checkstyle fixes

Former-commit-id: c5488d61958f91a8f47f4df4b2206f0193eed8dd

dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/PropertyType.java

@@ -80,7 +80,7 @@ public class PropertyType {
     /**
      * Indicates case sensitivity.
      */
-    protected boolean caseSensitive = false;
+    private boolean caseSensitive = false;
 
     /**
      * Gets the value of the caseSensitive property.

dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionErrorHandler.java

@@ -1,6 +1,20 @@
 /*
- * To change this template, choose Tools | Templates
+ * This file is part of dependency-check-core.
- * and open the template in the editor.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.suppression;
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionHandler.java

@@ -65,7 +65,7 @@ public class SuppressionHandler extends DefaultHandler {
     private List<SuppressionRule> supressionRules = new ArrayList<SuppressionRule>();
 
     /**
-     * Get the value of supressionRules
+     * Get the value of supressionRules.
      *
      * @return the value of supressionRules
      */
@@ -120,19 +120,19 @@ public class SuppressionHandler extends DefaultHandler {
             supressionRules.add(rule);
             rule = null;
         } else if (FILE_PATH.equals(qName)) {
-            PropertyType pt = processPropertyType();
+            final PropertyType pt = processPropertyType();
             rule.setFilePath(pt);
         } else if (SHA1.equals(qName)) {
             rule.setSha1(currentText.toString());
         } else if (CPE.equals(qName)) {
-            PropertyType pt = processPropertyType();
+            final PropertyType pt = processPropertyType();
             rule.addCpe(pt);
         } else if (CWE.equals(qName)) {
             rule.addCwe(currentText.toString());
         } else if (CVE.equals(qName)) {
             rule.addCve(currentText.toString());
         } else if (CVSS_BELOW.equals(qName)) {
-            float cvss = Float.parseFloat(currentText.toString());
+            final float cvss = Float.parseFloat(currentText.toString());
         }
     }
 
@@ -156,7 +156,7 @@ public class SuppressionHandler extends DefaultHandler {
      * @return a PropertyType object
      */
     private PropertyType processPropertyType() {
-        PropertyType pt = new PropertyType();
+        final PropertyType pt = new PropertyType();
         pt.setValue(currentText.toString());
         if (currentAttributes != null && currentAttributes.getLength() > 0) {
             final String regex = currentAttributes.getValue("regex");

dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionParser.java

@@ -43,17 +43,17 @@ import org.xml.sax.XMLReader;
 public class SuppressionParser {
 
     /**
-     * JAXP Schema Language, source:
+     * JAXP Schema Language. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
     /**
-     * W3C XML Schema, source:
+     * W3C XML Schema. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
     /**
-     * JAXP Schema Source, source:
+     * JAXP Schema Source. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String JAXP_SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";
@@ -68,22 +68,22 @@ public class SuppressionParser {
      */
     public List<SuppressionRule> parseSuppressionRules(File file) throws SuppressionParseException {
         try {
-            File schema = new File(this.getClass().getClassLoader().getResource("schema/suppression.xsd").getPath());
+            final File schema = new File(this.getClass().getClassLoader().getResource("schema/suppression.xsd").getPath());
-            SuppressionHandler handler = new SuppressionHandler();
+            final SuppressionHandler handler = new SuppressionHandler();
 
-            SAXParserFactory factory = SAXParserFactory.newInstance();
+            final SAXParserFactory factory = SAXParserFactory.newInstance();
             factory.setNamespaceAware(true);
             factory.setValidating(true);
-            SAXParser saxParser = factory.newSAXParser();
+            final SAXParser saxParser = factory.newSAXParser();
             saxParser.setProperty(SuppressionParser.JAXP_SCHEMA_LANGUAGE, SuppressionParser.W3C_XML_SCHEMA);
             saxParser.setProperty(SuppressionParser.JAXP_SCHEMA_SOURCE, schema);
-            XMLReader xmlReader = saxParser.getXMLReader();
+            final XMLReader xmlReader = saxParser.getXMLReader();
             xmlReader.setErrorHandler(new SuppressionErrorHandler());
             xmlReader.setContentHandler(handler);
 
