github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-22 09:09:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

updated logging

Browse Source 
Former-commit-id: d1f027c888ef83e8b2b223f3864eedbd730aa8ce
This commit is contained in:
Jeremy Long
2013-06-15 23:42:45 -04:00
parent 5a6a3dc17f
commit cb50651764
13 changed files with 85 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/main/java/org/owasp/dependencycheck/App.java
View File

@@ -81,16 +81,16 @@ public class App {
LogManager.getLogManager().reset(); LogManager.getLogManager().reset();
LogManager.getLogManager().readConfiguration(in); LogManager.getLogManager().readConfiguration(in);
} catch (IOException ex) { } catch (IOException ex) {
System.err.println(ex.toString()); Logger.getLogger(App.class.getName()).log(Level.FINE, "IO Error preparing the logger", ex);
Logger.getLogger(App.class.getName()).log(Level.SEVERE, null, ex);
} catch (SecurityException ex) { } catch (SecurityException ex) {
Logger.getLogger(App.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(App.class.getName()).log(Level.FINE, "Error preparing the logger", ex);
} finally { } finally {
try { if (in != null) {
in.close(); try {
} catch (Exception ex) { in.close();
//ignore } catch (Exception ex) {
in = null; Logger.getLogger(App.class.getName()).log(Level.FINEST, null, ex);
}
} }
} }
} }
@@ -108,12 +108,10 @@ public class App {
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
System.err.println(ex.getMessage()); System.err.println(ex.getMessage());
cli.printHelp(); cli.printHelp();
Logger.getLogger(App.class.getName()).log(Level.WARNING, null, ex);
return; return;
} catch (ParseException ex) { } catch (ParseException ex) {
System.err.println(ex.getMessage()); System.err.println(ex.getMessage());
cli.printHelp(); cli.printHelp();
Logger.getLogger(App.class.getName()).log(Level.INFO, null, ex);
return; return;
} }
@@ -151,9 +149,11 @@ public class App {
try { try {
report.generateReports(reportDirectory, outputFormat); report.generateReports(reportDirectory, outputFormat);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(App.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(App.class.getName()).log(Level.SEVERE, "There was an IO error while attempting to generate the report.");
Logger.getLogger(App.class.getName()).log(Level.INFO, null, ex);
} catch (Exception ex) { } catch (Exception ex) {
Logger.getLogger(App.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(App.class.getName()).log(Level.SEVERE, "There was an error while attempting to generate the report.");
Logger.getLogger(App.class.getName()).log(Level.INFO, null, ex);
} }
} }

