github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

version 1.2.0 of the documentation

Browse Source
This commit is contained in:
Jeremy Long
2014-04-28 09:13:01 -04:00
parent 172a34cd62
commit f999904560
13 changed files with 2138 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

303
dependency-check-core/apidocs/org/owasp/dependencycheck/reporting/EscapeTool.html Normal file
View File

@@ -0,0 +1,303 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (version 1.7.0_45) on Mon Apr 28 08:36:21 EDT 2014 -->
<meta http-equiv="Content-Type" content="text/html" charset="UTF-8">
<title>EscapeTool (Dependency-Check Core 1.2.0 API)</title>
<meta name="date" content="2014-04-28">
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
</head>
<body>
<script type="text/javascript"><!--
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="EscapeTool (Dependency-Check Core 1.2.0 API)";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar_top">
<!-- -->
</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/EscapeTool.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li>Prev Class</li>
<li><a href="../../../../org/owasp/dependencycheck/reporting/ReportGenerator.html" title="class in org.owasp.dependencycheck.reporting"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../index.html?org/owasp/dependencycheck/reporting/EscapeTool.html" target="_top">Frames</a></li>
<li><a href="EscapeTool.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<!-- ======== START OF CLASS DATA ======== -->
<div class="header">
<div class="subTitle">org.owasp.dependencycheck.reporting</div>
<h2 title="Class EscapeTool" class="title">Class EscapeTool</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li><a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li>
<li>
<ul class="inheritance">
<li>org.owasp.dependencycheck.reporting.EscapeTool</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<hr>
<br>
<pre>public class <span class="strong">EscapeTool</span>
extends <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></pre>
<div class="block">An extremely simple wrapper around various escape utils to perform URL and HTML encoding within the reports. This
class was created to simplify the velocity configuration and avoid using the "built-in" escape tool.</div>
<dl><dt><span class="strong">Author:</span></dt>
<dd>Jeremy Long <jeremy.long@owasp.org></dd></dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor_summary">
<!-- -->
</a>
<h3>Constructor Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colOne" scope="col">Constructor and Description</th>
</tr>
<tr class="altColor">
<td class="colOne"><code><strong><a href="../../../../org/owasp/dependencycheck/reporting/EscapeTool.html#EscapeTool()">EscapeTool</a></strong>()</code>&nbsp;</td>
</tr>
</table>
</li>
</ul>
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method_summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code><a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><strong><a href="../../../../org/owasp/dependencycheck/reporting/EscapeTool.html#html(java.lang.String)">html</a></strong>(<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;text)</code>
<div class="block">HTML Encodes the provided text.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code><a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><strong><a href="../../../../org/owasp/dependencycheck/reporting/EscapeTool.html#url(java.lang.String)">url</a></strong>(<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;text)</code>
<div class="block">URL Encodes the provided text.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code><a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><strong><a href="../../../../org/owasp/dependencycheck/reporting/EscapeTool.html#xml(java.lang.String)">xml</a></strong>(<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;text)</code>
<div class="block">XML Encodes the provided text.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;java.lang.<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3>
<code><a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</a>, <a href="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</a></code></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor_detail">
<!-- -->
</a>
<h3>Constructor Detail</h3>
<a name="EscapeTool()">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>EscapeTool</h4>
<pre>public&nbsp;EscapeTool()</pre>
</li>
</ul>
</li>
</ul>
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method_detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a name="url(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>url</h4>
<pre>public&nbsp;<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;url(<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;text)</pre>
<div class="block">URL Encodes the provided text.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>text</code> - the text to encode</dd>
<dt><span class="strong">Returns:</span></dt><dd>the URL encoded text</dd></dl>
</li>
</ul>
<a name="html(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>html</h4>
<pre>public&nbsp;<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;html(<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;text)</pre>
<div class="block">HTML Encodes the provided text.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>text</code> - the text to encode</dd>
<dt><span class="strong">Returns:</span></dt><dd>the HTML encoded text</dd></dl>
</li>
</ul>
<a name="xml(java.lang.String)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>xml</h4>
<pre>public&nbsp;<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;xml(<a href="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;text)</pre>
<div class="block">XML Encodes the provided text.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>text</code> - the text to encode</dd>
<dt><span class="strong">Returns:</span></dt><dd>the XML encoded text</dd></dl>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
<!-- ========= END OF CLASS DATA ========= -->
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar_bottom">
<!-- -->
</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/EscapeTool.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li>Prev Class</li>
<li><a href="../../../../org/owasp/dependencycheck/reporting/ReportGenerator.html" title="class in org.owasp.dependencycheck.reporting"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../index.html?org/owasp/dependencycheck/reporting/EscapeTool.html" target="_top">Frames</a></li>
<li><a href="EscapeTool.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<p class="legalCopy"><small>Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</small></p>
</body>
</html>

117
dependency-check-core/apidocs/org/owasp/dependencycheck/reporting/class-use/EscapeTool.html Normal file
View File

@@ -0,0 +1,117 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (version 1.7.0_45) on Mon Apr 28 08:36:25 EDT 2014 -->
<meta http-equiv="Content-Type" content="text/html" charset="UTF-8">
<title>Uses of Class org.owasp.dependencycheck.reporting.EscapeTool (Dependency-Check Core 1.2.0 API)</title>
<meta name="date" content="2014-04-28">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
</head>
<body>
<script type="text/javascript"><!--
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="Uses of Class org.owasp.dependencycheck.reporting.EscapeTool (Dependency-Check Core 1.2.0 API)";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar_top">
<!-- -->
</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../overview-summary.html">Overview</a></li>
<li><a href="../package-summary.html">Package</a></li>
<li><a href="../../../../../org/owasp/dependencycheck/reporting/EscapeTool.html" title="class in org.owasp.dependencycheck.reporting">Class</a></li>
<li class="navBarCell1Rev">Use</li>
<li><a href="../package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li>Prev</li>
<li>Next</li>
</ul>
<ul class="navList">
<li><a href="../../../../../index.html?org/owasp/dependencycheck/reporting/class-use/EscapeTool.html" target="_top">Frames</a></li>
<li><a href="EscapeTool.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<a name="skip-navbar_top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<div class="header">
<h2 title="Uses of Class org.owasp.dependencycheck.reporting.EscapeTool" class="title">Uses of Class<br>org.owasp.dependencycheck.reporting.EscapeTool</h2>
</div>
<div class="classUseContainer">No usage of org.owasp.dependencycheck.reporting.EscapeTool</div>
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar_bottom">
<!-- -->
</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../overview-summary.html">Overview</a></li>
<li><a href="../package-summary.html">Package</a></li>
<li><a href="../../../../../org/owasp/dependencycheck/reporting/EscapeTool.html" title="class in org.owasp.dependencycheck.reporting">Class</a></li>
<li class="navBarCell1Rev">Use</li>
<li><a href="../package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li>Prev</li>
<li>Next</li>
</ul>
<ul class="navList">
<li><a href="../../../../../index.html?org/owasp/dependencycheck/reporting/class-use/EscapeTool.html" target="_top">Frames</a></li>
<li><a href="EscapeTool.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<a name="skip-navbar_bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<p class="legalCopy"><small>Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</small></p>
</body>
</html>

164
dependency-check-core/cobertura/org.owasp.dependencycheck.reporting.EscapeTool.html Normal file
View File

