github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 07:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

removed deprecated functionality

Browse Source 
Former-commit-id: 56f9dba3e11d33a9e735465938d7c9b8997193a1
This commit is contained in:
Jeremy Long
2012-12-30 09:09:23 -05:00
parent bea19ad8ce
commit f851e62330
7 changed files with 70 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

123
src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java
View File

@@ -20,9 +20,6 @@ package org.codesecure.dependencycheck.data.cpe;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.lucene.document.Document;
@@ -52,31 +49,6 @@ public class Entry {
}
return entry;
}
/**
* The title of the CPE
* @deprecated This field is no longer used
*/
protected String title;
/**
* Get the value of title
*
* @return the value of title
* @deprecated This field is no longer used
*/
public String getTitle() {
return title;
}
/**
* Set the value of title
*
* @param title new value of title
* @deprecated This field is no longer used
*/
public void setTitle(String title) {
this.title = title;
}
/**
* The name of the CPE entry.
*/
@@ -99,101 +71,6 @@ public class Entry {
public void setName(String name) {
this.name = name;
}
/**
* The status of the CPE Entry.
* @deprecated This field is no longer used
*/
protected String status;
/**
* Get the value of status
*
* @return the value of status
* @deprecated This field is no longer used
*/
public String getStatus() {
return status;
}
/**
* Set the value of status
*
* @param status new value of status
* @deprecated This field is no longer used
*/
public void setStatus(String status) {
this.status = status;
}
/**
* The modification date of the CPE Entry.
* @deprecated This field is no longer used
*/
private Date modificationDate;
/**
* Get the value of modificationDate
*
* @return the value of modificationDate
* @deprecated This field is no longer used
*/
public Date getModificationDate() {
return (Date) modificationDate.clone();
}
/**
* Set the value of modificationDate
*
* @param modificationDate new value of modificationDate
* @deprecated This field is no longer used
*/
public void setModificationDate(Date modificationDate) {
this.modificationDate = (Date) modificationDate.clone();
}
/**
* Set the value of modificationDate
*
* Expected format: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
*
* @param modificationDate new value of modificationDate
* @throws ParseException is thrown when a parse exception occurs.
* @deprecated This field is no longer used
*/
public void setModificationDate(String modificationDate) throws ParseException {
String formatStr = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";
Date tempDate = null;
SimpleDateFormat sdf = new SimpleDateFormat(formatStr);
sdf.setLenient(true);
tempDate = sdf.parse(modificationDate);
this.modificationDate = tempDate;
}
/**
* The nvdId.
* @deprecated This field is no longer used
*/
protected String nvdId;
/**
* Get the value of nvdId
*
* @return the value of nvdId
* @deprecated This field is no longer used
*/
public String getNvdId() {
return nvdId;
}
/**
* Set the value of nvdId
*
* @param nvdId new value of nvdId
* @deprecated This field is no longer used
*/
public void setNvdId(String nvdId) {
this.nvdId = nvdId;
}
/**
* The vendor name.
*/

56
src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java
View File

@@ -26,6 +26,12 @@ import java.util.Map;
import org.apache.lucene.analysis.Analyzer;
import org.apache.lucene.analysis.core.KeywordAnalyzer;
import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
import org.apache.lucene.document.Document;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.StoredField;
import org.apache.lucene.document.TextField;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.index.Term;
import org.apache.lucene.queryparser.classic.QueryParser;
import org.apache.lucene.store.Directory;
import org.apache.lucene.store.FSDirectory;
@@ -143,4 +149,54 @@ public class Index extends AbstractIndex {
vendorSearchFieldAnalyzer.clear();
}
}
/**
* Saves a CPE Entry into the Lucene index.
*
* @param entry a CPE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
public void saveEntry(Entry entry) throws CorruptIndexException, IOException {
Document doc = convertEntryToDoc(entry);
//Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId()));
Term term = new Term(Fields.NAME, entry.getName());
indexWriter.updateDocument(term, doc);
}
/**
* Converts a CPE entry into a Lucene Document.
*
* @param entry a CPE Entry.
* @return a Lucene Document containing a CPE Entry.
*/
protected Document convertEntryToDoc(Entry entry) {
Document doc = new Document();
Field name = new StoredField(Fields.NAME, entry.getName());
doc.add(name);
Field vendor = new TextField(Fields.VENDOR, entry.getVendor(), Field.Store.NO);
vendor.setBoost(5.0F);
doc.add(vendor);
Field product = new TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.NO);
product.setBoost(5.0F);
doc.add(product);
//TODO revision should likely be its own field
if (entry.getVersion() != null) {
Field version = null;
if (entry.getRevision() != null) {
version = new TextField(Fields.VERSION, entry.getVersion() + " "
+ entry.getRevision(), Field.Store.NO);
} else {
version = new TextField(Fields.VERSION, entry.getVersion(),
Field.Store.NO);
}
version.setBoost(0.8F);
doc.add(version);
}
return doc;
}
}

42
src/main/java/org/codesecure/dependencycheck/data/cpe/xml/EntrySaveDelegate.java
View File

