From bff22a4e4eba3cfea6032c4f1dc5a3b39ac2cae3 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 1 Feb 2014 08:20:24 -0500 Subject: [PATCH] explicitly closed the FileOutputStream after writting the assembly Former-commit-id: 70d6fbcd06acad1cb950c7dff8829891cd5c4721 --- .../analyzer/AssemblyAnalyzer.java | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java index 1cf6ae07e..10ebef16a 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java @@ -26,13 +26,11 @@ import java.util.List; import java.util.Set; import java.util.logging.Level; import java.util.logging.Logger; - import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.xpath.XPath; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory; - import org.owasp.dependencycheck.Engine; import org.owasp.dependencycheck.dependency.Confidence; import org.owasp.dependencycheck.dependency.Dependency; @@ -42,13 +40,13 @@ import org.w3c.dom.Document; import org.xml.sax.SAXException; /** - * Analyzer for getting company, product, and version information - * from a .NET assembly. + * Analyzer for getting company, product, and version information from a .NET assembly. * * @author colezlaw * */ public class AssemblyAnalyzer extends AbstractAnalyzer { + /** * The analyzer name */ @@ -76,6 +74,7 @@ public class AssemblyAnalyzer extends AbstractAnalyzer { /** * Builds the beginnings of a List for ProcessBuilder + * * @return the list of arguments to begin populating the ProcessBuilder */ private List buildArgumentList() { @@ -95,6 +94,7 @@ public class AssemblyAnalyzer extends AbstractAnalyzer { /** * Performs the analysis on a single Dependency. + * * @param dependency the dependency to analyze * @param engine the engine to perform the analysis under * @throws AnalysisException if anything goes sideways @@ -150,8 +150,8 @@ public class AssemblyAnalyzer extends AbstractAnalyzer { } /** - * Initialize the analyzer. In this case, extract GrokAssembly.exe - * to a temporary location. + * Initialize the analyzer. In this case, extract GrokAssembly.exe to a temporary location. + * * @throws Exception if anything goes wrong */ @Override @@ -168,6 +168,9 @@ public class AssemblyAnalyzer extends AbstractAnalyzer { while ((bread = is.read(buff)) >= 0) { fos.write(buff, 0, bread); } + fos.flush(); + fos.close(); + fos = null; grokAssemblyExe = tempFile; // Set the temp file to get deleted when we're done grokAssemblyExe.deleteOnExit(); @@ -221,6 +224,7 @@ public class AssemblyAnalyzer extends AbstractAnalyzer { /** * Gets the set of extensions supported by this analyzer. + * * @return the list of supported extensions */ @Override @@ -240,6 +244,7 @@ public class AssemblyAnalyzer extends AbstractAnalyzer { /** * Gets whether the analyzer supports the provided extension. + * * @param extension the extension to check * @return whether the analyzer supports the extension */