@@ -0,0 +1,164 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Coverage Report</title>
<link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/>
<script type="text/javascript" src="js/popup.js"></script>
</head>
<body>
<h5>Coverage Report - org.owasp.dependencycheck.reporting.EscapeTool</h5>
<div class="separator">&nbsp;</div>
<table class="report">
<thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead>
<tr><td><a href="org.owasp.dependencycheck.reporting.EscapeTool.html">EscapeTool</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">0%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:0px"><span class="text">0/8</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">N/A</a></td><td class="percentgraph"><div class="percentgraph"><div class="na" style="width:100px"><span class="text"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">N/A</a></span></div></div></td></tr></table></td><td class="value"><span class="hidden">1.6666666666666667;</span>1.667</td></tr>
</table>
<div class="separator">&nbsp;</div>
<table cellspacing="0" cellpadding="0" class="src">
<tr> <td class="numLine">&nbsp;1</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">/*</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;2</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * This file is part of dependency-check-core.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;3</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;4</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Licensed under the Apache License, Version 2.0 (the "License");</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;5</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * you may not use this file except in compliance with the License.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;6</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * You may obtain a copy of the License at</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;7</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;8</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;9</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;10</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Unless required by applicable law or agreed to in writing, software</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;11</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * distributed under the License is distributed on an "AS IS" BASIS,</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;12</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;13</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * See the License for the specific language governing permissions and</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;14</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * limitations under the License.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;15</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;16</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Copyright (c) 2014 Jeremy Long. All Rights Reserved.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;17</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;18</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">package</span> org.owasp.dependencycheck.reporting;</pre></td></tr>
<tr> <td class="numLine">&nbsp;19</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;20</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.UnsupportedEncodingException;</pre></td></tr>
<tr> <td class="numLine">&nbsp;21</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.net.URLEncoder;</pre></td></tr>
<tr> <td class="numLine">&nbsp;22</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.logging.Level;</pre></td></tr>
<tr> <td class="numLine">&nbsp;23</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.logging.Logger;</pre></td></tr>
<tr> <td class="numLine">&nbsp;24</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> org.apache.commons.lang.StringEscapeUtils;</pre></td></tr>
<tr> <td class="numLine">&nbsp;25</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;26</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;27</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * An extremely simple wrapper around various escape utils to perform URL and HTML encoding within the reports. This</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;28</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * class was created to simplify the velocity configuration and avoid using the "built-in" escape tool.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;29</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;30</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;31</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;32</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">public</span> <span class="keyword">class</span> EscapeTool {</pre></td></tr>
<tr> <td class="numLine">&nbsp;33</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;34</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;35</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * The logger.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;36</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;37</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> Logger LOGGER = Logger.getLogger(EscapeTool.<span class="keyword">class</span>.getName());</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;38</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;39</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;40</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * URL Encodes the provided text.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;41</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;42</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param text the text to encode</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;43</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @return the URL encoded text</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;44</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;45</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">public</span> String url(String text) {</pre></td></tr>
<tr> <td class="numLine">&nbsp;46</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">try</span> {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;47</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; <span class="keyword">return</span> URLEncoder.encode(text, <span class="string">"UTF-8"</span>);</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;48</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; } <span class="keyword">catch</span> (UnsupportedEncodingException ex) {</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;49</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; LOGGER.log(Level.WARNING, <span class="string">"UTF-8 is not supported?"</span>);</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;50</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; LOGGER.log(Level.INFO, <span class="keyword">null</span>, ex);</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;51</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;52</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; <span class="keyword">return</span> <span class="string">""</span>;</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;53</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;54</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;55</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;56</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * HTML Encodes the provided text.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;57</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;58</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param text the text to encode</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;59</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @return the HTML encoded text</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;60</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;61</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">public</span> String html(String text) {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;62</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; <span class="keyword">return</span> StringEscapeUtils.escapeHtml(text);</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;63</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;64</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;65</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;66</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * XML Encodes the provided text.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;67</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;68</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param text the text to encode</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;69</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @return the XML encoded text</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;70</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;71</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">public</span> String xml(String text) {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;72</td> <td class="nbHitsUncovered">&nbsp;0</td> <td class="src"><pre class="src"><span class="srcUncovered">&nbsp; <span class="keyword">return</span> StringEscapeUtils.escapeXml(text);</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;73</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;74</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;}</pre></td></tr>
</table>
<div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 2.0.3 on 4/28/14 8:36 AM.</div>
</body>
</html>

50
dependency-check-core/xref-test/org/owasp/dependencycheck/BaseTest.html Normal file
View File

@@ -0,0 +1,50 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>BaseTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../testapidocs/org/owasp/dependencycheck/BaseTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * Copyright 2014 OWASP.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck;
<a class="jxr_linenumber" name="L17" href="#L17">17</a>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">import</strong> org.junit.AfterClass;
<a class="jxr_linenumber" name="L19" href="#L19">19</a> <strong class="jxr_keyword">import</strong> org.junit.BeforeClass;
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
<a class="jxr_linenumber" name="L21" href="#L21">21</a>
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../org/owasp/dependencycheck/BaseTest.html">BaseTest</a> {
<a class="jxr_linenumber" name="L27" href="#L27">27</a>
<a class="jxr_linenumber" name="L28" href="#L28">28</a> @BeforeClass
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> setUpClass() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L30" href="#L30">30</a> Settings.initialize();
<a class="jxr_linenumber" name="L31" href="#L31">31</a> }
<a class="jxr_linenumber" name="L32" href="#L32">32</a>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> @AfterClass
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> tearDownClass() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L35" href="#L35">35</a> Settings.cleanup();
<a class="jxr_linenumber" name="L36" href="#L36">36</a> }
<a class="jxr_linenumber" name="L37" href="#L37">37</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

301
dependency-check-core/xref-test/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIntegrationTest.html Normal file
View File

