diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java index 95360b08f..ce3a1c8cd 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java +++ b/src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java @@ -20,9 +20,6 @@ package org.codesecure.dependencycheck.data.cpe; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Date; import java.util.logging.Level; import java.util.logging.Logger; import org.apache.lucene.document.Document; @@ -52,31 +49,6 @@ public class Entry { } return entry; } - /** - * The title of the CPE - * @deprecated This field is no longer used - */ - protected String title; - - /** - * Get the value of title - * - * @return the value of title - * @deprecated This field is no longer used - */ - public String getTitle() { - return title; - } - - /** - * Set the value of title - * - * @param title new value of title - * @deprecated This field is no longer used - */ - public void setTitle(String title) { - this.title = title; - } /** * The name of the CPE entry. */ @@ -99,101 +71,6 @@ public class Entry { public void setName(String name) { this.name = name; } - /** - * The status of the CPE Entry. - * @deprecated This field is no longer used - */ - protected String status; - - /** - * Get the value of status - * - * @return the value of status - * @deprecated This field is no longer used - */ - public String getStatus() { - return status; - } - - /** - * Set the value of status - * - * @param status new value of status - * @deprecated This field is no longer used - */ - public void setStatus(String status) { - this.status = status; - } - /** - * The modification date of the CPE Entry. - * @deprecated This field is no longer used - */ - private Date modificationDate; - - /** - * Get the value of modificationDate - * - * @return the value of modificationDate - * @deprecated This field is no longer used - */ - public Date getModificationDate() { - return (Date) modificationDate.clone(); - } - - /** - * Set the value of modificationDate - * - * @param modificationDate new value of modificationDate - * @deprecated This field is no longer used - */ - public void setModificationDate(Date modificationDate) { - this.modificationDate = (Date) modificationDate.clone(); - } - - /** - * Set the value of modificationDate - * - * Expected format: yyyy-MM-dd'T'HH:mm:ss.SSS'Z' - * - * @param modificationDate new value of modificationDate - * @throws ParseException is thrown when a parse exception occurs. - * @deprecated This field is no longer used - */ - public void setModificationDate(String modificationDate) throws ParseException { - - String formatStr = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"; - Date tempDate = null; - SimpleDateFormat sdf = new SimpleDateFormat(formatStr); - sdf.setLenient(true); - tempDate = sdf.parse(modificationDate); - - this.modificationDate = tempDate; - } - /** - * The nvdId. - * @deprecated This field is no longer used - */ - protected String nvdId; - - /** - * Get the value of nvdId - * - * @return the value of nvdId - * @deprecated This field is no longer used - */ - public String getNvdId() { - return nvdId; - } - - /** - * Set the value of nvdId - * - * @param nvdId new value of nvdId - * @deprecated This field is no longer used - */ - public void setNvdId(String nvdId) { - this.nvdId = nvdId; - } /** * The vendor name. */ diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java index d830d2de1..db1d3027d 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java +++ b/src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java @@ -26,6 +26,12 @@ import java.util.Map; import org.apache.lucene.analysis.Analyzer; import org.apache.lucene.analysis.core.KeywordAnalyzer; import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper; +import org.apache.lucene.document.Document; +import org.apache.lucene.document.Field; +import org.apache.lucene.document.StoredField; +import org.apache.lucene.document.TextField; +import org.apache.lucene.index.CorruptIndexException; +import org.apache.lucene.index.Term; import org.apache.lucene.queryparser.classic.QueryParser; import org.apache.lucene.store.Directory; import org.apache.lucene.store.FSDirectory; @@ -143,4 +149,54 @@ public class Index extends AbstractIndex { vendorSearchFieldAnalyzer.clear(); } } + + /** + * Saves a CPE Entry into the Lucene index. + * + * @param entry a CPE entry. + * @throws CorruptIndexException is thrown if the index is corrupt. + * @throws IOException is thrown if an IOException occurs. + */ + public void saveEntry(Entry entry) throws CorruptIndexException, IOException { + Document doc = convertEntryToDoc(entry); + //Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId())); + Term