From c4ee53e1474dd0f71f73c50b16fce762588d250f Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sun, 3 Sep 2017 21:10:13 -0400
Subject: [PATCH] updated init logic

---
 .../analyzer/HintAnalyzer.java                | 44 +++++++++----------
 .../dependencycheck/xml/hints/HintParser.java | 18 ++++----
 2 files changed, 30 insertions(+), 32 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
index edc20a90a..ca8d0fdfc 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
@@ -71,7 +71,6 @@ public class HintAnalyzer extends AbstractAnalyzer {
      * The array of vendor duplicating hint rules.
      */
     private VendorDuplicatingHintRule[] vendorHints;
-
     /**
      * The name of the analyzer.
      */
@@ -221,21 +220,20 @@ public class HintAnalyzer extends AbstractAnalyzer {
      * @throws HintParseException thrown if the XML cannot be parsed.
      */
     private void loadHintRules() throws HintParseException {
-        if (hints == null) {
-            final HintParser parser = new HintParser();
-            File file = null;
-            try {
-                parser.parseHints(FileUtils.getResourceAsStream(HINT_RULE_FILE_NAME));
-                hints = parser.getHintRules();
-                vendorHints = parser.getVendorDuplicatingHintRules();
-            } catch (HintParseException | SAXException ex) {
-                LOGGER.error("Unable to parse the base hint data file");
-                LOGGER.debug("Unable to parse the base hint data file", ex);
-            }
-            final String filePath = getSettings().getString(Settings.KEYS.HINTS_FILE);
-            if (filePath == null) {
-                return;
-            }
+        List<HintRule> localHints;
+        List<VendorDuplicatingHintRule> localVendorHints;
+        final HintParser parser = new HintParser();
+        File file = null;
+        try {
+            parser.parseHints(FileUtils.getResourceAsStream(HINT_RULE_FILE_NAME));
+        } catch (SAXException ex) {
+            throw new HintParseException("Error parsing hinits: " + ex.getMessage(), ex);
+        }
+        localHints = parser.getHintRules();
+        localVendorHints = parser.getVendorDuplicatingHintRules();
+
+        final String filePath = getSettings().getString(Settings.KEYS.HINTS_FILE);
+        if (filePath != null) {
             boolean deleteTempFile = false;
             try {
                 final Pattern uriRx = Pattern.compile("^(https?|file)\\:.*", Pattern.CASE_INSENSITIVE);
@@ -269,14 +267,12 @@ public class HintAnalyzer extends AbstractAnalyzer {
                 if (file != null) {
                     try {
                         parser.parseHints(file);
-                        if (parser.getHintRules() != null && parser.getHintRules().length > 0) {
-                            hints = (HintRule[]) ArrayUtils.addAll(hints, parser.getHintRules());
+                        if (parser.getHintRules() != null && !parser.getHintRules().isEmpty()) {
+                            localHints.addAll(parser.getHintRules());
                         }
-                        if (parser.getVendorDuplicatingHintRules() != null && parser.getVendorDuplicatingHintRules().length > 0) {
-                            vendorHints = (VendorDuplicatingHintRule[]) ArrayUtils.addAll(vendorHints, parser.getVendorDuplicatingHintRules());
+                        if (parser.getVendorDuplicatingHintRules() != null && !parser.getVendorDuplicatingHintRules().isEmpty()) {
+                            localVendorHints.addAll(parser.getVendorDuplicatingHintRules());
                         }
-                        LOGGER.debug("{} hint rules were loaded.", hints.length);
-                        LOGGER.debug("{} duplicating hint rules were loaded.", vendorHints.length);
                     } catch (HintParseException ex) {
                         LOGGER.warn("Unable to parse hint rule xml file '{}'", file.getPath());
                         LOGGER.warn(ex.getMessage());
@@ -296,5 +292,9 @@ public class HintAnalyzer extends AbstractAnalyzer {
                 }
             }
         }
+        hints = (HintRule[]) localHints.toArray(new HintRule[localHints.size()]);
+        vendorHints = (VendorDuplicatingHintRule[]) localVendorHints.toArray(new VendorDuplicatingHintRule[localVendorHints.size()]);
+        LOGGER.debug("{} hint rules were loaded.", hints.length);
+        LOGGER.debug("{} duplicating hint rules were loaded.", vendorHints.length);
     }
 }
diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintParser.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintParser.java
index eed43c680..41f447ec4 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintParser.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintParser.java
@@ -25,7 +25,7 @@ import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import java.util.List;
-import javax.annotation.concurrent.ThreadSafe;
+import javax.annotation.concurrent.NotThreadSafe;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParser;
 
@@ -43,7 +43,7 @@ import org.xml.sax.XMLReader;
  *
  * @author Jeremy Long
  */
-@ThreadSafe
+@NotThreadSafe
 public class HintParser {
 
     /**
@@ -79,11 +79,11 @@ public class HintParser {
     /**
      * The hint rules.
      */
-    private HintRule[] hintRules;
+    private List<HintRule> hintRules;
     /**
      * The vendor duplicating hint rules.
      */
-    private VendorDuplicatingHintRule[] vendorDuplicatingHintRules;
+    private List<VendorDuplicatingHintRule> vendorDuplicatingHintRules;
 
     /**
      * Returns the hint rules.
@@ -91,7 +91,7 @@ public class HintParser {
      * @return the hint rules
      */
     @SuppressWarnings({"EI_EXPOSE_REP", "EI_EXPOSE_REP2"})
-    public HintRule[] getHintRules() {
+    public List<HintRule> getHintRules() {
         return hintRules;
     }
 
@@ -100,7 +100,7 @@ public class HintParser {
      *
      * @return the vendor duplicating hint rules
      */
-    public VendorDuplicatingHintRule[] getVendorDuplicatingHintRules() {
+    public List<VendorDuplicatingHintRule> getVendorDuplicatingHintRules() {
         return vendorDuplicatingHintRules;
     }
 
@@ -159,10 +159,8 @@ public class HintParser {
             try (Reader reader = new InputStreamReader(inputStream, "UTF-8")) {
                 final InputSource in = new InputSource(reader);
                 xmlReader.parse(in);
-                final List<HintRule> tmpRules = handler.getHintRules();
-                this.hintRules = tmpRules.toArray(new HintRule[tmpRules.size()]);
-                final List<VendorDuplicatingHintRule> tmpVDR = handler.getVendorDuplicatingHintRules();
-                this.vendorDuplicatingHintRules = tmpVDR.toArray(new VendorDuplicatingHintRule[tmpVDR.size()]);
+                this.hintRules = handler.getHintRules();
+                this.vendorDuplicatingHintRules = handler.getVendorDuplicatingHintRules();
             }
         } catch (ParserConfigurationException | FileNotFoundException ex) {
             LOGGER.debug("", ex);