@@ -0,0 +1,301 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>ArchiveAnalyzerIntegrationTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../testapidocs/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIntegrationTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.analyzer;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> java.util.HashSet;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> java.util.Set;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertEquals;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertTrue;
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.AbstractDatabaseTestCase;
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
<a class="jxr_linenumber" name="L30" href="#L30">30</a>
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIntegrationTest.html">ArchiveAnalyzerIntegrationTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/AbstractDatabaseTestCase.html">AbstractDatabaseTestCase</a> {
<a class="jxr_linenumber" name="L36" href="#L36">36</a>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <em class="jxr_javadoccomment"> * Test of getSupportedExtensions method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L40" href="#L40">40</a> @Test
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetSupportedExtensions() {
<a class="jxr_linenumber" name="L42" href="#L42">42</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L43" href="#L43">43</a> Set expResult = <strong class="jxr_keyword">new</strong> HashSet&lt;String&gt;();
<a class="jxr_linenumber" name="L44" href="#L44">44</a> expResult.add(<span class="jxr_string">"zip"</span>);
<a class="jxr_linenumber" name="L45" href="#L45">45</a> expResult.add(<span class="jxr_string">"war"</span>);
<a class="jxr_linenumber" name="L46" href="#L46">46</a> expResult.add(<span class="jxr_string">"ear"</span>);
<a class="jxr_linenumber" name="L47" href="#L47">47</a> expResult.add(<span class="jxr_string">"jar"</span>);
<a class="jxr_linenumber" name="L48" href="#L48">48</a> expResult.add(<span class="jxr_string">"sar"</span>);
<a class="jxr_linenumber" name="L49" href="#L49">49</a> expResult.add(<span class="jxr_string">"apk"</span>);
<a class="jxr_linenumber" name="L50" href="#L50">50</a> expResult.add(<span class="jxr_string">"nupkg"</span>);
<a class="jxr_linenumber" name="L51" href="#L51">51</a> expResult.add(<span class="jxr_string">"tar"</span>);
<a class="jxr_linenumber" name="L52" href="#L52">52</a> expResult.add(<span class="jxr_string">"gz"</span>);
<a class="jxr_linenumber" name="L53" href="#L53">53</a> expResult.add(<span class="jxr_string">"tgz"</span>);
<a class="jxr_linenumber" name="L54" href="#L54">54</a> Set result = instance.getSupportedExtensions();
<a class="jxr_linenumber" name="L55" href="#L55">55</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L56" href="#L56">56</a> }
<a class="jxr_linenumber" name="L57" href="#L57">57</a>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <em class="jxr_javadoccomment"> * Test of getName method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> @Test
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetName() {
<a class="jxr_linenumber" name="L63" href="#L63">63</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L64" href="#L64">64</a> String expResult = <span class="jxr_string">"Archive Analyzer"</span>;
<a class="jxr_linenumber" name="L65" href="#L65">65</a> String result = instance.getName();
<a class="jxr_linenumber" name="L66" href="#L66">66</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L67" href="#L67">67</a> }
<a class="jxr_linenumber" name="L68" href="#L68">68</a>
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L70" href="#L70">70</a> <em class="jxr_javadoccomment"> * Test of supportsExtension method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> @Test
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testSupportsExtension() {
<a class="jxr_linenumber" name="L74" href="#L74">74</a> String extension = <span class="jxr_string">"7z"</span>; <em class="jxr_comment">//not supported</em>
<a class="jxr_linenumber" name="L75" href="#L75">75</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L76" href="#L76">76</a> <strong class="jxr_keyword">boolean</strong> expResult = false;
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <strong class="jxr_keyword">boolean</strong> result = instance.supportsExtension(extension);
<a class="jxr_linenumber" name="L78" href="#L78">78</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L79" href="#L79">79</a>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> extension = <span class="jxr_string">"war"</span>; <em class="jxr_comment">//supported</em>
<a class="jxr_linenumber" name="L81" href="#L81">81</a> expResult = <strong class="jxr_keyword">true</strong>;
<a class="jxr_linenumber" name="L82" href="#L82">82</a> result = instance.supportsExtension(extension);
<a class="jxr_linenumber" name="L83" href="#L83">83</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L84" href="#L84">84</a>
<a class="jxr_linenumber" name="L85" href="#L85">85</a> extension = <span class="jxr_string">"ear"</span>; <em class="jxr_comment">//supported</em>
<a class="jxr_linenumber" name="L86" href="#L86">86</a> result = instance.supportsExtension(extension);
<a class="jxr_linenumber" name="L87" href="#L87">87</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L88" href="#L88">88</a>
<a class="jxr_linenumber" name="L89" href="#L89">89</a> extension = <span class="jxr_string">"zip"</span>; <em class="jxr_comment">//supported</em>
<a class="jxr_linenumber" name="L90" href="#L90">90</a> result = instance.supportsExtension(extension);
<a class="jxr_linenumber" name="L91" href="#L91">91</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L92" href="#L92">92</a>
<a class="jxr_linenumber" name="L93" href="#L93">93</a> extension = <span class="jxr_string">"nupkg"</span>; <em class="jxr_comment">//supported</em>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> result = instance.supportsExtension(extension);
<a class="jxr_linenumber" name="L95" href="#L95">95</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L96" href="#L96">96</a> }
<a class="jxr_linenumber" name="L97" href="#L97">97</a>
<a class="jxr_linenumber" name="L98" href="#L98">98</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L99" href="#L99">99</a> <em class="jxr_javadoccomment"> * Test of getAnalysisPhase method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L100" href="#L100">100</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L101" href="#L101">101</a> @Test
<a class="jxr_linenumber" name="L102" href="#L102">102</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetAnalysisPhase() {
<a class="jxr_linenumber" name="L103" href="#L103">103</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L104" href="#L104">104</a> AnalysisPhase expResult = AnalysisPhase.INITIAL;
<a class="jxr_linenumber" name="L105" href="#L105">105</a> AnalysisPhase result = instance.getAnalysisPhase();
<a class="jxr_linenumber" name="L106" href="#L106">106</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L107" href="#L107">107</a> }
<a class="jxr_linenumber" name="L108" href="#L108">108</a>
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L110" href="#L110">110</a> <em class="jxr_javadoccomment"> * Test of initialize and close methods, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L111" href="#L111">111</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L112" href="#L112">112</a> @Test
<a class="jxr_linenumber" name="L113" href="#L113">113</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testInitialize() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L114" href="#L114">114</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L115" href="#L115">115</a> instance.initialize();
<a class="jxr_linenumber" name="L116" href="#L116">116</a>
<a class="jxr_linenumber" name="L117" href="#L117">117</a> instance.close();
<a class="jxr_linenumber" name="L118" href="#L118">118</a>
<a class="jxr_linenumber" name="L119" href="#L119">119</a> <em class="jxr_comment">//no exception means things worked.</em>
<a class="jxr_linenumber" name="L120" href="#L120">120</a> }
<a class="jxr_linenumber" name="L121" href="#L121">121</a>
<a class="jxr_linenumber" name="L122" href="#L122">122</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L123" href="#L123">123</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L124" href="#L124">124</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L125" href="#L125">125</a> @Test
<a class="jxr_linenumber" name="L126" href="#L126">126</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyze() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L127" href="#L127">127</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L128" href="#L128">128</a> <em class="jxr_comment">//trick the analyzer into thinking it is active.</em>
<a class="jxr_linenumber" name="L129" href="#L129">129</a> instance.supportsExtension(<span class="jxr_string">"ear"</span>);
<a class="jxr_linenumber" name="L130" href="#L130">130</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L131" href="#L131">131</a> instance.initialize();
<a class="jxr_linenumber" name="L132" href="#L132">132</a>
<a class="jxr_linenumber" name="L133" href="#L133">133</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"daytrader-ear-2.1.7.ear"</span>).getPath());
<a class="jxr_linenumber" name="L134" href="#L134">134</a> Dependency dependency = <strong class="jxr_keyword">new</strong> Dependency(file);
<a class="jxr_linenumber" name="L135" href="#L135">135</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L136" href="#L136">136</a> Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
<a class="jxr_linenumber" name="L137" href="#L137">137</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L138" href="#L138">138</a>
<a class="jxr_linenumber" name="L139" href="#L139">139</a> <strong class="jxr_keyword">int</strong> initial_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L140" href="#L140">140</a> instance.analyze(dependency, engine);
<a class="jxr_linenumber" name="L141" href="#L141">141</a> <strong class="jxr_keyword">int</strong> ending_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L142" href="#L142">142</a>
<a class="jxr_linenumber" name="L143" href="#L143">143</a> engine.cleanup();
<a class="jxr_linenumber" name="L144" href="#L144">144</a>
<a class="jxr_linenumber" name="L145" href="#L145">145</a> assertTrue(initial_size &lt; ending_size);
<a class="jxr_linenumber" name="L146" href="#L146">146</a>
<a class="jxr_linenumber" name="L147" href="#L147">147</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L148" href="#L148">148</a> instance.close();
<a class="jxr_linenumber" name="L149" href="#L149">149</a> }
<a class="jxr_linenumber" name="L150" href="#L150">150</a> }
<a class="jxr_linenumber" name="L151" href="#L151">151</a>
<a class="jxr_linenumber" name="L152" href="#L152">152</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L153" href="#L153">153</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L154" href="#L154">154</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L155" href="#L155">155</a> @Test
<a class="jxr_linenumber" name="L156" href="#L156">156</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyzeTar() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L157" href="#L157">157</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L158" href="#L158">158</a> <em class="jxr_comment">//trick the analyzer into thinking it is active so that it will initialize</em>
<a class="jxr_linenumber" name="L159" href="#L159">159</a> instance.supportsExtension(<span class="jxr_string">"tar"</span>);
<a class="jxr_linenumber" name="L160" href="#L160">160</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L161" href="#L161">161</a> instance.initialize();
<a class="jxr_linenumber" name="L162" href="#L162">162</a>
<a class="jxr_linenumber" name="L163" href="#L163">163</a> <em class="jxr_comment">//File file = new File(this.getClass().getClassLoader().getResource("file.tar").getPath());</em>
