diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java index 3b5e1fc0b..f54167ec0 100644 --- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java +++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java @@ -279,6 +279,7 @@ public class App { final String cveMod20 = cli.getModifiedCve20Url(); final String cveBase12 = cli.getBaseCve12Url(); final String cveBase20 = cli.getBaseCve20Url(); + final Integer cveValidForHours = cli.getCveValidForHours(); if (propertiesFile != null) { try { @@ -326,6 +327,9 @@ public class App { if (suppressionFile != null && !suppressionFile.isEmpty()) { Settings.setString(Settings.KEYS.SUPPRESSION_FILE, suppressionFile); } + if (cveValidForHours != null) { + Settings.setInt(Settings.KEYS.CVE_CHECK_VALID_FOR_HOURS, cveValidForHours); + } //File Type Analyzer Settings Settings.setBoolean(Settings.KEYS.ANALYZER_JAR_ENABLED, !cli.isJarDisabled()); diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java index 3364b53bc..a9e8b955b 100644 --- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java +++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java @@ -90,6 +90,19 @@ public final class CliParser { * @throws ParseException is thrown if there is an exception parsing the command line. */ private void validateArgs() throws FileNotFoundException, ParseException { + if (isUpdateOnly() || isRunScan()) { + String value = line.getOptionValue(ARGUMENT.CVE_VALID_FOR_HOURS); + if (value != null) { + try { + int i = Integer.parseInt(value); + if (i < 0) { + throw new ParseException("Invalid Setting: cveValidForHours must be a number greater than or equal to 0."); + } + } catch (NumberFormatException ex) { + throw new ParseException("Invalid Setting: cveValidForHours must be a number greater than or equal to 0."); + } + } + } if (isRunScan()) { validatePathExists(getScanFiles(), ARGUMENT.SCAN); validatePathExists(getReportDirectory(), ARGUMENT.OUT); @@ -255,6 +268,10 @@ public final class CliParser { .desc("The file path to the suppression XML file.") .build(); + final Option cveValidForHours = Option.builder().argName("hours").hasArg().longOpt(ARGUMENT.CVE_VALID_FOR_HOURS) + .desc("The number of hours to wait before checking for new updates from the NVD.") + .build(); + //This is an option group because it can be specified more then once. final OptionGroup og = new OptionGroup(); og.addOption(path); @@ -274,7 +291,8 @@ public final class CliParser { .addOption(symLinkDepth) .addOption(props) .addOption(verboseLog) - .addOption(suppressionFile); + .addOption(suppressionFile) + .addOption(cveValidForHours); } /** @@ -970,6 +988,15 @@ public final class CliParser { return line.getOptionValue(ARGUMENT.ADDITIONAL_ZIP_EXTENSIONS); } + /** + * Get the value of cveValidForHours + * + * @return the value of cveValidForHours + */ + public Integer getCveValidForHours() { + return Integer.parseInt(line.getOptionValue(ARGUMENT.CVE_VALID_FOR_HOURS)); + } + /** * A collection of static final strings that represent the possible command line arguments. */ @@ -1133,6 +1160,10 @@ public final class CliParser { * The CLI argument name for setting the location of the suppression file. */ public static final String SUPPRESSION_FILE = "suppression"; + /** + * The CLI argument name for setting the location of the suppression file. + */ + public static final String CVE_VALID_FOR_HOURS = "cveValidForHours"; /** * Disables the Jar Analyzer. */