mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
updated logging
Former-commit-id: 149530418c3807d59c93615e9c5283e4a151576f
This commit is contained in:
Jeremy Long
@@ -89,7 +89,7 @@ public class App {
|
||||
try {
|
||||
in.close();
|
||||
} catch (Exception ex) {
|
||||
Logger.getLogger(App.class.getName()).log(Level.FINEST, null, ex);
|
||||
Logger.getLogger(App.class.getName()).log(Level.FINEST, "Error closing resource stream", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -283,9 +283,7 @@ public class Engine {
|
||||
Logger.getLogger(Engine.class.getName()).log(Level.WARNING,
|
||||
"Unable to update Cached Web DataSource, using local data instead. Results may not include recent vulnerabilities.");
|
||||
Logger.getLogger(Engine.class.getName()).log(Level.FINE,
|
||||
String.format("Unable to update Cached Web DataSource, using local data instead. Results may not include recent "
|
||||
+ "vulnerabilities. Unable to update details for %s",
|
||||
source.getClass().getName()), ex);
|
||||
String.format("Unable to update details for %s", source.getClass().getName()), ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -138,7 +138,8 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
|
||||
final JAXBContext jaxbContext = JAXBContext.newInstance("org.owasp.dependencycheck.analyzer.pom.generated");
|
||||
pomUnmarshaller = jaxbContext.createUnmarshaller();
|
||||
} catch (JAXBException ex) { //guess we will just have a null pointer exception later...
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.SEVERE, "Unable to load parser. See the log for more details.");
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -345,14 +346,12 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
|
||||
final JAXBElement<Model> el = pomUnmarshaller.unmarshal(source, Model.class);
|
||||
m = el.getValue();
|
||||
} catch (ParserConfigurationException ex) {
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
|
||||
final String msg = String.format("Unable to parse pom '%s' in jar '%s'", path, jar.getName());
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.FINE, msg, ex);
|
||||
} catch (SAXException ex) {
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
|
||||
} catch (JAXBException ex) {
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.FINEST, "failure reading pom via jaxb path:'"
|
||||
+ path + "' jar:'" + jar.getName() + "'", ex);
|
||||
final String msg = String.format("Unable to parse pom '%s' in jar '%s'", path, jar.getName());
|
||||
Logger.getLogger(JarAnalyzer.class.getName()).log(Level.FINE, msg, ex);
|
||||
}
|
||||
|
||||
return m;
|
||||
}
|
||||
return null;
|
||||
|
||||
@@ -100,22 +100,22 @@ public abstract class AbstractIndex {
|
||||
} catch (CorruptIndexException ex) {
|
||||
final String msg = "Unable to update database, there is a corrupt index.";
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, null, ex);
|
||||
} catch (IOException ex) {
|
||||
final String msg = "Unable to update database due to an IO error.";
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
try {
|
||||
indexWriter.close(true);
|
||||
} catch (CorruptIndexException ex) {
|
||||
final String msg = "Unable to update database, there is a corrupt index.";
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, null, ex);
|
||||
} catch (IOException ex) {
|
||||
final String msg = "Unable to update database due to an IO error.";
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, null, ex);
|
||||
} finally {
|
||||
indexWriter = null;
|
||||
}
|
||||
@@ -139,7 +139,7 @@ public abstract class AbstractIndex {
|
||||
} catch (IOException ex) {
|
||||
final String msg = "Unable to update database due to an IO error.";
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.SEVERE, msg);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(AbstractIndex.class.getName()).log(Level.FINE, null, ex);
|
||||
} finally {
|
||||
directory = null;
|
||||
}
|
||||
|
||||
@@ -220,7 +220,9 @@ public class CveDB {
|
||||
try {
|
||||
conn.close();
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
final String msg = "There was an error attempting to close the CveDB, see the log for more details.";
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, msg, ex);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
conn = null;
|
||||
}
|
||||
@@ -239,7 +241,9 @@ public class CveDB {
|
||||
try {
|
||||
cpe.parseName(cpeStr);
|
||||
} catch (UnsupportedEncodingException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
final String msg = "There was an encoding error parsing a vulerability, see the log for more details.";
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.WARNING, msg);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, String.format("Error parsing '%s'", cpeStr), ex);
|
||||
}
|
||||
final List<Vulnerability> vulnerabilities = new ArrayList<Vulnerability>();
|
||||
|
||||
@@ -259,7 +263,7 @@ public class CveDB {
|
||||
try {
|
||||
rs.close();
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, "Error closing RecordSet", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -325,21 +329,21 @@ public class CveDB {
|
||||
try {
|
||||
