github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-18 07:14:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

removed deprecated functionality

Browse Source 
Former-commit-id: 56f9dba3e11d33a9e735465938d7c9b8997193a1
This commit is contained in:
Jeremy Long
2012-12-30 09:09:23 -05:00
parent bea19ad8ce
commit f851e62330
7 changed files with 70 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

123
src/main/java/org/codesecure/dependencycheck/data/cpe/Entry.java
View File

@@ -20,9 +20,6 @@ package org.codesecure.dependencycheck.data.cpe;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.URLDecoder; import java.net.URLDecoder;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import org.apache.lucene.document.Document; import org.apache.lucene.document.Document;
@@ -52,31 +49,6 @@ public class Entry {
} }
return entry; return entry;
} }
/**
* The title of the CPE
* @deprecated This field is no longer used
*/
protected String title;
/**
* Get the value of title
*
* @return the value of title
* @deprecated This field is no longer used
*/
public String getTitle() {
return title;
}
/**
* Set the value of title
*
* @param title new value of title
* @deprecated This field is no longer used
*/
public void setTitle(String title) {
this.title = title;
}
/** /**
* The name of the CPE entry. * The name of the CPE entry.
*/ */
@@ -99,101 +71,6 @@ public class Entry {
public void setName(String name) { public void setName(String name) {
this.name = name; this.name = name;
} }
/**
* The status of the CPE Entry.
* @deprecated This field is no longer used
*/
protected String status;
/**
* Get the value of status
*
* @return the value of status
* @deprecated This field is no longer used
*/
public String getStatus() {
return status;
}
/**
* Set the value of status
*
* @param status new value of status
* @deprecated This field is no longer used
*/
public void setStatus(String status) {
this.status = status;
}
/**
* The modification date of the CPE Entry.
* @deprecated This field is no longer used
*/
private Date modificationDate;
/**
* Get the value of modificationDate
*
* @return the value of modificationDate
* @deprecated This field is no longer used
*/
public Date getModificationDate() {
return (Date) modificationDate.clone();
}
/**
* Set the value of modificationDate
*
* @param modificationDate new value of modificationDate
* @deprecated This field is no longer used
*/
public void setModificationDate(Date modificationDate) {
this.modificationDate = (Date) modificationDate.clone();
}
/**
* Set the value of modificationDate
*
* Expected format: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
*
* @param modificationDate new value of modificationDate
* @throws ParseException is thrown when a parse exception occurs.
* @deprecated This field is no longer used
*/
public void setModificationDate(String modificationDate) throws ParseException {
String formatStr = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";
Date tempDate = null;
SimpleDateFormat sdf = new SimpleDateFormat(formatStr);
sdf.setLenient(true);
tempDate = sdf.parse(modificationDate);
this.modificationDate = tempDate;
}
/**
* The nvdId.
* @deprecated This field is no longer used
*/
protected String nvdId;
/**
* Get the value of nvdId
*
* @return the value of nvdId
* @deprecated This field is no longer used
*/
public String getNvdId() {
return nvdId;
}
/**
* Set the value of nvdId
*
* @param nvdId new value of nvdId
* @deprecated This field is no longer used
*/
public void setNvdId(String nvdId) {
this.nvdId = nvdId;
}
/** /**
* The vendor name. * The vendor name.
*/ */

