github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-04-30 12:14:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

Count "0" as a positive integer

Browse Source
This commit is contained in:
Stefan Neuhaus
2016-12-03 22:48:58 +01:00
parent 1337686013
commit e7072ea04c
2 changed files with 28 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
View File

@@ -226,18 +226,21 @@ public class VulnerableSoftware extends IndexEntry implements Serializable, Comp
/**
* Determines if the string passed in is a positive integer.
* To be counted as a positive integer, the string must only contain 0-9
* and must not have any leading zeros (though "0" is a valid positive
* integer).
*
* @param str the string to test
* @return true if the string only contains 0-9, otherwise false.
*/
private static boolean isPositiveInteger(final String str) {
static boolean isPositiveInteger(final String str) {
if (str == null || str.isEmpty()) {
return false;
}
// numbers/versions with leading zeros should not be treated as numbers
// numbers with leading zeros should not be treated as numbers
// (e.g. when comparing "01" <-> "1")
if (str.charAt(0) == '0') {
if (str.charAt(0) == '0' && str.length() > 1) {
return false;
}