23
src/main/java/org/owasp/dependencycheck/Engine.java
View File

@@ -71,7 +71,7 @@ public class Engine {
try { try {
autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE); autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
} catch (InvalidSettingException ex) { } catch (InvalidSettingException ex) {
Logger.getLogger(Engine.class.getName()).log(Level.WARNING, "Invalid setting for auto-update."); Logger.getLogger(Engine.class.getName()).log(Level.FINE, "Invalid setting for auto-update; using true.");
} }
if (autoUpdate) { if (autoUpdate) {
doUpdates(); doUpdates();
@@ -192,8 +192,9 @@ public class Engine {
*/ */
protected void scanFile(File file) { protected void scanFile(File file) {
if (!file.isFile()) { if (!file.isFile()) {
final String msg = String.format("Path passed to scanFile(File) is not a file: %s.", file.toString()); final String msg = String.format("Path passed to scanFile(File) is not a file: %s. Skipping the file.", file.toString());
Logger.getLogger(Engine.class.getName()).log(Level.WARNING, msg); Logger.getLogger(Engine.class.getName()).log(Level.FINE, msg);
return;
} }
final String fileName = file.getName(); final String fileName = file.getName();
final String extension = FileUtils.getFileExtension(fileName); final String extension = FileUtils.getFileExtension(fileName);
@@ -220,12 +221,13 @@ public class Engine {
try { try {
a.initialize(); a.initialize();
} catch (Exception ex) { } catch (Exception ex) {
Logger.getLogger(Engine.class.getName()).log(Level.SEVERE, final String msg = String.format("\"Exception occurred initializing \"%s\".\"", a.getName());
"Exception occurred initializing " + a.getName() + ".", ex); Logger.getLogger(Engine.class.getName()).log(Level.SEVERE, msg);
Logger.getLogger(Engine.class.getName()).log(Level.INFO, msg, ex);
try { try {
a.close(); a.close();
} catch (Exception ex1) { } catch (Exception ex1) {
Logger.getLogger(Engine.class.getName()).log(Level.FINER, null, ex1); Logger.getLogger(Engine.class.getName()).log(Level.FINEST, null, ex1);
} }
} }
} }
@@ -261,7 +263,7 @@ public class Engine {
try { try {
a.close(); a.close();
} catch (Exception ex) { } catch (Exception ex) {
Logger.getLogger(Engine.class.getName()).log(Level.WARNING, null, ex); Logger.getLogger(Engine.class.getName()).log(Level.FINEST, null, ex);
} }
} }
} }
@@ -280,9 +282,10 @@ public class Engine {
} catch (UpdateException ex) { } catch (UpdateException ex) {
Logger.getLogger(Engine.class.getName()).log(Level.WARNING, Logger.getLogger(Engine.class.getName()).log(Level.WARNING,
"Unable to update Cached Web DataSource, using local data instead. Results may not include recent vulnerabilities."); "Unable to update Cached Web DataSource, using local data instead. Results may not include recent vulnerabilities.");
Logger.getLogger(Engine.class.getName()).log(Level.INFO, Logger.getLogger(Engine.class.getName()).log(Level.FINE,
String.format("Unable to update details for %s", String.format("Unable to update Cached Web DataSource, using local data instead. Results may not include recent "
source.getClass().getName()), ex); + "vulnerabilities. Unable to update details for %s",
source.getClass().getName()), ex);
} }
} }
} }

2
src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
View File

@@ -105,7 +105,7 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
try { try {
deepScan = Settings.getBoolean(Settings.KEYS.PERFORM_DEEP_SCAN); deepScan = Settings.getBoolean(Settings.KEYS.PERFORM_DEEP_SCAN);
} catch (InvalidSettingException ex) { } catch (InvalidSettingException ex) {
Logger.getLogger(FalsePositiveAnalyzer.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(FalsePositiveAnalyzer.class.getName()).log(Level.INFO, "deepscan setting is incorrect; expected a boolean.", ex);
} }
if (!deepScan) { if (!deepScan) {
removeSpuriousCPE(dependency); removeSpuriousCPE(dependency);

15
src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -239,17 +239,19 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
final String msg = String.format("Unable to read JarFile '%s'.", dependency.getActualFilePath()); final String msg = String.format("Unable to read JarFile '%s'.", dependency.getActualFilePath());
final AnalysisException ax = new AnalysisException(msg, ex); final AnalysisException ax = new AnalysisException(msg, ex);
dependency.getAnalysisExceptions().add(ax); dependency.getAnalysisExceptions().add(ax);
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg, ex); Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg);
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.INFO, msg, ex);
return foundSomething; return foundSomething;
} }
List<String> pomEntries; List<String> pomEntries;
try { try {
pomEntries = retrievePomListing(jar); pomEntries = retrievePomListing(jar);
} catch (IOException ex) { } catch (IOException ex) {
final String msg = String.format("Unable to read JarEntries in '%s'.", dependency.getActualFilePath()); final String msg = String.format("Unable to read Jar file entries in '%s'.", dependency.getActualFilePath());
final AnalysisException ax = new AnalysisException(msg, ex); final AnalysisException ax = new AnalysisException(msg, ex);
dependency.getAnalysisExceptions().add(ax); dependency.getAnalysisExceptions().add(ax);
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg, ex); Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg);
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.INFO, msg, ex);
return foundSomething; return foundSomething;
} }
@@ -268,10 +270,11 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
path, dependency.getFilePath()); path, dependency.getFilePath());
final AnalysisException ax = new AnalysisException(msg, ex); final AnalysisException ax = new AnalysisException(msg, ex);
dependency.getAnalysisExceptions().add(ax); dependency.getAnalysisExceptions().add(ax);
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.WARNING, msg); Logger.getLogger(JarAnalyzer.class.getName()).log(Level.INFO, msg, ax);
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.SEVERE, msg, ax);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.SEVERE, null, ex); final String msg = String.format("Unable to retrieve POM '%s' in '%s'",
path, dependency.getFilePath());
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.INFO, msg, ex);
} }
foundSomething = setPomEvidence(dependency, pom, pomProperties) || foundSomething; foundSomething = setPomEvidence(dependency, pom, pomProperties) || foundSomething;
} }