<a class="jxr_linenumber" name="L164" href="#L164">164</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"stagedhttp-modified.tar"</span>).getPath());
<a class="jxr_linenumber" name="L165" href="#L165">165</a> Dependency dependency = <strong class="jxr_keyword">new</strong> Dependency(file);
<a class="jxr_linenumber" name="L166" href="#L166">166</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L167" href="#L167">167</a> Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
<a class="jxr_linenumber" name="L168" href="#L168">168</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L169" href="#L169">169</a>
<a class="jxr_linenumber" name="L170" href="#L170">170</a> <strong class="jxr_keyword">int</strong> initial_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L171" href="#L171">171</a> instance.analyze(dependency, engine);
<a class="jxr_linenumber" name="L172" href="#L172">172</a> <strong class="jxr_keyword">int</strong> ending_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L173" href="#L173">173</a> engine.cleanup();
<a class="jxr_linenumber" name="L174" href="#L174">174</a>
<a class="jxr_linenumber" name="L175" href="#L175">175</a> assertTrue(initial_size &lt; ending_size);
<a class="jxr_linenumber" name="L176" href="#L176">176</a>
<a class="jxr_linenumber" name="L177" href="#L177">177</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L178" href="#L178">178</a> instance.close();
<a class="jxr_linenumber" name="L179" href="#L179">179</a> }
<a class="jxr_linenumber" name="L180" href="#L180">180</a> }
<a class="jxr_linenumber" name="L181" href="#L181">181</a>
<a class="jxr_linenumber" name="L182" href="#L182">182</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L183" href="#L183">183</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L184" href="#L184">184</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L185" href="#L185">185</a> @Test
<a class="jxr_linenumber" name="L186" href="#L186">186</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyzeTarGz() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L187" href="#L187">187</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L188" href="#L188">188</a> instance.supportsExtension(<span class="jxr_string">"zip"</span>); <em class="jxr_comment">//ensure analyzer is "enabled"</em>
<a class="jxr_linenumber" name="L189" href="#L189">189</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L190" href="#L190">190</a> instance.initialize();
<a class="jxr_linenumber" name="L191" href="#L191">191</a>
<a class="jxr_linenumber" name="L192" href="#L192">192</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"file.tar.gz"</span>).getPath());
<a class="jxr_linenumber" name="L193" href="#L193">193</a> <em class="jxr_comment">//Dependency dependency = new Dependency(file);</em>
<a class="jxr_linenumber" name="L194" href="#L194">194</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L195" href="#L195">195</a> Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
<a class="jxr_linenumber" name="L196" href="#L196">196</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L197" href="#L197">197</a>
<a class="jxr_linenumber" name="L198" href="#L198">198</a> <strong class="jxr_keyword">int</strong> initial_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L199" href="#L199">199</a> <em class="jxr_comment">//instance.analyze(dependency, engine);</em>
<a class="jxr_linenumber" name="L200" href="#L200">200</a> engine.scan(file);
<a class="jxr_linenumber" name="L201" href="#L201">201</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="L202" href="#L202">202</a> <strong class="jxr_keyword">int</strong> ending_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L203" href="#L203">203</a> engine.cleanup();
<a class="jxr_linenumber" name="L204" href="#L204">204</a> assertTrue(initial_size &lt; ending_size);
<a class="jxr_linenumber" name="L205" href="#L205">205</a>
<a class="jxr_linenumber" name="L206" href="#L206">206</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L207" href="#L207">207</a> instance.close();
<a class="jxr_linenumber" name="L208" href="#L208">208</a> }
<a class="jxr_linenumber" name="L209" href="#L209">209</a> }
<a class="jxr_linenumber" name="L210" href="#L210">210</a>
<a class="jxr_linenumber" name="L211" href="#L211">211</a> <em class="jxr_comment">// /**</em>
<a class="jxr_linenumber" name="L212" href="#L212">212</a> <em class="jxr_comment">// * Test of analyze method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L213" href="#L213">213</a> <em class="jxr_comment">// */</em>
<a class="jxr_linenumber" name="L214" href="#L214">214</a> <em class="jxr_comment">// @Test</em>
<a class="jxr_linenumber" name="L215" href="#L215">215</a> <em class="jxr_comment">// public void testNestedZipFolder() throws Exception {</em>
<a class="jxr_linenumber" name="L216" href="#L216">216</a> <em class="jxr_comment">// ArchiveAnalyzer instance = new ArchiveAnalyzer();</em>
<a class="jxr_linenumber" name="L217" href="#L217">217</a> <em class="jxr_comment">// try {</em>
<a class="jxr_linenumber" name="L218" href="#L218">218</a> <em class="jxr_comment">// instance.initialize();</em>
<a class="jxr_linenumber" name="L219" href="#L219">219</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L220" href="#L220">220</a> <em class="jxr_comment">// File file = new File(this.getClass().getClassLoader().getResource("nested.zip").getPath());</em>
<a class="jxr_linenumber" name="L221" href="#L221">221</a> <em class="jxr_comment">// Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);</em>
<a class="jxr_linenumber" name="L222" href="#L222">222</a> <em class="jxr_comment">// Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);</em>
<a class="jxr_linenumber" name="L223" href="#L223">223</a> <em class="jxr_comment">// Engine engine = new Engine();</em>
<a class="jxr_linenumber" name="L224" href="#L224">224</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L225" href="#L225">225</a> <em class="jxr_comment">// engine.scan(file);</em>
<a class="jxr_linenumber" name="L226" href="#L226">226</a> <em class="jxr_comment">// engine.analyzeDependencies();</em>
<a class="jxr_linenumber" name="L227" href="#L227">227</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L228" href="#L228">228</a> <em class="jxr_comment">// } finally {</em>
<a class="jxr_linenumber" name="L229" href="#L229">229</a> <em class="jxr_comment">// instance.close();</em>
<a class="jxr_linenumber" name="L230" href="#L230">230</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L231" href="#L231">231</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L232" href="#L232">232</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L233" href="#L233">233</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L234" href="#L234">234</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L235" href="#L235">235</a> @Test
<a class="jxr_linenumber" name="L236" href="#L236">236</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyzeTgz() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L237" href="#L237">237</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L238" href="#L238">238</a> instance.supportsExtension(<span class="jxr_string">"zip"</span>); <em class="jxr_comment">//ensure analyzer is "enabled"</em>
<a class="jxr_linenumber" name="L239" href="#L239">239</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L240" href="#L240">240</a> instance.initialize();
<a class="jxr_linenumber" name="L241" href="#L241">241</a>
<a class="jxr_linenumber" name="L242" href="#L242">242</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"file.tgz"</span>).getPath());
<a class="jxr_linenumber" name="L243" href="#L243">243</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L244" href="#L244">244</a> Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
<a class="jxr_linenumber" name="L245" href="#L245">245</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L246" href="#L246">246</a>
<a class="jxr_linenumber" name="L247" href="#L247">247</a> <strong class="jxr_keyword">int</strong> initial_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L248" href="#L248">248</a> engine.scan(file);
<a class="jxr_linenumber" name="L249" href="#L249">249</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="L250" href="#L250">250</a> <strong class="jxr_keyword">int</strong> ending_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L251" href="#L251">251</a> engine.cleanup();
<a class="jxr_linenumber" name="L252" href="#L252">252</a> assertTrue(initial_size &lt; ending_size);
<a class="jxr_linenumber" name="L253" href="#L253">253</a>
<a class="jxr_linenumber" name="L254" href="#L254">254</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L255" href="#L255">255</a> instance.close();
<a class="jxr_linenumber" name="L256" href="#L256">256</a> }
<a class="jxr_linenumber" name="L257" href="#L257">257</a> }
<a class="jxr_linenumber" name="L258" href="#L258">258</a>
<a class="jxr_linenumber" name="L259" href="#L259">259</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L260" href="#L260">260</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class ArchiveAnalyzer.</em>
<a class="jxr_linenumber" name="L261" href="#L261">261</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L262" href="#L262">262</a> @Test
<a class="jxr_linenumber" name="L263" href="#L263">263</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyze_badZip() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L264" href="#L264">264</a> ArchiveAnalyzer instance = <strong class="jxr_keyword">new</strong> ArchiveAnalyzer();
<a class="jxr_linenumber" name="L265" href="#L265">265</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L266" href="#L266">266</a> instance.initialize();
<a class="jxr_linenumber" name="L267" href="#L267">267</a>
<a class="jxr_linenumber" name="L268" href="#L268">268</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"test.zip"</span>).getPath());
<a class="jxr_linenumber" name="L269" href="#L269">269</a> Dependency dependency = <strong class="jxr_keyword">new</strong> Dependency(file);
<a class="jxr_linenumber" name="L270" href="#L270">270</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L271" href="#L271">271</a> Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
<a class="jxr_linenumber" name="L272" href="#L272">272</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L273" href="#L273">273</a> <strong class="jxr_keyword">int</strong> initial_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L274" href="#L274">274</a> <em class="jxr_comment">// boolean failed = false;</em>
<a class="jxr_linenumber" name="L275" href="#L275">275</a> <em class="jxr_comment">// try {</em>
<a class="jxr_linenumber" name="L276" href="#L276">276</a> instance.analyze(dependency, engine);
<a class="jxr_linenumber" name="L277" href="#L277">277</a> <em class="jxr_comment">// } catch (java.lang.UnsupportedClassVersionError ex) {</em>
<a class="jxr_linenumber" name="L278" href="#L278">278</a> <em class="jxr_comment">// failed = true;</em>
<a class="jxr_linenumber" name="L279" href="#L279">279</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L280" href="#L280">280</a> <em class="jxr_comment">// assertTrue(failed);</em>
<a class="jxr_linenumber" name="L281" href="#L281">281</a> <strong class="jxr_keyword">int</strong> ending_size = engine.getDependencies().size();
<a class="jxr_linenumber" name="L282" href="#L282">282</a> engine.cleanup();
<a class="jxr_linenumber" name="L283" href="#L283">283</a> assertEquals(initial_size, ending_size);
<a class="jxr_linenumber" name="L284" href="#L284">284</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L285" href="#L285">285</a> instance.close();
<a class="jxr_linenumber" name="L286" href="#L286">286</a> }
<a class="jxr_linenumber" name="L287" href="#L287">287</a> }
<a class="jxr_linenumber" name="L288" href="#L288">288</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