56
src/main/java/org/codesecure/dependencycheck/data/cpe/Index.java
View File

@@ -26,6 +26,12 @@ import java.util.Map;
import org.apache.lucene.analysis.Analyzer; import org.apache.lucene.analysis.Analyzer;
import org.apache.lucene.analysis.core.KeywordAnalyzer; import org.apache.lucene.analysis.core.KeywordAnalyzer;
import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper; import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
import org.apache.lucene.document.Document;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.StoredField;
import org.apache.lucene.document.TextField;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.index.Term;
import org.apache.lucene.queryparser.classic.QueryParser; import org.apache.lucene.queryparser.classic.QueryParser;
import org.apache.lucene.store.Directory; import org.apache.lucene.store.Directory;
import org.apache.lucene.store.FSDirectory; import org.apache.lucene.store.FSDirectory;
@@ -143,4 +149,54 @@ public class Index extends AbstractIndex {
vendorSearchFieldAnalyzer.clear(); vendorSearchFieldAnalyzer.clear();
} }
} }
/**
* Saves a CPE Entry into the Lucene index.
*
* @param entry a CPE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
public void saveEntry(Entry entry) throws CorruptIndexException, IOException {
Document doc = convertEntryToDoc(entry);
//Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId()));
Term term = new Term(Fields.NAME, entry.getName());
indexWriter.updateDocument(term, doc);
}
/**
* Converts a CPE entry into a Lucene Document.
*
* @param entry a CPE Entry.
* @return a Lucene Document containing a CPE Entry.
*/
protected Document convertEntryToDoc(Entry entry) {
Document doc = new Document();
Field name = new StoredField(Fields.NAME, entry.getName());
doc.add(name);
Field vendor = new TextField(Fields.VENDOR, entry.getVendor(), Field.Store.NO);
vendor.setBoost(5.0F);
doc.add(vendor);
Field product = new TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.NO);
product.setBoost(5.0F);
doc.add(product);
//TODO revision should likely be its own field
if (entry.getVersion() != null) {
Field version = null;
if (entry.getRevision() != null) {
version = new TextField(Fields.VERSION, entry.getVersion() + " "
+ entry.getRevision(), Field.Store.NO);
} else {
version = new TextField(Fields.VERSION, entry.getVersion(),
Field.Store.NO);
}
version.setBoost(0.8F);
doc.add(version);
}
return doc;
}
} }

42
src/main/java/org/codesecure/dependencycheck/data/cpe/xml/EntrySaveDelegate.java
View File

@@ -1,42 +0,0 @@
package org.codesecure.dependencycheck.data.cpe.xml;
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
import org.codesecure.dependencycheck.data.cpe.Entry;
import java.io.IOException;
import org.apache.lucene.index.CorruptIndexException;
/**
*
* An interface used to define the save function used when parsing the CPE XML
* file.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public interface EntrySaveDelegate {
/**
* Saves a CPE Entry into the Lucene index.
*
* @param entry a CPE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
void saveEntry(Entry entry) throws CorruptIndexException, IOException;
}

89
src/main/java/org/codesecure/dependencycheck/data/cpe/xml/Indexer.java
View File

@@ -1,89 +0,0 @@
package org.codesecure.dependencycheck.data.cpe.xml;
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
import java.io.IOException;
import org.apache.lucene.document.Document;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.StoredField;
import org.apache.lucene.document.TextField;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.index.Term;
import org.codesecure.dependencycheck.data.cpe.Entry;
import org.codesecure.dependencycheck.data.cpe.Fields;
import org.codesecure.dependencycheck.data.cpe.Index;
/**
* The Indexer is used to convert a CPE Entry, retrieved from the CPE XML file,
* into a Document that is stored in the Lucene index.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class Indexer extends Index implements EntrySaveDelegate {
/**
* Saves a CPE Entry into the Lucene index.
*
* @param entry a CPE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
public void saveEntry(Entry entry) throws CorruptIndexException, IOException {
Document doc = convertEntryToDoc(entry);
//Term term = new Term(Fields.NVDID, LuceneUtils.escapeLuceneQuery(entry.getNvdId()));
Term term = new Term(Fields.NAME, entry.getName());
indexWriter.updateDocument(term, doc);
}
/**
* Converts a CPE entry into a Lucene Document.
*
* @param entry a CPE Entry.
* @return a Lucene Document containing a CPE Entry.
*/
protected Document convertEntryToDoc(Entry entry) {
Document doc = new Document();
Field name = new StoredField(Fields.NAME, entry.getName());
doc.add(name);
Field vendor = new TextField(Fields.VENDOR, entry.getVendor(), Field.Store.NO);
vendor.setBoost(5.0F);
doc.add(vendor);
Field product = new TextField(Fields.PRODUCT, entry.getProduct(), Field.Store.NO);
product.setBoost(5.0F);
doc.add(product);
//TODO revision should likely be its own field
if (entry.getVersion() != null) {
Field version = null;
if (entry.getRevision() != null) {
version = new TextField(Fields.VERSION, entry.getVersion() + " "
+ entry.getRevision(), Field.Store.NO);
} else {
version = new TextField(Fields.VERSION, entry.getVersion(),
Field.Store.NO);
}
version.setBoost(0.8F);
doc.add(version);
}
return doc;
}
}