2
src/main/java/org/owasp/dependencycheck/data/cpe/Entry.java
View File

@@ -49,7 +49,7 @@ public class Entry implements Serializable {
try { try {
entry.parseName(doc.get(Fields.NAME)); entry.parseName(doc.get(Fields.NAME));
} catch (UnsupportedEncodingException ex) { } catch (UnsupportedEncodingException ex) {
Logger.getLogger(Entry.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(Entry.class.getName()).log(Level.FINE, null, ex);
entry.name = doc.get(Fields.NAME); entry.name = doc.get(Fields.NAME);
} }
return entry; return entry;

8
src/main/java/org/owasp/dependencycheck/data/cwe/CweDB.java
View File

@@ -55,15 +55,17 @@ public final class CweDB {
oin = new ObjectInputStream(input); oin = new ObjectInputStream(input);
return (HashMap<String, String>) oin.readObject(); return (HashMap<String, String>) oin.readObject();
} catch (ClassNotFoundException ex) { } catch (ClassNotFoundException ex) {
Logger.getLogger(CweDB.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(CweDB.class.getName()).log(Level.WARNING, "Unable to load CWE data. This should not be an issue.");
Logger.getLogger(CweDB.class.getName()).log(Level.FINE, null, ex);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(CweDB.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(CweDB.class.getName()).log(Level.WARNING, "Unable to load CWE data due to an IO Error. This should not be an issue.");
Logger.getLogger(CweDB.class.getName()).log(Level.FINE, null, ex);
} finally { } finally {
if (oin != null) { if (oin != null) {
try { try {
oin.close(); oin.close();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(CweDB.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(CweDB.class.getName()).log(Level.FINEST, null, ex);
} }
} }
} }

20
src/main/java/org/owasp/dependencycheck/data/lucene/AbstractIndex.java
View File

@@ -98,16 +98,24 @@ public abstract class AbstractIndex {
try { try {
indexWriter.commit(); indexWriter.commit();
} catch (CorruptIndexException ex) { } catch (CorruptIndexException ex) {
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, null, ex); final String msg = "Unable to update database, there is a corrupt index.";
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, null, ex); final String msg = "Unable to update database due to an IO error.";
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
} }
try { try {
indexWriter.close(true); indexWriter.close(true);
} catch (CorruptIndexException ex) { } catch (CorruptIndexException ex) {
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, null, ex); final String msg = "Unable to update database, there is a corrupt index.";
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, null, ex); final String msg = "Unable to update database due to an IO error.";
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
} finally { } finally {
indexWriter = null; indexWriter = null;
} }
@@ -129,7 +137,9 @@ public abstract class AbstractIndex {
try { try {
directory.close(); directory.close();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, null, ex); final String msg = "Unable to update database due to an IO error.";
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
} finally { } finally {
directory = null; directory = null;
} }