@@ -1,42 +0,0 @@
package org.codesecure.dependencycheck.data.cpe.xml;
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
import org.codesecure.dependencycheck.data.cpe.Entry;
import java.io.IOException;
import org.apache.lucene.index.CorruptIndexException;
/**
*
* An interface used to define the save function used when parsing the CPE XML
* file.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public interface EntrySaveDelegate {
/**
* Saves a CPE Entry into the Lucene index.
*
* @param entry a CPE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
void saveEntry(Entry entry) throws CorruptIndexException, IOException;
}

89
src/main/java/org/codesecure/dependencycheck/data/cpe/xml/Indexer.java
View File

@@ -1,89 +0,0 @@
package org.codesecure.dependencycheck.data.cpe.xml;
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
import java.io.IOException;
import org.apache.lucene.document.Document;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.StoredField;
import org.apache.lucene.document.TextField;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.index.Term;
import org.codesecure.dependencycheck.data.cpe.Entry;
import org.codesecure.dependencycheck.data.cpe.Fields;
import org.codesecure.dependencycheck.data.cpe.Index;
/**
* The Indexer is used to convert a CPE Entry, retrieved from the CPE XML file,
* into a Document that is stored in the Lucene index.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class Indexer extends Index implements EntrySaveDelegate {
/**
* Saves a CPE Entry into the Lucene index.
*
* @param entry a CPE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
public void saveEntry(Entry entry) throws CorruptIndexException, IOException {
Document doc = convertEntryToDoc(entry);
//Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId()));
Term term = new Term(Fields.NAME, entry.getName());
indexWriter.updateDocument(term, doc);
}
/**
* Converts a CPE entry into a Lucene Document.
*
* @param entry a CPE Entry.
* @return a Lucene Document containing a CPE Entry.
*/
protected Document convertEntryToDoc(Entry entry) {
Document doc = new Document();
Field name = new StoredField(Fields.NAME, entry.getName());
doc.add(name);
Field vendor = new TextField(Fields.VENDOR, entry.getVendor(), Field.Store.NO);
vendor.setBoost(5.0F);
doc.add(vendor);
Field product = new TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.NO);
product.setBoost(5.0F);
doc.add(product);
//TODO revision should likely be its own field
if (entry.getVersion() != null) {
Field version = null;
if (entry.getRevision() != null) {
version = new TextField(Fields.VERSION, entry.getVersion() + " "
+ entry.getRevision(), Field.Store.NO);
} else {
version = new TextField(Fields.VERSION, entry.getVersion(),
Field.Store.NO);
}
version.setBoost(0.8F);
doc.add(version);
}
return doc;
}
}

12
src/main/java/org/codesecure/dependencycheck/data/cpe/xml/package-info.java
View File

@@ -1,12 +0,0 @@
/**
* <html>
* <head>
* <title>org.codesecure.dependencycheck.data.cpe.xml</title>
* </head>
* <body>
* Contains classes used to parse the CPE XML file.
* </body>
* </html>
*/
package org.codesecure.dependencycheck.data.cpe.xml;

15
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java
View File

@@ -147,17 +147,18 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
file.mkdirs();
}
NvdCveParser indexer = null;
org.codesecure.dependencycheck.data.cpe.xml.Indexer cpeIndexer = null;
org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null;
try {
indexer = new NvdCveParser();
indexer.openIndexWriter();
//HACK - hack to ensure all CPE data is stored in the index.
cpeIndexer = new org.codesecure.dependencycheck.data.cpe.xml.Indexer();
cpeIndexer.openIndexWriter();
indexer.setCPEIndexer(cpeIndexer);
cpeIndex = new org.codesecure.dependencycheck.data.cpe.Index();
cpeIndex.openIndexWriter();
indexer.setCPEIndexer(cpeIndex);
indexer.parse(file);
} catch (CorruptIndexException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
@@ -166,8 +167,8 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
if (indexer != null) {
indexer.close();
}
if (cpeIndexer != null) {
cpeIndexer.close();
if (cpeIndex != null) {
cpeIndex.close();
}
}
}
@@ -181,7 +182,7 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
// JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated");
// NvdCveXmlFilter filter = new NvdCveXmlFilter(context);
//
// Indexer indexer = new Indexer();
// CPEIndexWriter indexer = new CPEIndexWriter();
// indexer.openIndexWriter();
//
// filter.registerSaveDelegate(indexer);

12
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java
View File

@@ -48,14 +48,14 @@ public class NvdCveParser extends Index {
//HACK - this has initially been placed here as a hack because not all
// of the CPEs listed in the NVD CVE are actually in the CPE xml file
// hosted by NIST.
private org.codesecure.dependencycheck.data.cpe.xml.Indexer cpeIndexer = null;
private org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null;
/**
* Adds the CPE Index to add additional CPEs found by parsing the NVD CVE.
* @param indexer the CPE Indexer to write new CPEs into.
* @param index the CPE Index to write new CPEs into.
*/
public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.xml.Indexer indexer) {
this.cpeIndexer = indexer;
public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.Index index) {
this.cpeIndex = index;
}
/**
@@ -205,8 +205,8 @@ public class NvdCveParser extends Index {
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
}
if (cpeIndexer != null) {
cpeIndexer.saveEntry(cpeEntry);
if (cpeIndex != null) {
cpeIndex.saveEntry(cpeEntry);
}
}
}