github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 18:11:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added nupkg to the list of supported ZIP-like extensions

Browse Source 
Former-commit-id: 3f58b7c314f7e5a837da878602c44b19721995a1
This commit is contained in:
Will Stranathan
2014-01-24 07:09:45 -05:00
parent 108ecb7e12
commit b4ea2569e3
2 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java
View File

@@ -81,10 +81,17 @@ public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer {
* The phase that this analyzer is intended to run in. * The phase that this analyzer is intended to run in.
*/ */
private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INITIAL; private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INITIAL;
/**
* The set of things we can handle with Zip methods
*/
private static final Set<String> ZIPPABLES = newHashSet("zip", "ear", "war", "nupkg");
/** /**
* The set of file extensions supported by this analyzer. * The set of file extensions supported by this analyzer.
*/ */
private static final Set<String> EXTENSIONS = newHashSet("zip", "ear", "war", "tar", "gz", "tgz"); private static final Set<String> EXTENSIONS = newHashSet("tar", "gz", "tgz");
static {
EXTENSIONS.addAll(ZIPPABLES);
}
/** /**
* Returns a list of file EXTENSIONS supported by this analyzer. * Returns a list of file EXTENSIONS supported by this analyzer.
@@ -251,7 +258,7 @@ public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer {
} }
final String archiveExt = org.owasp.dependencycheck.utils.FileUtils.getFileExtension(archive.getName()).toLowerCase(); final String archiveExt = org.owasp.dependencycheck.utils.FileUtils.getFileExtension(archive.getName()).toLowerCase();
try { try {
if ("zip".equals(archiveExt) || "war".equals(archiveExt) || "ear".equals(archiveExt)) { if (ZIPPABLES.contains(archiveExt)) {
extractArchive(new ZipArchiveInputStream(new BufferedInputStream(fis)), destination, engine); extractArchive(new ZipArchiveInputStream(new BufferedInputStream(fis)), destination, engine);
} else if ("tar".equals(archiveExt)) { } else if ("tar".equals(archiveExt)) {
extractArchive(new TarArchiveInputStream(new BufferedInputStream(fis)), destination, engine); extractArchive(new TarArchiveInputStream(new BufferedInputStream(fis)), destination, engine);

5
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerTest.java
View File

@@ -69,6 +69,7 @@ public class ArchiveAnalyzerTest extends BaseIndexTestCase {
expResult.add("zip"); expResult.add("zip");
expResult.add("war"); expResult.add("war");
expResult.add("ear"); expResult.add("ear");
expResult.add("nupkg");
expResult.add("tar"); expResult.add("tar");
expResult.add("gz"); expResult.add("gz");
expResult.add("tgz"); expResult.add("tgz");
@@ -110,6 +111,10 @@ public class ArchiveAnalyzerTest extends BaseIndexTestCase {
extension = "zip"; //supported extension = "zip"; //supported
result = instance.supportsExtension(extension); result = instance.supportsExtension(extension);
assertEquals(expResult, result); assertEquals(expResult, result);
extension = "nupkg"; //supported
result = instance.supportsExtension(extension);
assertEquals(expResult, result);
} }
/** /**