224
dependency-check-core/xref-test/org/owasp/dependencycheck/analyzer/CPEAnalyzerIntegrationTest.html Normal file
View File

@@ -0,0 +1,224 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>CPEAnalyzerIntegrationTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../testapidocs/org/owasp/dependencycheck/analyzer/CPEAnalyzerIntegrationTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.analyzer;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> java.io.IOException;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> java.util.HashSet;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> java.util.List;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> java.util.Set;
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.index.CorruptIndexException;
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">import</strong> org.apache.lucene.queryparser.classic.ParseException;
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">import</strong> org.junit.Assert;
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.AbstractDatabaseTestCase;
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.IndexEntry;
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Identifier;
<a class="jxr_linenumber" name="L33" href="#L33">33</a>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/CPEAnalyzerIntegrationTest.html">CPEAnalyzerIntegrationTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/AbstractDatabaseTestCase.html">AbstractDatabaseTestCase</a> {
<a class="jxr_linenumber" name="L39" href="#L39">39</a>
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <em class="jxr_javadoccomment"> * Tests of buildSearch of class CPEAnalyzer.</em>
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment"> * @throws IOException is thrown when an IO Exception occurs.</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> * @throws CorruptIndexException is thrown when the index is corrupt.</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> * @throws ParseException is thrown when a parse exception occurs</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> @Test
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testBuildSearch() <strong class="jxr_keyword">throws</strong> IOException, CorruptIndexException, ParseException {
<a class="jxr_linenumber" name="L49" href="#L49">49</a> Set&lt;String&gt; productWeightings = <strong class="jxr_keyword">new</strong> HashSet&lt;String&gt;(1);
<a class="jxr_linenumber" name="L50" href="#L50">50</a> productWeightings.add(<span class="jxr_string">"struts2"</span>);
<a class="jxr_linenumber" name="L51" href="#L51">51</a>
<a class="jxr_linenumber" name="L52" href="#L52">52</a> Set&lt;String&gt; vendorWeightings = <strong class="jxr_keyword">new</strong> HashSet&lt;String&gt;(1);
<a class="jxr_linenumber" name="L53" href="#L53">53</a> vendorWeightings.add(<span class="jxr_string">"apache"</span>);
<a class="jxr_linenumber" name="L54" href="#L54">54</a>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> String vendor = <span class="jxr_string">"apache software foundation"</span>;
<a class="jxr_linenumber" name="L56" href="#L56">56</a> String product = <span class="jxr_string">"struts 2 core"</span>;
<a class="jxr_linenumber" name="L57" href="#L57">57</a> String version = <span class="jxr_string">"2.1.2"</span>;
<a class="jxr_linenumber" name="L58" href="#L58">58</a> CPEAnalyzer instance = <strong class="jxr_keyword">new</strong> CPEAnalyzer();
<a class="jxr_linenumber" name="L59" href="#L59">59</a>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> String queryText = instance.buildSearch(vendor, product, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L61" href="#L61">61</a> String expResult = <span class="jxr_string">" product:( struts 2 core ) AND vendor:( apache software foundation ) "</span>;
<a class="jxr_linenumber" name="L62" href="#L62">62</a> Assert.assertTrue(expResult.equals(queryText));
<a class="jxr_linenumber" name="L63" href="#L63">63</a>
<a class="jxr_linenumber" name="L64" href="#L64">64</a> queryText = instance.buildSearch(vendor, product, <strong class="jxr_keyword">null</strong>, productWeightings);
<a class="jxr_linenumber" name="L65" href="#L65">65</a> expResult = <span class="jxr_string">" product:( struts^5 struts2^5 2 core ) AND vendor:( apache software foundation ) "</span>;
<a class="jxr_linenumber" name="L66" href="#L66">66</a> Assert.assertTrue(expResult.equals(queryText));
<a class="jxr_linenumber" name="L67" href="#L67">67</a>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> queryText = instance.buildSearch(vendor, product, vendorWeightings, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L69" href="#L69">69</a> expResult = <span class="jxr_string">" product:( struts 2 core ) AND vendor:( apache^5 software foundation ) "</span>;
<a class="jxr_linenumber" name="L70" href="#L70">70</a> Assert.assertTrue(expResult.equals(queryText));
<a class="jxr_linenumber" name="L71" href="#L71">71</a>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> queryText = instance.buildSearch(vendor, product, vendorWeightings, productWeightings);
<a class="jxr_linenumber" name="L73" href="#L73">73</a> expResult = <span class="jxr_string">" product:( struts^5 struts2^5 2 core ) AND vendor:( apache^5 software foundation ) "</span>;
<a class="jxr_linenumber" name="L74" href="#L74">74</a> Assert.assertTrue(expResult.equals(queryText));
<a class="jxr_linenumber" name="L75" href="#L75">75</a> }
<a class="jxr_linenumber" name="L76" href="#L76">76</a>
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L78" href="#L78">78</a> <em class="jxr_javadoccomment"> * Test of determineCPE method, of class CPEAnalyzer.</em>
<a class="jxr_linenumber" name="L79" href="#L79">79</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown when an exception occurs</em>
<a class="jxr_linenumber" name="L81" href="#L81">81</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L82" href="#L82">82</a> @Test
<a class="jxr_linenumber" name="L83" href="#L83">83</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testDetermineCPE_full() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L84" href="#L84">84</a> callDetermineCPE_full(<span class="jxr_string">"hazelcast-2.5.jar"</span>, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L85" href="#L85">85</a> callDetermineCPE_full(<span class="jxr_string">"spring-context-support-2.5.5.jar"</span>, <span class="jxr_string">"cpe:/a:vmware:springsource_spring_framework:2.5.5"</span>);
<a class="jxr_linenumber" name="L86" href="#L86">86</a> callDetermineCPE_full(<span class="jxr_string">"spring-core-3.0.0.RELEASE.jar"</span>, <span class="jxr_string">"cpe:/a:vmware:springsource_spring_framework:3.0.0"</span>);
<a class="jxr_linenumber" name="L87" href="#L87">87</a> callDetermineCPE_full(<span class="jxr_string">"org.mortbay.jetty.jar"</span>, <span class="jxr_string">"cpe:/a:mortbay_jetty:jetty:4.2"</span>);
<a class="jxr_linenumber" name="L88" href="#L88">88</a> callDetermineCPE_full(<span class="jxr_string">"jaxb-xercesImpl-1.5.jar"</span>, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L89" href="#L89">89</a> callDetermineCPE_full(<span class="jxr_string">"ehcache-core-2.2.0.jar"</span>, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L90" href="#L90">90</a> }