32
src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java
View File

@@ -96,20 +96,20 @@ public class DatabaseUpdater implements CachedWebDataSource {
} }
} }
if (maxUpdates > 3) { if (maxUpdates > 3) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO,
"NVD CVE requires several updates; this could take a couple of minutes."); "NVD CVE requires several updates; this could take a couple of minutes.");
} }
int count = 0; int count = 0;
for (NvdCveUrl cve : update.values()) { for (NvdCveUrl cve : update.values()) {
if (cve.getNeedsUpdate()) { if (cve.getNeedsUpdate()) {
count += 1; count += 1;
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO,
"Updating NVD CVE ({0} of {1})", new Object[]{count, maxUpdates}); "Updating NVD CVE ({0} of {1})", new Object[]{count, maxUpdates});
URL url = new URL(cve.getUrl()); URL url = new URL(cve.getUrl());
File outputPath = null; File outputPath = null;
File outputPath12 = null; File outputPath12 = null;
try { try {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO,
"Downloading {0}", cve.getUrl()); "Downloading {0}", cve.getUrl());
outputPath = File.createTempFile("cve" + cve.getId() + "_", ".xml"); outputPath = File.createTempFile("cve" + cve.getId() + "_", ".xml");
@@ -119,11 +119,11 @@ public class DatabaseUpdater implements CachedWebDataSource {
outputPath12 = File.createTempFile("cve_1_2_" + cve.getId() + "_", ".xml"); outputPath12 = File.createTempFile("cve_1_2_" + cve.getId() + "_", ".xml");
Downloader.fetchFile(url, outputPath12, false); Downloader.fetchFile(url, outputPath12, false);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO,
"Processing {0}", cve.getUrl()); "Processing {0}", cve.getUrl());
importXML(outputPath, outputPath12); importXML(outputPath, outputPath12);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO,
"Completed updated {0} of {1}", new Object[]{count, maxUpdates}); "Completed updated {0} of {1}", new Object[]{count, maxUpdates});
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
throw new UpdateException(ex); throw new UpdateException(ex);
@@ -210,12 +210,6 @@ public class DatabaseUpdater implements CachedWebDataSource {
cve20Handler.setPrevVersionVulnMap(prevVersionVulnMap); cve20Handler.setPrevVersionVulnMap(prevVersionVulnMap);
cve20Handler.setCpeIndex(cpeIndex); cve20Handler.setCpeIndex(cpeIndex);
saxParser.parse(file, cve20Handler); saxParser.parse(file, cve20Handler);
// Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
// String.format("%d out of %d entries processed were application specific CVEs.",
// cve20Handler.getTotalNumberOfApplicationEntries(),
// cve20Handler.getTotalNumberOfEntries()));
cve20Handler = null; cve20Handler = null;
} finally { } finally {
if (cpeIndex != null) { if (cpeIndex != null) {
@@ -242,7 +236,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
try { try {
dir = CveDB.getDataDirectory().getCanonicalPath(); dir = CveDB.getDataDirectory().getCanonicalPath();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, "Error updating the databases propterty file.", ex);
throw new UpdateException("Unable to locate last updated properties file.", ex); throw new UpdateException("Unable to locate last updated properties file.", ex);
} }
final File cveProp = new File(dir + File.separatorChar + UPDATE_PROPERTIES_FILE); final File cveProp = new File(dir + File.separatorChar + UPDATE_PROPERTIES_FILE);
@@ -259,10 +253,10 @@ public class DatabaseUpdater implements CachedWebDataSource {
out = new OutputStreamWriter(os, "UTF-8"); out = new OutputStreamWriter(os, "UTF-8");
prop.store(out, dir); prop.store(out, dir);
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
throw new UpdateException("Unable to find last updated properties file.", ex); throw new UpdateException("Unable to find last updated properties file.", ex);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
throw new UpdateException("Unable to update last updated properties file.", ex); throw new UpdateException("Unable to update last updated properties file.", ex);
} finally { } finally {
if (out != null) { if (out != null) {
@@ -302,11 +296,11 @@ public class DatabaseUpdater implements CachedWebDataSource {
try { try {
currentlyPublished = retrieveCurrentTimestampsFromWeb(); currentlyPublished = retrieveCurrentTimestampsFromWeb();
} catch (InvalidDataException ex) { } catch (InvalidDataException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); //Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new DownloadFailedException("Unable to retrieve valid timestamp from nvd cve downloads page", ex); throw new DownloadFailedException("Unable to retrieve valid timestamp from nvd cve downloads page", ex);
} catch (InvalidSettingException ex) { } catch (InvalidSettingException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); ///Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new DownloadFailedException("Invalid settings", ex); throw new DownloadFailedException("Invalid settings", ex);
} }
@@ -317,7 +311,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
try { try {
dir = CveDB.getDataDirectory().getCanonicalPath(); dir = CveDB.getDataDirectory().getCanonicalPath();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); //Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException("Unable to locate last updated properties file.", ex); throw new UpdateException("Unable to locate last updated properties file.", ex);
} }
@@ -348,7 +342,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
} }
} }
if (deleteAndRecreate) { if (deleteAndRecreate) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, "Index version is old. Rebuilding the index."); Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.INFO, "The database version is old. Rebuilding the database.");
is.close(); is.close();
//this is an old version of the lucene index - just delete it //this is an old version of the lucene index - just delete it
FileUtils.delete(f); FileUtils.delete(f);
@@ -398,7 +392,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
try { try {
is.close(); is.close();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, null, ex);
} }
} }
} }