rsV.close();
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, "Error closing RecordSet", ex);
|
||||
}
|
||||
}
|
||||
if (rsR != null) {
|
||||
try {
|
||||
rsR.close();
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, "Error closing RecordSet", ex);
|
||||
}
|
||||
}
|
||||
if (rsS != null) {
|
||||
try {
|
||||
rsS.close();
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, "Error closing RecordSet", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -398,8 +402,9 @@ public class CveDB {
|
||||
}
|
||||
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
throw new DatabaseException("Error updating '" + vuln.getName() + "'", ex);
|
||||
final String msg = String.format("Error updating '%s'", vuln.getName());
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.INFO, null, ex);
|
||||
throw new DatabaseException(msg, ex);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -443,7 +448,7 @@ public class CveDB {
|
||||
try {
|
||||
statement.close();
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(CveDB.class.getName()).log(Level.FINE, "Error closing Statement", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -296,11 +296,12 @@ public class DatabaseUpdater implements CachedWebDataSource {
|
||||
try {
|
||||
currentlyPublished = retrieveCurrentTimestampsFromWeb();
|
||||
} catch (InvalidDataException ex) {
|
||||
//Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
|
||||
throw new DownloadFailedException("Unable to retrieve valid timestamp from nvd cve downloads page", ex);
|
||||
final String msg = "Unable to retrieve valid timestamp from nvd cve downloads page";
|
||||
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, msg, ex);
|
||||
throw new DownloadFailedException(msg, ex);
|
||||
|
||||
} catch (InvalidSettingException ex) {
|
||||
///Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, "Invalid setting found when retrieving timestamps", ex);
|
||||
throw new DownloadFailedException("Invalid settings", ex);
|
||||
}
|
||||
|
||||
@@ -311,7 +312,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
|
||||
try {
|
||||
dir = CveDB.getDataDirectory().getCanonicalPath();
|
||||
} catch (IOException ex) {
|
||||
//Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
|
||||
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, "CveDB data directory doesn't exist?", ex);
|
||||
throw new UpdateException("Unable to locate last updated properties file.", ex);
|
||||
}
|
||||
|
||||
|
||||
@@ -173,7 +173,7 @@ public class NvdCve20Handler extends DefaultHandler {
|
||||
vulnerability.setCvssScore(score);
|
||||
} catch (NumberFormatException ex) {
|
||||
Logger.getLogger(NvdCve20Handler.class.getName()).log(Level.SEVERE, "Error parsing CVSS Score.");
|
||||
Logger.getLogger(NvdCve20Handler.class.getName()).log(Level.FINE, "Error parsing CVSS Score.", ex);
|
||||
Logger.getLogger(NvdCve20Handler.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
nodeText = null;
|
||||
} else if (current.isCVSSAccessVectorNode()) {
|
||||
|
||||
@@ -429,11 +429,11 @@ public class Dependency implements Comparable<Dependency> {
|
||||
} catch (IOException ex) {
|
||||
final String msg = String.format("Unable to read '%s' to determine hashes.", file.getName());
|
||||
Logger.getLogger(Dependency.class.getName()).log(Level.WARNING, msg);
|
||||
Logger.getLogger(Dependency.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(Dependency.class.getName()).log(Level.FINE, null, ex);
|
||||
} catch (NoSuchAlgorithmException ex) {
|
||||
final String msg = "Unable to use MD5 of SHA1 checksums.";
|
||||
Logger.getLogger(Dependency.class.getName()).log(Level.WARNING, msg);
|
||||
Logger.getLogger(Dependency.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(Dependency.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
this.setMd5sum(md5);
|
||||
this.setSha1sum(sha1);
|
||||
|
||||
@@ -48,7 +48,7 @@ public class VulnerableSoftware extends Entry implements Serializable, Comparabl
|
||||
} catch (UnsupportedEncodingException ex) {
|
||||
final String msg = String.format("Character encoding is unsupported for CPE '%s'.", cpe);
|
||||
Logger.getLogger(VulnerableSoftware.class.getName()).log(Level.WARNING, msg);
|
||||
Logger.getLogger(VulnerableSoftware.class.getName()).log(Level.FINE, msg, ex);
|
||||
Logger.getLogger(VulnerableSoftware.class.getName()).log(Level.FINE, null, ex);
|
||||
setName(cpe);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -195,7 +195,7 @@ public class ReportGenerator {
|
||||
input = new FileInputStream(f);
|
||||
} catch (FileNotFoundException ex) {
|
||||
Logger.getLogger(ReportGenerator.class.getName()).log(Level.SEVERE, "Unable to generate the report, the report template file could not be found.");
|
||||
Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINE, "Unable to generate the report, the report template file could not be found.", ex);
|
||||
Logger.getLogger(ReportGenerator.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
} else {
|
||||
templatePath = "templates/" + templateName + ".vsl";
|
||||
|
||||
@@ -37,19 +37,19 @@ public final class Settings {
|
||||
* The collection of keys used within the properties file.