<a class="jxr_linenumber" name="L91" href="#L91">91</a>
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <em class="jxr_javadoccomment"> * Test of determineCPE method, of class CPEAnalyzer.</em>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L95" href="#L95">95</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown when an exception occurs</em>
<a class="jxr_linenumber" name="L96" href="#L96">96</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L97" href="#L97">97</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> callDetermineCPE_full(String depName, String expResult) <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L98" href="#L98">98</a>
<a class="jxr_linenumber" name="L99" href="#L99">99</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(depName).getPath());
<a class="jxr_linenumber" name="L100" href="#L100">100</a>
<a class="jxr_linenumber" name="L101" href="#L101">101</a> Dependency dep = <strong class="jxr_keyword">new</strong> Dependency(file);
<a class="jxr_linenumber" name="L102" href="#L102">102</a>
<a class="jxr_linenumber" name="L103" href="#L103">103</a> FileNameAnalyzer fnAnalyzer = <strong class="jxr_keyword">new</strong> FileNameAnalyzer();
<a class="jxr_linenumber" name="L104" href="#L104">104</a> fnAnalyzer.analyze(dep, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L105" href="#L105">105</a>
<a class="jxr_linenumber" name="L106" href="#L106">106</a> JarAnalyzer jarAnalyzer = <strong class="jxr_keyword">new</strong> JarAnalyzer();
<a class="jxr_linenumber" name="L107" href="#L107">107</a> jarAnalyzer.analyze(dep, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L108" href="#L108">108</a> HintAnalyzer hAnalyzer = <strong class="jxr_keyword">new</strong> HintAnalyzer();
<a class="jxr_linenumber" name="L109" href="#L109">109</a> hAnalyzer.analyze(dep, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L110" href="#L110">110</a>
<a class="jxr_linenumber" name="L111" href="#L111">111</a> CPEAnalyzer instance = <strong class="jxr_keyword">new</strong> CPEAnalyzer();
<a class="jxr_linenumber" name="L112" href="#L112">112</a> instance.open();
<a class="jxr_linenumber" name="L113" href="#L113">113</a> instance.analyze(dep, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L114" href="#L114">114</a> instance.close();
<a class="jxr_linenumber" name="L115" href="#L115">115</a> FalsePositiveAnalyzer fp = <strong class="jxr_keyword">new</strong> FalsePositiveAnalyzer();
<a class="jxr_linenumber" name="L116" href="#L116">116</a> fp.analyze(dep, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L117" href="#L117">117</a>
<a class="jxr_linenumber" name="L118" href="#L118">118</a> <em class="jxr_comment">// for (Identifier i : dep.getIdentifiers()) {</em>
<a class="jxr_linenumber" name="L119" href="#L119">119</a> <em class="jxr_comment">// System.out.println(i.getValue());</em>
<a class="jxr_linenumber" name="L120" href="#L120">120</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L121" href="#L121">121</a> <strong class="jxr_keyword">if</strong> (expResult != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="L122" href="#L122">122</a> Identifier expIdentifier = <strong class="jxr_keyword">new</strong> Identifier(<span class="jxr_string">"cpe"</span>, expResult, expResult);
<a class="jxr_linenumber" name="L123" href="#L123">123</a> Assert.assertTrue(<span class="jxr_string">"Incorrect match: { dep:'"</span> + dep.getFileName() + <span class="jxr_string">"' }"</span>, dep.getIdentifiers().contains(expIdentifier));
<a class="jxr_linenumber" name="L124" href="#L124">124</a> } <strong class="jxr_keyword">else</strong> <strong class="jxr_keyword">if</strong> (dep.getIdentifiers().isEmpty()) {
<a class="jxr_linenumber" name="L125" href="#L125">125</a> Assert.assertTrue(<span class="jxr_string">"Match found when an Identifier should not have been found: { dep:'"</span> + dep.getFileName() + <span class="jxr_string">"' }"</span>, dep.getIdentifiers().isEmpty());
<a class="jxr_linenumber" name="L126" href="#L126">126</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L127" href="#L127">127</a> Assert.assertTrue(<span class="jxr_string">"Match found when an Identifier should not have been found: { dep:'"</span> + dep.getFileName() + <span class="jxr_string">"', identifier:'"</span> + dep.getIdentifiers().iterator().next().getValue() + <span class="jxr_string">"' }"</span>, dep.getIdentifiers().isEmpty());
<a class="jxr_linenumber" name="L128" href="#L128">128</a> }
<a class="jxr_linenumber" name="L129" href="#L129">129</a> }
<a class="jxr_linenumber" name="L130" href="#L130">130</a>
<a class="jxr_linenumber" name="L131" href="#L131">131</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L132" href="#L132">132</a> <em class="jxr_javadoccomment"> * Test of determineCPE method, of class CPEAnalyzer.</em>
<a class="jxr_linenumber" name="L133" href="#L133">133</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L134" href="#L134">134</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown when an exception occurs</em>
<a class="jxr_linenumber" name="L135" href="#L135">135</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L136" href="#L136">136</a> @Test
<a class="jxr_linenumber" name="L137" href="#L137">137</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testDetermineCPE() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L138" href="#L138">138</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"struts2-core-2.1.2.jar"</span>).getPath());
<a class="jxr_linenumber" name="L139" href="#L139">139</a> <em class="jxr_comment">//File file = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());</em>
<a class="jxr_linenumber" name="L140" href="#L140">140</a> Dependency struts = <strong class="jxr_keyword">new</strong> Dependency(file);
<a class="jxr_linenumber" name="L141" href="#L141">141</a>
<a class="jxr_linenumber" name="L142" href="#L142">142</a> FileNameAnalyzer fnAnalyzer = <strong class="jxr_keyword">new</strong> FileNameAnalyzer();
<a class="jxr_linenumber" name="L143" href="#L143">143</a> fnAnalyzer.analyze(struts, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L144" href="#L144">144</a>
<a class="jxr_linenumber" name="L145" href="#L145">145</a> JarAnalyzer jarAnalyzer = <strong class="jxr_keyword">new</strong> JarAnalyzer();
<a class="jxr_linenumber" name="L146" href="#L146">146</a> jarAnalyzer.analyze(struts, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L147" href="#L147">147</a>
<a class="jxr_linenumber" name="L148" href="#L148">148</a> File fileCommonValidator = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"commons-validator-1.4.0.jar"</span>).getPath());
<a class="jxr_linenumber" name="L149" href="#L149">149</a> Dependency commonValidator = <strong class="jxr_keyword">new</strong> Dependency(fileCommonValidator);
<a class="jxr_linenumber" name="L150" href="#L150">150</a> jarAnalyzer.analyze(commonValidator, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L151" href="#L151">151</a>