3
src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve20Handler.java
View File

@@ -172,7 +172,8 @@ public class NvdCve20Handler extends DefaultHandler {
final float score = Float.parseFloat(nodeText.toString()); final float score = Float.parseFloat(nodeText.toString());
vulnerability.setCvssScore(score); vulnerability.setCvssScore(score);
} catch (NumberFormatException ex) { } catch (NumberFormatException ex) {
Logger.getLogger(NvdCve20Handler.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(NvdCve20Handler.class.getName()).log(Level.SEVERE, "Error parsing CVSS Score.");
Logger.getLogger(NvdCve20Handler.class.getName()).log(Level.FINE, "Error parsing CVSS Score.", ex);
} }
nodeText = null; nodeText = null;
} else if (current.isCVSSAccessVectorNode()) { } else if (current.isCVSSAccessVectorNode()) {

8
src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
View File

@@ -427,9 +427,13 @@ public class Dependency implements Comparable<Dependency> {
md5 = Checksum.getMD5Checksum(file); md5 = Checksum.getMD5Checksum(file);
sha1 = Checksum.getSHA1Checksum(file); sha1 = Checksum.getSHA1Checksum(file);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(Dependency.class.getName()).log(Level.SEVERE, null, ex); final String msg = String.format("Unable to read '%s' to determine hashes.", file.getName());
Logger.getLogger(Dependency.class.getName()).log(Level.WARNING, msg);
Logger.getLogger(Dependency.class.getName()).log(Level.FINE, msg, ex);
} catch (NoSuchAlgorithmException ex) { } catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Dependency.class.getName()).log(Level.SEVERE, null, ex); final String msg = "Unable to use MD5 of SHA1 checksums.";
Logger.getLogger(Dependency.class.getName()).log(Level.WARNING, msg);
Logger.getLogger(Dependency.class.getName()).log(Level.FINE, msg, ex);
} }
this.setMd5sum(md5); this.setMd5sum(md5);
this.setSha1sum(sha1); this.setSha1sum(sha1);

4
src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
View File

@@ -46,7 +46,9 @@ public class VulnerableSoftware extends Entry implements Serializable, Comparabl
try { try {
parseName(cpe); parseName(cpe);
} catch (UnsupportedEncodingException ex) { } catch (UnsupportedEncodingException ex) {
Logger.getLogger(VulnerableSoftware.class.getName()).log(Level.SEVERE, null, ex); final String msg = String.format("Character encoding is unsupported for CPE '%s'.", cpe);
Logger.getLogger(VulnerableSoftware.class.getName()).log(Level.WARNING, msg);
Logger.getLogger(VulnerableSoftware.class.getName()).log(Level.FINE, msg, ex);
setName(cpe); setName(cpe);
} }
} }

2
src/main/java/org/owasp/dependencycheck/utils/Checksum.java
View File

@@ -51,7 +51,7 @@ public class Checksum {
try { try {
fis.close(); fis.close();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(Checksum.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(Checksum.class.getName()).log(Level.FINEST, "Error closing file '" + file.getName() + "'.", ex);
} }
} }
} }

6
src/main/java/org/owasp/dependencycheck/utils/Settings.java
View File

@@ -155,7 +155,8 @@ public final class Settings {
try { try {
props.load(in); props.load(in);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(Settings.class.getName()).log(Level.SEVERE, "Unable to load default settings.", ex); Logger.getLogger(Settings.class.getName()).log(Level.SEVERE, "Unable to load default settings.");
Logger.getLogger(Settings.class.getName()).log(Level.FINE, "Unable to load default settings.", ex);
} }
} }
@@ -280,7 +281,8 @@ public final class Settings {
try { try {
value = Integer.parseInt(Settings.getString(key)); value = Integer.parseInt(Settings.getString(key));
} catch (NumberFormatException ex) { } catch (NumberFormatException ex) {
Logger.getLogger(Settings.class.getName()).log(Level.FINEST, "Could not convert property '" + key + "' to an int.", ex); final String msg = String.format("Could not convert property '%s' to an int.", key);
Logger.getLogger(Settings.class.getName()).log(Level.FINEST, msg, ex);
value = defaultValue; value = defaultValue;
} }
return value; return value;