-            InputStream inputStream = new FileInputStream(file);
+            final InputStream inputStream = new FileInputStream(file);
-            Reader reader = new InputStreamReader(inputStream); //, "UTF-8");
+            final Reader reader = new InputStreamReader(inputStream); //, "UTF-8");
-            InputSource in = new InputSource(reader);
+            final InputSource in = new InputSource(reader);
             //in.setEncoding("UTF-8");
 
             xmlReader.parse(in);

dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java

@@ -121,7 +121,7 @@ public class SuppressionRule {
     private List<Float> cvssBelow = new ArrayList<Float>();
 
     /**
-     * Get the value of cvssBelow
+     * Get the value of cvssBelow.
      *
      * @return the value of cvssBelow
      */
@@ -130,7 +130,7 @@ public class SuppressionRule {
     }
 
     /**
-     * Set the value of cvssBelow
+     * Set the value of cvssBelow.
      *
      * @param cvssBelow new value of cvssBelow
      */
@@ -236,6 +236,13 @@ public class SuppressionRule {
         return cve.size() > 0;
     }
 
+    /**
+     * Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS
+     * scores should be suppressed. If any should be, they are removed from the
+     * dependency.
+     *
+     * @param dependency a project dependency to analyze
+     */
     public void process(Dependency dependency) {
         if (filePath != null && !filePath.matches(dependency.getFilePath())) {
             return;
@@ -244,9 +251,9 @@ public class SuppressionRule {
             return;
         }
         if (this.hasCpe()) {
-            Iterator<Identifier> itr = dependency.getIdentifiers().iterator();
+            final Iterator<Identifier> itr = dependency.getIdentifiers().iterator();
             while (itr.hasNext()) {
-                Identifier i = itr.next();
+                final Identifier i = itr.next();
                 for (PropertyType c : this.cpe) {
                     if (cpeMatches(c, i)) {
                         itr.remove();
@@ -256,10 +263,10 @@ public class SuppressionRule {
             }
         }
         if (hasCve() || hasCwe() || hasCvssBelow()) {
-            Iterator<Vulnerability> itr = dependency.getVulnerabilities().iterator();
+            final Iterator<Vulnerability> itr = dependency.getVulnerabilities().iterator();
             boolean remove = false;
             while (!remove && itr.hasNext()) {
-                Vulnerability v = itr.next();
+                final Vulnerability v = itr.next();
                 for (String entry : this.cve) {
                     if (entry.equalsIgnoreCase(v.getName())) {
                         remove = true;
@@ -293,6 +300,14 @@ public class SuppressionRule {
         }
     }
 
+    /**
+     * Identifies if the cpe specified by the cpe suppression rule does not
+     * specify a version.
+     *
+     * @param c a suppression rule identifier
+     * @return true if the property type does not specify a version; otherwise
+     * false
+     */
     boolean cpeHasNoVersion(PropertyType c) {
         if (c.isRegex()) {
             return false;
@@ -303,6 +318,14 @@ public class SuppressionRule {
         return false;
     }
 
+    /**
+     * Counts the number of occurrences of the character found within the
+     * string.
+     *
+     * @param str the string to check
+     * @param c the character to count
+     * @return the number of times the character is found in the string
+     */
     int countCharacter(String str, char c) {
         int count = 0;
         int pos = str.indexOf(c) + 1;
@@ -313,6 +336,14 @@ public class SuppressionRule {
         return count;
     }
 
+    /**
+     * Determines if the cpeEntry specified as a PropertyType matches the given
+     * Identifier.
+     *
+     * @param cpeEntry a suppression rule entry
+     * @param identifier a CPE identifier to check
+     * @return true if the entry matches; otherwise false
+     */
     boolean cpeMatches(PropertyType cpeEntry, Identifier identifier) {
         if (cpeEntry.matches(identifier.getValue())) {
             return true;