<a class="jxr_linenumber" name="L152" href="#L152">152</a> File fileSpring = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"spring-core-2.5.5.jar"</span>).getPath());
<a class="jxr_linenumber" name="L153" href="#L153">153</a> Dependency spring = <strong class="jxr_keyword">new</strong> Dependency(fileSpring);
<a class="jxr_linenumber" name="L154" href="#L154">154</a> jarAnalyzer.analyze(spring, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L155" href="#L155">155</a>
<a class="jxr_linenumber" name="L156" href="#L156">156</a> File fileSpring3 = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"spring-core-3.0.0.RELEASE.jar"</span>).getPath());
<a class="jxr_linenumber" name="L157" href="#L157">157</a> Dependency spring3 = <strong class="jxr_keyword">new</strong> Dependency(fileSpring3);
<a class="jxr_linenumber" name="L158" href="#L158">158</a> jarAnalyzer.analyze(spring3, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="L159" href="#L159">159</a>
<a class="jxr_linenumber" name="L160" href="#L160">160</a> CPEAnalyzer instance = <strong class="jxr_keyword">new</strong> CPEAnalyzer();
<a class="jxr_linenumber" name="L161" href="#L161">161</a> instance.open();
<a class="jxr_linenumber" name="L162" href="#L162">162</a> instance.determineCPE(commonValidator);
<a class="jxr_linenumber" name="L163" href="#L163">163</a> instance.determineCPE(struts);
<a class="jxr_linenumber" name="L164" href="#L164">164</a> instance.determineCPE(spring);
<a class="jxr_linenumber" name="L165" href="#L165">165</a> instance.determineCPE(spring3);
<a class="jxr_linenumber" name="L166" href="#L166">166</a> instance.close();
<a class="jxr_linenumber" name="L167" href="#L167">167</a>
<a class="jxr_linenumber" name="L168" href="#L168">168</a> String expResult = <span class="jxr_string">"cpe:/a:apache:struts:2.1.2"</span>;
<a class="jxr_linenumber" name="L169" href="#L169">169</a> Identifier expIdentifier = <strong class="jxr_keyword">new</strong> Identifier(<span class="jxr_string">"cpe"</span>, expResult, expResult);
<a class="jxr_linenumber" name="L170" href="#L170">170</a> String expResultSpring = <span class="jxr_string">"cpe:/a:springsource:spring_framework:2.5.5"</span>;
<a class="jxr_linenumber" name="L171" href="#L171">171</a> String expResultSpring3 = <span class="jxr_string">"cpe:/a:vmware:springsource_spring_framework:3.0.0"</span>;
<a class="jxr_linenumber" name="L172" href="#L172">172</a>
<a class="jxr_linenumber" name="L173" href="#L173">173</a> Assert.assertTrue(<span class="jxr_string">"Apache Common Validator - found an identifier?"</span>, commonValidator.getIdentifiers().isEmpty());
<a class="jxr_linenumber" name="L174" href="#L174">174</a> Assert.assertTrue(<span class="jxr_string">"Incorrect match size - struts"</span>, struts.getIdentifiers().size() &gt;= 1);
<a class="jxr_linenumber" name="L175" href="#L175">175</a> Assert.assertTrue(<span class="jxr_string">"Incorrect match - struts"</span>, struts.getIdentifiers().contains(expIdentifier));
<a class="jxr_linenumber" name="L176" href="#L176">176</a> Assert.assertTrue(<span class="jxr_string">"Incorrect match size - spring3 - "</span> + spring3.getIdentifiers().size(), spring3.getIdentifiers().size() &gt;= 1);
<a class="jxr_linenumber" name="L177" href="#L177">177</a>
<a class="jxr_linenumber" name="L178" href="#L178">178</a> <em class="jxr_comment">//the following two only work if the HintAnalyzer is used.</em>
<a class="jxr_linenumber" name="L179" href="#L179">179</a> <em class="jxr_comment">//Assert.assertTrue("Incorrect match size - spring", spring.getIdentifiers().size() == 1);</em>
<a class="jxr_linenumber" name="L180" href="#L180">180</a> <em class="jxr_comment">//Assert.assertTrue("Incorrect match - spring", spring.getIdentifiers().get(0).getValue().equals(expResultSpring));</em>
<a class="jxr_linenumber" name="L181" href="#L181">181</a> }
<a class="jxr_linenumber" name="L182" href="#L182">182</a>
<a class="jxr_linenumber" name="L183" href="#L183">183</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L184" href="#L184">184</a> <em class="jxr_javadoccomment"> * Test of searchCPE method, of class CPEAnalyzer.</em>
<a class="jxr_linenumber" name="L185" href="#L185">185</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L186" href="#L186">186</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown when an exception occurs</em>
<a class="jxr_linenumber" name="L187" href="#L187">187</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L188" href="#L188">188</a> @Test
<a class="jxr_linenumber" name="L189" href="#L189">189</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testSearchCPE() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L190" href="#L190">190</a> String vendor = <span class="jxr_string">"apache software foundation"</span>;
<a class="jxr_linenumber" name="L191" href="#L191">191</a> String product = <span class="jxr_string">"struts 2 core"</span>;
<a class="jxr_linenumber" name="L192" href="#L192">192</a> String version = <span class="jxr_string">"2.1.2"</span>;
<a class="jxr_linenumber" name="L193" href="#L193">193</a> String expResult = <span class="jxr_string">"cpe:/a:apache:struts:2.1.2"</span>;
<a class="jxr_linenumber" name="L194" href="#L194">194</a>
<a class="jxr_linenumber" name="L195" href="#L195">195</a> CPEAnalyzer instance = <strong class="jxr_keyword">new</strong> CPEAnalyzer();
<a class="jxr_linenumber" name="L196" href="#L196">196</a> instance.open();
<a class="jxr_linenumber" name="L197" href="#L197">197</a>
<a class="jxr_linenumber" name="L198" href="#L198">198</a> <em class="jxr_comment">//TODO - yeah, not a very good test as the results are the same with or without weighting...</em>
<a class="jxr_linenumber" name="L199" href="#L199">199</a> Set&lt;String&gt; productWeightings = <strong class="jxr_keyword">new</strong> HashSet&lt;String&gt;(1);
<a class="jxr_linenumber" name="L200" href="#L200">200</a> productWeightings.add(<span class="jxr_string">"struts2"</span>);
<a class="jxr_linenumber" name="L201" href="#L201">201</a>
<a class="jxr_linenumber" name="L202" href="#L202">202</a> Set&lt;String&gt; vendorWeightings = <strong class="jxr_keyword">new</strong> HashSet&lt;String&gt;(1);
<a class="jxr_linenumber" name="L203" href="#L203">203</a> vendorWeightings.add(<span class="jxr_string">"apache"</span>);
<a class="jxr_linenumber" name="L204" href="#L204">204</a>
<a class="jxr_linenumber" name="L205" href="#L205">205</a> List&lt;IndexEntry&gt; result = instance.searchCPE(vendor, product, productWeightings, vendorWeightings);
<a class="jxr_linenumber" name="L206" href="#L206">206</a> <em class="jxr_comment">//TODO fix this assert</em>
<a class="jxr_linenumber" name="L207" href="#L207">207</a> <em class="jxr_comment">//Assert.assertEquals(expResult, result.get(0).getName());</em>
<a class="jxr_linenumber" name="L208" href="#L208">208</a>
<a class="jxr_linenumber" name="L209" href="#L209">209</a> instance.close();
<a class="jxr_linenumber" name="L210" href="#L210">210</a> }
<a class="jxr_linenumber" name="L211" href="#L211">211</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

