diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java index 70e8d3159..08b9d4f63 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java @@ -192,7 +192,7 @@ public class CentralAnalyzer extends AbstractFileTypeAnalyzer { final List mas = searcher.searchSha1(dependency.getSha1sum()); final Confidence confidence = mas.size() > 1 ? Confidence.HIGH : Confidence.HIGHEST; for (MavenArtifact ma : mas) { - LOGGER.debug("Central analyzer found artifact ({}) for dependency ({})", ma.toString(), dependency.getFileName()); + LOGGER.debug("Central analyzer found artifact ({}) for dependency ({})", ma, dependency.getFileName()); dependency.addAsEvidence("central", ma, confidence); boolean pomAnalyzed = false; for (Evidence e : dependency.getVendorEvidence()) { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzer.java index 9e24f56f5..d3950c793 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzer.java @@ -126,7 +126,7 @@ public class NuspecAnalyzer extends AbstractFileTypeAnalyzer { */ @Override public void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException { - LOGGER.debug("Checking Nuspec file {}", dependency.toString()); + LOGGER.debug("Checking Nuspec file {}", dependency); try { final NuspecParser parser = new XPathNuspecParser(); NugetPackage np = null; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java index a5f484c43..d4ba768c1 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java @@ -90,7 +90,7 @@ public class CentralSearch { final URL url = new URL(rootURL + String.format("?q=1:\"%s\"&wt=xml", sha1)); - LOGGER.debug("Searching Central url {}", url.toString()); + LOGGER.debug("Searching Central url {}", url); // Determine if we need to use a proxy. The rules: // 1) If the proxy is set, AND the setting is set to true, use the proxy diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java index 15bbdcdb1..fec1f5d4d 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java @@ -149,7 +149,6 @@ public final class CpeMemoryIndex { * * @return the CPE Analyzer. */ - @SuppressWarnings("unchecked") private Analyzer createIndexingAnalyzer() { final Map fieldAnalyzers = new HashMap(); fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer()); @@ -161,7 +160,6 @@ public final class CpeMemoryIndex { * * @return the CPE Analyzer. */ - @SuppressWarnings("unchecked") private Analyzer createSearchingAnalyzer() { final Map fieldAnalyzers = new HashMap(); fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer()); @@ -173,24 +171,6 @@ public final class CpeMemoryIndex { return new PerFieldAnalyzerWrapper(new FieldAnalyzer(LuceneUtils.CURRENT_VERSION), fieldAnalyzers); } - /** - * Saves a CPE IndexEntry into the Lucene index. - * - * @param vendor the vendor to index - * @param product the product to index - * @param indexWriter the index writer to write the entry into - * @throws CorruptIndexException is thrown if the index is corrupt - * @throws IOException is thrown if an IOException occurs - */ - public void saveEntry(String vendor, String product, IndexWriter indexWriter) throws CorruptIndexException, IOException { - final Document doc = new Document(); - final Field v = new TextField(Fields.VENDOR, vendor, Field.Store.YES); - final Field p = new TextField(Fields.PRODUCT, product, Field.Store.YES); - doc.add(v); - doc.add(p); - indexWriter.addDocument(doc); - } - /** * Closes the CPE Index. */ @@ -230,9 +210,20 @@ public final class CpeMemoryIndex { final IndexWriterConfig conf = new IndexWriterConfig(LuceneUtils.CURRENT_VERSION, analyzer); indexWriter = new IndexWriter(index, conf); try { + // Tip: reuse the Document and Fields for performance... + // See "Re-use Document and Field instances" from + // http://wiki.apache.org/lucene-java/ImproveIndexingSpeed + final Document doc = new Document(); + final Field v = new TextField(Fields.VENDOR, Fields.VENDOR, Field.Store.YES); + final Field p = new TextField(Fields.PRODUCT, Fields.PRODUCT, Field.Store.YES); + doc.add(v); + doc.add(p); + final Set> data = cve.getVendorProductList(); for (Pair pair : data) { - saveEntry(pair.getLeft(), pair.getRight(), indexWriter); + v.setStringValue(pair.getLeft()); + p.setStringValue(pair.getRight()); + indexWriter.addDocument(doc); } } catch (DatabaseException ex) { LOGGER.debug("", ex); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java index 85588f093..457bb4cb3 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java @@ -341,7 +341,7 @@ public class Dependency implements Serializable, Comparable { } } if (!found) { - LOGGER.debug("Adding new maven