12
src/main/java/org/codesecure/dependencycheck/data/cpe/xml/package-info.java
View File

@@ -1,12 +0,0 @@
/**
* <html>
* <head>
* <title>org.codesecure.dependencycheck.data.cpe.xml</title>
* </head>
* <body>
* Contains classes used to parse the CPE XML file.
* </body>
* </html>
*/
package org.codesecure.dependencycheck.data.cpe.xml;

15
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java
View File

@@ -147,17 +147,18 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
file.mkdirs(); file.mkdirs();
} }
NvdCveParser indexer = null; NvdCveParser indexer = null;
org.codesecure.dependencycheck.data.cpe.xml.Indexer cpeIndexer = null; org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null;
try { try {
indexer = new NvdCveParser(); indexer = new NvdCveParser();
indexer.openIndexWriter(); indexer.openIndexWriter();
//HACK - hack to ensure all CPE data is stored in the index. //HACK - hack to ensure all CPE data is stored in the index.
cpeIndexer = new org.codesecure.dependencycheck.data.cpe.xml.Indexer(); cpeIndex = new org.codesecure.dependencycheck.data.cpe.Index();
cpeIndexer.openIndexWriter(); cpeIndex.openIndexWriter();
indexer.setCPEIndexer(cpeIndexer); indexer.setCPEIndexer(cpeIndex);
indexer.parse(file); indexer.parse(file);
} catch (CorruptIndexException ex) { } catch (CorruptIndexException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) { } catch (IOException ex) {
@@ -166,8 +167,8 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
if (indexer != null) { if (indexer != null) {
indexer.close(); indexer.close();
} }
if (cpeIndexer != null) { if (cpeIndex != null) {
cpeIndexer.close(); cpeIndex.close();
} }
} }
} }
@@ -181,7 +182,7 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
// JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated"); // JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated");
// NvdCveXmlFilter filter = new NvdCveXmlFilter(context); // NvdCveXmlFilter filter = new NvdCveXmlFilter(context);
// //
// Indexer indexer = new Indexer(); // CPEIndexWriter indexer = new CPEIndexWriter();
// indexer.openIndexWriter(); // indexer.openIndexWriter();
// //
// filter.registerSaveDelegate(indexer); // filter.registerSaveDelegate(indexer);

12
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java
View File

@@ -48,14 +48,14 @@ public class NvdCveParser extends Index {
//HACK - this has initially been placed here as a hack because not all //HACK - this has initially been placed here as a hack because not all
// of the CPEs listed in the NVD CVE are actually in the CPE xml file // of the CPEs listed in the NVD CVE are actually in the CPE xml file
// hosted by NIST. // hosted by NIST.
private org.codesecure.dependencycheck.data.cpe.xml.Indexer cpeIndexer = null; private org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null;
/** /**
* Adds the CPE Index to add additional CPEs found by parsing the NVD CVE. * Adds the CPE Index to add additional CPEs found by parsing the NVD CVE.
* @param indexer the CPE Indexer to write new CPEs into. * @param index the CPE Index to write new CPEs into.
*/ */
public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.xml.Indexer indexer) { public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.Index index) {
this.cpeIndexer = indexer; this.cpeIndex = index;
} }
/** /**
@@ -205,8 +205,8 @@ public class NvdCveParser extends Index {
} catch (UnsupportedEncodingException ex) { } catch (UnsupportedEncodingException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
} }
if (cpeIndexer != null) { if (cpeIndex != null) {
cpeIndexer.saveEntry(cpeEntry); cpeIndex.saveEntry(cpeEntry);
} }
} }
} }