github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-27 11:31:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

updated test case and related data

Browse Source 
Former-commit-id: 513602f48b6d599b43848f0a88537190084e9cbf
This commit is contained in:
Jeremy Long
2014-05-03 12:30:29 -04:00
parent 363568b02c
commit cda0dfdafe
3 changed files with 29 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.java
View File

@@ -61,19 +61,22 @@ public class VulnerabilitySuppressionAnalyzerIntegrationTest extends AbstractDat
@Test @Test
public void testAnalyze() throws Exception { public void testAnalyze() throws Exception {
File file = new File(this.getClass().getClassLoader().getResource("FileHelpers.2.0.0.0.nupkg").getPath()); File file = new File(this.getClass().getClassLoader().getResource("commons-fileupload-1.2.1.jar").getPath());
File suppression = new File(this.getClass().getClassLoader().getResource("FileHelpers.2.0.0.0.suppression.xml").getPath()); File suppression = new File(this.getClass().getClassLoader().getResource("commons-fileupload-1.2.1.suppression.xml").getPath());
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false); Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
Engine engine = new Engine(); Engine engine = new Engine();
engine.scan(file); engine.scan(file);
engine.analyzeDependencies(); engine.analyzeDependencies();
Dependency dependency = getDependency(engine, file); Dependency dependency = getDependency(engine, file);
assertTrue(dependency.getVulnerabilities().size() > 0); assertTrue(dependency.getVulnerabilities().size() > 0);
assertTrue(dependency.getIdentifiers().size() > 0);
Settings.setString(Settings.KEYS.SUPPRESSION_FILE, suppression.getAbsolutePath()); Settings.setString(Settings.KEYS.SUPPRESSION_FILE, suppression.getAbsolutePath());
VulnerabilitySuppressionAnalyzer instance = new VulnerabilitySuppressionAnalyzer(); VulnerabilitySuppressionAnalyzer instance = new VulnerabilitySuppressionAnalyzer();
instance.initialize(); instance.initialize();
instance.analyze(dependency, engine); instance.analyze(dependency, engine);
assertTrue(dependency.getVulnerabilities().size() == 0); assertTrue(dependency.getVulnerabilities().size() == 0);
assertTrue(dependency.getIdentifiers().isEmpty());
engine.cleanup(); engine.cleanup();
} }

10
dependency-check-core/src/test/resources/FileHelpers.2.0.0.0.suppression.xml
View File

@@ -1,10 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://www.owasp.org/index.php/OWASP_Dependency_Check_Suppression">
<suppress>
<notes><![CDATA[
file name: FileHelpers.2.0.0.0.nupkg
]]></notes>
<sha1>30FB37D6163CF16E3BA740343BECDD14D5457619</sha1>
<cve>CVE-2007-1536</cve>
</suppress>
</suppressions>

24
dependency-check-core/src/test/resources/commons-fileupload-1.2.1.suppression.xml Normal file
View File

@@ -0,0 +1,24 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://www.owasp.org/index.php/OWASP_Dependency_Check_Suppression">
<suppress>
<notes><![CDATA[
file name: commons-fileupload-1.2.1.jar
]]></notes>
<sha1>384FAA82E193D4E4B0546059CA09572654BC3970</sha1>
<cpe>cpe:/a:apache:commons_fileupload:1.2.1</cpe>
</suppress>
<suppress>
<notes><![CDATA[
file name: commons-fileupload-1.2.1.jar
]]></notes>
<sha1>384FAA82E193D4E4B0546059CA09572654BC3970</sha1>
<cve>CVE-2014-0050</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: commons-fileupload-1.2.1.jar
]]></notes>
<sha1>384FAA82E193D4E4B0546059CA09572654BC3970</sha1>
<cve>CVE-2013-0248</cve>
</suppress>
</suppressions>