|
||||
*/
|
||||
public static final class KEYS {
|
||||
|
||||
/**
|
||||
* private constructor because this is a "utility" class containing constants
|
||||
* private constructor because this is a "utility" class containing
|
||||
* constants
|
||||
*/
|
||||
private KEYS() {
|
||||
//do nothing
|
||||
}
|
||||
|
||||
/**
|
||||
* The properties key indicating whether or not the cached data sources
|
||||
* should be updated.
|
||||
*/
|
||||
public static final String AUTO_UPDATE = "autoupdate";
|
||||
|
||||
/**
|
||||
* The properties key for the path where the CPE Lucene Index will be
|
||||
* stored.
|
||||
@@ -107,8 +107,6 @@ public final class Settings {
|
||||
* The properties key for the CVE schema version 2.0.
|
||||
*/
|
||||
public static final String CVE_SCHEMA_2_0 = "2.0.";
|
||||
|
||||
|
||||
/**
|
||||
* The properties key for the proxy url.
|
||||
*/
|
||||
@@ -130,7 +128,6 @@ public final class Settings {
|
||||
* The location of the temporary directory.
|
||||
*/
|
||||
public static final String TEMP_DIRECTORY = "temp.directory";
|
||||
|
||||
}
|
||||
/**
|
||||
* The properties file location.
|
||||
@@ -156,7 +153,7 @@ public final class Settings {
|
||||
props.load(in);
|
||||
} catch (IOException ex) {
|
||||
Logger.getLogger(Settings.class.getName()).log(Level.SEVERE, "Unable to load default settings.");
|
||||
Logger.getLogger(Settings.class.getName()).log(Level.FINE, "Unable to load default settings.", ex);
|
||||
Logger.getLogger(Settings.class.getName()).log(Level.FINE, null, ex);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -169,6 +166,7 @@ public final class Settings {
|
||||
public static void setString(String key, String value) {
|
||||
INSTANCE.props.setProperty(key, value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets a property value.
|
||||
*
|
||||
@@ -265,6 +263,7 @@ public final class Settings {
|
||||
}
|
||||
return value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an int value from the properties file. If the value was specified
|
||||
* as a system property or passed in via the -Dprop=value argument - this
|
||||
@@ -273,8 +272,8 @@ public final class Settings {
|
||||
*
|
||||
* @param key the key to lookup within the properties file
|
||||
* @param defaultValue the default value to return
|
||||
* @return the property from the properties file or the defaultValue if the property does
|
||||
* not exist or cannot be converted to an integer
|
||||
* @return the property from the properties file or the defaultValue if the
|
||||
* property does not exist or cannot be converted to an integer
|
||||
*/
|
||||
public static int getInt(String key, int defaultValue) {
|
||||
int value;
|
||||
@@ -287,6 +286,7 @@ public final class Settings {
|
||||
}
|
||||
return value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a long value from the properties file. If the value was specified
|
||||
* as a system property or passed in via the -Dprop=value argument - this
|
||||
@@ -310,9 +310,10 @@ public final class Settings {
|
||||
|
||||
/**
|
||||
* Returns a boolean value from the properties file. If the value was
|
||||
* specified as a system property or passed in via the <code>-Dprop=value</code>
|
||||
* argument this method will return the value from the system properties before
|
||||
* the values in the contained configuration file.
|
||||
* specified as a system property or passed in via the
|
||||
* <code>-Dprop=value</code> argument this method will return the value from
|
||||
* the system properties before the values in the contained configuration
|
||||
* file.
|
||||
*
|
||||
* @param key the key to lookup within the properties file
|
||||
* @return the property from the properties file
|
||||
|
||||
Reference in New Issue
Block a user