identifier {}", mavenArtifact.toString()); + LOGGER.debug("Adding new maven identifier {}", mavenArtifact); this.addIdentifier("maven", mavenArtifact.toString(), mavenArtifact.getArtifactUrl(), Confidence.HIGHEST); } } diff --git a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java index 97b254e80..62c0bf4ad 100644 --- a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java +++ b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java @@ -57,7 +57,6 @@ public final class Checksum { * @throws IOException when the file does not exist * @throws NoSuchAlgorithmException when an algorithm is specified that does not exist */ - @SuppressWarnings("empty-statement") public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException { MessageDigest digest = MessageDigest.getInstance(algorithm); FileInputStream fis = null; @@ -79,12 +78,6 @@ public final class Checksum { digest.update(byteBuffer); start += amountToRead; } - -// BufferedInputStream bis = new BufferedInputStream(fis); -// DigestInputStream dis = new DigestInputStream(bis, digest); -// //yes, we are reading in a buffer for performance reasons - 1 byte at a time is SLOW -// byte[] buffer = new byte[8192]; -// while (dis.read(buffer) != -1); } finally { if (fis != null) { try { diff --git a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java index b066bb884..11b0aa3af 100644 --- a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java +++ b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java @@ -61,7 +61,7 @@ public final class FileUtils { String ret = null; final int pos = fileName.lastIndexOf("."); if (pos >= 0) { - ret = fileName.substring(pos + 1, fileName.length()).toLowerCase(); + ret = fileName.substring(pos + 1).toLowerCase(); } return ret; } diff --git a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java index 56e7033c0..6e600d9db 100644 --- a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java +++ b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java @@ -460,12 +460,7 @@ public final class Settings { * @param value the value for the property */ public static void setBoolean(String key, boolean value) { - if (value) { - localSettings.get().props.setProperty(key, Boolean.TRUE.toString()); - } else { - localSettings.get().props.setProperty(key, Boolean.FALSE.toString()); - } - LOGGER.debug("Setting: {}='{}'", key, value); + setString(key, Boolean.toString(value)); } /** @@ -664,13 +659,11 @@ public final class Settings { * @throws InvalidSettingException is thrown if there is an error retrieving the setting */ public static int getInt(String key) throws InvalidSettingException { - int value; try { - value = Integer.parseInt(Settings.getString(key)); + return Integer.parseInt(Settings.getString(key)); } catch (NumberFormatException ex) { throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex); } - return value; } /** @@ -704,13 +697,11 @@ public final class Settings { * @throws InvalidSettingException is thrown if there is an error retrieving the setting */ public static long getLong(String key) throws InvalidSettingException { - long value; try { - value = Long.parseLong(Settings.getString(key)); + return Long.parseLong(Settings.getString(key)); } catch (NumberFormatException ex) { - throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex); + throw new InvalidSettingException("Could not convert property '" + key + "' to a long.", ex); } - return value; } /** @@ -723,13 +714,7 @@ public final class Settings { * @throws InvalidSettingException is thrown if there is an error retrieving the setting */ public static boolean getBoolean(String key) throws InvalidSettingException { - boolean value; - try { - value = Boolean.parseBoolean(Settings.getString(key)); - } catch (NumberFormatException ex) { - throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex); - } - return value; + return Boolean.parseBoolean(Settings.getString(key)); } /** @@ -743,17 +728,7 @@ public final class Settings { * @throws InvalidSettingException is thrown if there is an error retrieving the setting */ public static boolean getBoolean(String key, boolean defaultValue) throws InvalidSettingException { - boolean value; - try { - final String strValue = Settings.getString(key); - if (strValue == null) { - return defaultValue; - } - value = Boolean.parseBoolean(strValue); - } catch (NumberFormatException ex) { - throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex); - } - return value; + return Boolean.parseBoolean(Settings.getString(key, Boolean.toString(defaultValue))); } /**