From e6806fdf2b33aed95c26a851a30577428c4b5bdb Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 9 Nov 2014 19:52:42 -0500 Subject: [PATCH] patch to resolve issue #137 - the output path can be a file name if the format is not ALL Former-commit-id: 05c638b21f09842781e105259ff58819e4bd3e8c --- .../org/owasp/dependencycheck/CliParser.java | 26 ++++++++++++++----- .../src/site/markdown/arguments.md | 2 +- .../reporting/ReportGenerator.java | 19 +++++++++++--- 3 files changed, 37 insertions(+), 10 deletions(-) diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java index 28214bc61..bc5c26629 100644 --- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java +++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java @@ -135,16 +135,29 @@ public final class CliParser { */ private void validatePathExists(String path, String argumentName) throws FileNotFoundException { if (path == null) { + isValid = false; final String msg = String.format("Invalid '%s' argument: null", argumentName); throw new FileNotFoundException(msg); } else if (!path.contains("*") && !path.contains("?")) { final File f = new File(path); - if (!f.exists()) { - isValid = false; - final String msg = String.format("Invalid '%s' argument: '%s'", argumentName, path); - throw new FileNotFoundException(msg); + if ("o".equals(argumentName.substring(0, 1).toLowerCase()) && !"ALL".equals(this.getReportFormat().toUpperCase())) { + final String checkPath = path.toLowerCase(); + if (checkPath.endsWith(".html") || checkPath.endsWith(".xml") || checkPath.endsWith(".htm")) { + if (!f.getParentFile().isDirectory()) { + isValid = false; + final String msg = String.format("Invalid '%s' argument: '%s'", argumentName, path); + throw new FileNotFoundException(msg); + } + } + } else { + if (!f.exists()) { + isValid = false; + final String msg = String.format("Invalid '%s' argument: '%s'", argumentName, path); + throw new FileNotFoundException(msg); + } } } else if (path.startsWith("//") || path.startsWith("\\\\")) { + isValid = false; final String msg = String.format("Invalid '%s' argument: '%s'%nUnable to scan paths that start with '//'.", argumentName, path); throw new FileNotFoundException(msg); } @@ -202,8 +215,9 @@ public final class CliParser { .withDescription("A property file to load.") .create(ARGUMENT.PROP_SHORT); - final Option out = OptionBuilder.withArgName("folder").hasArg().withLongOpt(ARGUMENT.OUT) - .withDescription("The folder to write reports to. This defaults to the current directory.") + final Option out = OptionBuilder.withArgName("path").hasArg().withLongOpt(ARGUMENT.OUT) + .withDescription("The folder to write reports to. This defaults to the current directory. " + + "It is possible to set this to a specific file name if the format argument is not set to ALL.") .create(ARGUMENT.OUT_SHORT); final Option outputFormat = OptionBuilder.withArgName("format").hasArg().withLongOpt(ARGUMENT.OUTPUT_FORMAT) diff --git a/dependency-check-cli/src/site/markdown/arguments.md b/dependency-check-cli/src/site/markdown/arguments.md index fdf060a2f..682e5ddb0 100644 --- a/dependency-check-cli/src/site/markdown/arguments.md +++ b/dependency-check-cli/src/site/markdown/arguments.md @@ -8,7 +8,7 @@ Short | Argument Name   | Parameter | Description | Requir \-a | \-\-app | \ | The name of the application being scanned. This is a required argument. | Required \-s | \-\-scan | \ | The path to scan \- this option can be specified multiple times. It is also possible to specify Ant style paths (e.g. directory/**/*.jar). | Required | \-\-exclude | \ | The path patterns to exclude from the scan \- this option can be specified multiple times. This accepts Ant style path patterns (e.g. **/exclude/**) . | Optional - \-o | \-\-out | \ | The folder to write reports to. This defaults to the current directory. | Optional + \-o | \-\-out | \ | The folder to write reports to. This defaults to the current directory. If the format is not set to ALL one could specify a specific file name. | Optional \-f | \-\-format | \ | The output format to write to (XML, HTML, VULN, ALL). The default is HTML. | Required \-l | \-\-log | \ | The file path to write verbose logging information. | Optional \-n | \-\-noupdate | | Disables the automatic updating of the CPE data. | Optional diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java index d437ebd1f..851ad7826 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java @@ -167,15 +167,28 @@ public class ReportGenerator { */ public void generateReports(String outputDir, String outputFormat) throws IOException, Exception { final String format = outputFormat.toUpperCase(); + final String pathToCheck = outputDir.toLowerCase(); if (format.matches("^(XML|HTML|VULN|ALL)$")) { if ("XML".equalsIgnoreCase(format)) { - generateReports(outputDir, Format.XML); + if (pathToCheck.endsWith(".xml")) { + generateReport("XmlReport", outputDir); + } else { + generateReports(outputDir, Format.XML); + } } if ("HTML".equalsIgnoreCase(format)) { - generateReports(outputDir, Format.HTML); + if (pathToCheck.endsWith(".html") || pathToCheck.endsWith(".htm")) { + generateReport("HtmlReport", outputDir); + } else { + generateReports(outputDir, Format.HTML); + } } if ("VULN".equalsIgnoreCase(format)) { - generateReports(outputDir, Format.VULN); + if (pathToCheck.endsWith(".html") || pathToCheck.endsWith(".htm")) { + generateReport("VulnReport", outputDir); + } else { + generateReports(outputDir, Format.VULN); + } } if ("ALL".equalsIgnoreCase(format)) { generateReports(outputDir, Format.ALL);