term = new Term(Fields.NAME, entry.getName()); + indexWriter.updateDocument(term, doc); + } + + /** + * Converts a CPE entry into a Lucene Document. + * + * @param entry a CPE Entry. + * @return a Lucene Document containing a CPE Entry. + */ + protected Document convertEntryToDoc(Entry entry) { + Document doc = new Document(); + + Field name = new StoredField(Fields.NAME, entry.getName()); + doc.add(name); + + Field vendor = new TextField(Fields.VENDOR, entry.getVendor(), Field.Store.NO); + vendor.setBoost(5.0F); + doc.add(vendor); + + Field product = new TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.NO); + product.setBoost(5.0F); + doc.add(product); + + //TODO revision should likely be its own field + if (entry.getVersion() != null) { + Field version = null; + if (entry.getRevision() != null) { + version = new TextField(Fields.VERSION, entry.getVersion() + " " + + entry.getRevision(), Field.Store.NO); + } else { + version = new TextField(Fields.VERSION, entry.getVersion(), + Field.Store.NO); + } + version.setBoost(0.8F); + doc.add(version); + } + return doc; + } } diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/EntrySaveDelegate.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/EntrySaveDelegate.java deleted file mode 100644 index 8acdf822e..000000000 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/EntrySaveDelegate.java +++ /dev/null @@ -1,42 +0,0 @@ -package org.codesecure.dependencycheck.data.cpe.xml; -/* - * This file is part of DependencyCheck. - * - * DependencyCheck is free software: you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the Free - * Software Foundation, either version 3 of the License, or (at your option) any - * later version. - * - * DependencyCheck is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more - * details. - * - * You should have received a copy of the GNU General Public License along with - * DependencyCheck. If not, see http://www.gnu.org/licenses/. - * - * Copyright (c) 2012 Jeremy Long. All Rights Reserved. - */ - -import org.codesecure.dependencycheck.data.cpe.Entry; -import java.io.IOException; -import org.apache.lucene.index.CorruptIndexException; - -/** - * - * An interface used to define the save function used when parsing the CPE XML - * file. - * - * @author Jeremy Long (jeremy.long@gmail.com) - */ -public interface EntrySaveDelegate { - - /** - * Saves a CPE Entry into the Lucene index. - * - * @param entry a CPE entry. - * @throws CorruptIndexException is thrown if the index is corrupt. - * @throws IOException is thrown if an IOException occurs. - */ - void saveEntry(Entry entry) throws CorruptIndexException, IOException; -} diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/Indexer.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/Indexer.java deleted file mode 100644 index 9fd771ee4..000000000 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/Indexer.java +++ /dev/null @@ -1,89 +0,0 @@ -package org.codesecure.dependencycheck.data.cpe.xml; -/* - * This file is part of DependencyCheck. - * - * DependencyCheck is free software: you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the Free - * Software Foundation, either version 3 of the License, or (at your option) any - * later version. - * - * DependencyCheck is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more - * details. - * - * You should have received a copy of the GNU General Public License along with - * DependencyCheck. If not, see http://www.gnu.org/licenses/. - * - * Copyright (c) 2012 Jeremy Long. All Rights Reserved. - */ - -import java.io.IOException; -import org.apache.lucene.document.Document; -import org.apache.lucene.document.Field; -import org.apache.lucene.document.StoredField; -import org.apache.lucene.document.TextField; -import org.apache.lucene.index.CorruptIndexException; -import org.apache.lucene.index.Term; -import org.codesecure.dependencycheck.data.cpe.Entry; -import org.codesecure.dependencycheck.data.cpe.Fields; -import org.codesecure.dependencycheck.data.cpe.Index; - -/** - * The Indexer is used to convert a CPE Entry, retrieved from the CPE XML file, - * into a Document that is stored in the Lucene index. - * - * @author Jeremy Long (jeremy.long@gmail.com) - */ -public class Indexer extends Index implements EntrySaveDelegate { - - /** - * Saves a CPE Entry into the Lucene index. - * - * @param entry a CPE entry. - * @throws CorruptIndexException is thrown if the index is corrupt. - * @throws IOException is thrown if an IOException occurs. - */ - public void saveEntry(Entry entry) throws CorruptIndexException, IOException { - Document doc = convertEntryToDoc(entry); - //Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId())); - Term term = new Term(Fields.NAME, entry.getName()); - indexWriter.updateDocument(term, doc); - } - - /** - * Converts a CPE entry into a Lucene Document. - * - * @param entry a CPE Entry. - * @return a Lucene Document containing a CPE Entry. - */ - protected Document convertEntryToDoc(Entry entry) { - Document doc = new Document(); - - Field name = new StoredField(Fields.NAME, entry.getName()); - doc.add(name); - - Field vendor = new TextField(Fields.VENDOR, entry.getVendor(), Field.Store.NO); - vendor.setBoost(5.0F); - doc.add(vendor); - - Field product = new TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.NO); - product.setBoost(5.0F); - doc.add(product); - - //TODO revision should likely be its own field - if (entry.getVersion() != null) { - Field version = null; - if (entry.getRevision() != null) { - version = new TextField(Fields.VERSION, entry.getVersion() + " " - + entry.getRevision(), Field.Store.NO); - } else { - version = new TextField(Fields.VERSION, entry.getVersion(), - Field.Store.NO); - } - version.setBoost(0.8F); - doc.add(version); - } - return doc; - } -} diff --git a/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/package-info.java b/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/package-info.java deleted file mode 100644 index 1278c8218..000000000 --- a/src/main/java/org/codesecure/dependencycheck/data/cpe/xml/package-info.java +++ /dev/null @@ -1,12 +0,0 @@ -/** - * - * - * org.codesecure.dependencycheck.data.cpe.xml - * - * - * Contains classes used to parse the CPE XML file. - * - * -*/ - -package org.codesecure.dependencycheck.data.cpe.xml; diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java index db8f10983..3d1f37cde 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java +++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java @@ -147,17 +147,18 @@ public class IndexUpdater extends Index implements CachedWebDataSource { file.mkdirs(); } NvdCveParser indexer = null; - org.codesecure.dependencycheck.data.cpe.xml.Indexer cpeIndexer = null; + org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null; try { indexer = new NvdCveParser(); indexer.openIndexWriter(); //HACK - hack to ensure all CPE data is stored in the index. - cpeIndexer = new org.codesecure.dependencycheck.data.cpe.xml.Indexer(); - cpeIndexer.openIndexWriter(); - indexer.setCPEIndexer(cpeIndexer); + cpeIndex = new org.codesecure.dependencycheck.data.cpe.Index(); + cpeIndex.openIndexWriter(); + indexer.setCPEIndexer(cpeIndex); indexer.parse(file); + } catch (CorruptIndexException ex) { Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex); } catch (IOException ex) { @@ -166,8 +167,8 @@ public class IndexUpdater extends Index implements CachedWebDataSource { if (indexer != null) { indexer.close(); } - if (cpeIndexer != null) { - cpeIndexer.close(); + if (cpeIndex != null) { + cpeIndex.close(); } } } @@ -181,7 +182,7 @@ public class IndexUpdater extends Index implements CachedWebDataSource { // JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated"); // NvdCveXmlFilter filter = new NvdCveXmlFilter(context); // -// Indexer indexer = new Indexer(); +// CPEIndexWriter indexer = new CPEIndexWriter(); // indexer.openIndexWriter(); // // filter.registerSaveDelegate(indexer); diff --git a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java index f0bd2e482..da7b00c22 100644 --- a/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java +++ b/src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java @@ -48,14 +48,14 @@ public class NvdCveParser extends Index { //HACK - this has initially been placed here as a hack because not all // of the CPEs listed in the NVD CVE are actually in the CPE xml file // hosted by NIST. - private org.codesecure.dependencycheck.data.cpe.xml.Indexer cpeIndexer = null; + private org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null; /** * Adds the CPE Index to add additional CPEs found by parsing the NVD CVE. - * @param indexer the CPE Indexer to write new CPEs into. + * @param index the CPE Index to write new CPEs into. */ - public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.xml.Indexer indexer) { - this.cpeIndexer = indexer; + public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.Index index) { + this.cpeIndex = index; } /** @@ -205,8 +205,8 @@ public class NvdCveParser extends Index { } catch (UnsupportedEncodingException ex) { Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex); } - if (cpeIndexer != null) { - cpeIndexer.saveEntry(cpeEntry); + if (cpeIndex != null) { + cpeIndex.saveEntry(cpeEntry); } } }