARNING, "An invalid schema version or timestamp exists in the data.properties file."); + final String msg = "An invalid schema version or timestamp exists in the data.properties file."; + Logger.getLogger(DataStoreMetaInfo.class.getName()).log(Level.WARNING, msg); Logger.getLogger(DataStoreMetaInfo.class.getName()).log(Level.FINE, null, ex); setDoBatchUpdate(properties.isBatchUpdateMode()); } @@ -521,7 +529,7 @@ public class DatabaseUpdater implements CachedWebDataSource { final Map map = new TreeMap(); String retrieveUrl = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL); if (retrieveUrl == null && properties.isBatchUpdateMode()) { - NvdCveInfo item = new NvdCveInfo(); + final NvdCveInfo item = new NvdCveInfo(); retrieveUrl = Settings.getString(Settings.KEYS.BATCH_UPDATE_URL); if (retrieveUrl == null) { final String msg = "Invalid configuration - neither the modified or batch update URLs are specified in the configuration."; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveInfo.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveInfo.java index 76af51cf3..7a27a9124 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveInfo.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveInfo.java @@ -20,6 +20,8 @@ package org.owasp.dependencycheck.data.update; /** * A pojo that contains the Url and timestamp of the current NvdCve XML files. + * + * @author Jeremy Long (jeremy.long@owasp.org) */ public class NvdCveInfo { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java index 3958b1a90..9d0c1108f 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java @@ -32,7 +32,6 @@ import java.util.logging.Logger; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; import org.owasp.dependencycheck.Engine; -import org.owasp.dependencycheck.analyzer.AnalysisException; import org.owasp.dependencycheck.analyzer.ArchiveAnalyzer; /** @@ -81,8 +80,11 @@ public final class FileUtils { delete(c); } } - if (!file.delete()) { + if (!org.apache.commons.io.FileUtils.deleteQuietly(file)) { + //if (!file.delete()) { throw new FileNotFoundException("Failed to delete file: " + file); + } else { + file.deleteOnExit(); } } @@ -102,7 +104,8 @@ public final class FileUtils { delete(c); } } - if (!file.delete()) { + if (!org.apache.commons.io.FileUtils.deleteQuietly(file)) { + //if (!file.delete()) { if (deleteOnExit) { file.deleteOnExit(); } else {