127
dependency-check-core/xref-test/org/owasp/dependencycheck/analyzer/HintAnalyzerTest.html Normal file
View File

@@ -0,0 +1,127 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>HintAnalyzerTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../testapidocs/org/owasp/dependencycheck/analyzer/HintAnalyzerTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * Copyright 2014 OWASP.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.analyzer;
<a class="jxr_linenumber" name="L17" href="#L17">17</a>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="L19" href="#L19">19</a> <strong class="jxr_keyword">import</strong> java.util.Set;
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertEquals;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertFalse;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertTrue;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> org.junit.Before;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.BaseTest;
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Confidence;
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Evidence;
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
<a class="jxr_linenumber" name="L31" href="#L31">31</a>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/HintAnalyzerTest.html">HintAnalyzerTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/BaseTest.html">BaseTest</a> {
<a class="jxr_linenumber" name="L37" href="#L37">37</a>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> @Before
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setUp() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L40" href="#L40">40</a> org.owasp.dependencycheck.data.nvdcve.BaseDBTestCase.ensureDBExists();
<a class="jxr_linenumber" name="L41" href="#L41">41</a> }
<a class="jxr_linenumber" name="L42" href="#L42">42</a>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> * Test of getName method, of class HintAnalyzer.</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> @Test
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetName() {
<a class="jxr_linenumber" name="L48" href="#L48">48</a> HintAnalyzer instance = <strong class="jxr_keyword">new</strong> HintAnalyzer();
<a class="jxr_linenumber" name="L49" href="#L49">49</a> String expResult = <span class="jxr_string">"Hint Analyzer"</span>;
<a class="jxr_linenumber" name="L50" href="#L50">50</a> String result = instance.getName();
<a class="jxr_linenumber" name="L51" href="#L51">51</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L52" href="#L52">52</a> }
<a class="jxr_linenumber" name="L53" href="#L53">53</a>
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> <em class="jxr_javadoccomment"> * Test of getAnalysisPhase method, of class HintAnalyzer.</em>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> @Test
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetAnalysisPhase() {
<a class="jxr_linenumber" name="L59" href="#L59">59</a> HintAnalyzer instance = <strong class="jxr_keyword">new</strong> HintAnalyzer();
<a class="jxr_linenumber" name="L60" href="#L60">60</a> AnalysisPhase expResult = AnalysisPhase.PRE_IDENTIFIER_ANALYSIS;
<a class="jxr_linenumber" name="L61" href="#L61">61</a> AnalysisPhase result = instance.getAnalysisPhase();
<a class="jxr_linenumber" name="L62" href="#L62">62</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L63" href="#L63">63</a> }
<a class="jxr_linenumber" name="L64" href="#L64">64</a>
<a class="jxr_linenumber" name="L65" href="#L65">65</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L66" href="#L66">66</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class HintAnalyzer.</em>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> @Test
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyze() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L70" href="#L70">70</a> HintAnalyzer instance = <strong class="jxr_keyword">new</strong> HintAnalyzer();
<a class="jxr_linenumber" name="L71" href="#L71">71</a>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> File guice = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"guice-3.0.jar"</span>).getPath());
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <em class="jxr_comment">//Dependency guice = new Dependency(fileg);</em>
<a class="jxr_linenumber" name="L74" href="#L74">74</a> File spring = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"spring-core-3.0.0.RELEASE.jar"</span>).getPath());
<a class="jxr_linenumber" name="L75" href="#L75">75</a> <em class="jxr_comment">//Dependency spring = new Dependency(files);</em>
<a class="jxr_linenumber" name="L76" href="#L76">76</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L77" href="#L77">77</a> Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
<a class="jxr_linenumber" name="L78" href="#L78">78</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L79" href="#L79">79</a>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> engine.scan(guice);
<a class="jxr_linenumber" name="L81" href="#L81">81</a> engine.scan(spring);
<a class="jxr_linenumber" name="L82" href="#L82">82</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="L83" href="#L83">83</a> Dependency gdep = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L84" href="#L84">84</a> Dependency sdep = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <strong class="jxr_keyword">for</strong> (Dependency d : engine.getDependencies()) {
<a class="jxr_linenumber" name="L86" href="#L86">86</a> <strong class="jxr_keyword">if</strong> (d.getActualFile().equals(guice)) {
<a class="jxr_linenumber" name="L87" href="#L87">87</a> gdep = d;
<a class="jxr_linenumber" name="L88" href="#L88">88</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L89" href="#L89">89</a> sdep = d;
<a class="jxr_linenumber" name="L90" href="#L90">90</a> }
<a class="jxr_linenumber" name="L91" href="#L91">91</a> }
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <strong class="jxr_keyword">final</strong> Evidence springTest1 = <strong class="jxr_keyword">new</strong> Evidence(<span class="jxr_string">"hint analyzer"</span>, <span class="jxr_string">"product"</span>, <span class="jxr_string">"springsource_spring_framework"</span>, Confidence.HIGH);
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <strong class="jxr_keyword">final</strong> Evidence springTest2 = <strong class="jxr_keyword">new</strong> Evidence(<span class="jxr_string">"hint analyzer"</span>, <span class="jxr_string">"vendor"</span>, <span class="jxr_string">"SpringSource"</span>, Confidence.HIGH);
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <strong class="jxr_keyword">final</strong> Evidence springTest3 = <strong class="jxr_keyword">new</strong> Evidence(<span class="jxr_string">"hint analyzer"</span>, <span class="jxr_string">"vendor"</span>, <span class="jxr_string">"vmware"</span>, Confidence.HIGH);
<a class="jxr_linenumber" name="L95" href="#L95">95</a> <strong class="jxr_keyword">final</strong> Evidence springTest4 = <strong class="jxr_keyword">new</strong> Evidence(<span class="jxr_string">"hint analyzer"</span>, <span class="jxr_string">"product"</span>, <span class="jxr_string">"springsource_spring_framework"</span>, Confidence.HIGH);
<a class="jxr_linenumber" name="L96" href="#L96">96</a> <strong class="jxr_keyword">final</strong> Evidence springTest5 = <strong class="jxr_keyword">new</strong> Evidence(<span class="jxr_string">"hint analyzer"</span>, <span class="jxr_string">"vendor"</span>, <span class="jxr_string">"vmware"</span>, Confidence.HIGH);
<a class="jxr_linenumber" name="L97" href="#L97">97</a>
<a class="jxr_linenumber" name="L98" href="#L98">98</a> Set&lt;Evidence&gt; evidence = gdep.getEvidence().getEvidence();
<a class="jxr_linenumber" name="L99" href="#L99">99</a> assertFalse(evidence.contains(springTest1));
<a class="jxr_linenumber" name="L100" href="#L100">100</a> assertFalse(evidence.contains(springTest2));
<a class="jxr_linenumber" name="L101" href="#L101">101</a> assertFalse(evidence.contains(springTest3));
<a class="jxr_linenumber" name="L102" href="#L102">102</a> assertFalse(evidence.contains(springTest4));
<a class="jxr_linenumber" name="L103" href="#L103">103</a> assertFalse(evidence.contains(springTest5));
<a class="jxr_linenumber" name="L104" href="#L104">104</a>
<a class="jxr_linenumber" name="L105" href="#L105">105</a> evidence = sdep.getEvidence().getEvidence();
<a class="jxr_linenumber" name="L106" href="#L106">106</a> assertTrue(evidence.contains(springTest1));
<a class="jxr_linenumber" name="L107" href="#L107">107</a> assertTrue(evidence.contains(springTest2));
<a class="jxr_linenumber" name="L108" href="#L108">108</a> assertTrue(evidence.contains(springTest3));
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <em class="jxr_comment">//assertTrue(evidence.contains(springTest4));</em>
<a class="jxr_linenumber" name="L110" href="#L110">110</a> <em class="jxr_comment">//assertTrue(evidence.contains(springTest5));</em>
<a class="jxr_linenumber" name="L111" href="#L111">111</a>
<a class="jxr_linenumber" name="L112" href="#L112">112</a> }
<a class="jxr_linenumber" name="L113" href="#L113">113</a>
<a class="jxr_linenumber" name="L114" href="#L114">114</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

108
dependency-check-core/xref-test/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.html Normal file
View File

@@ -0,0 +1,108 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>VulnerabilitySuppressionAnalyzerIntegrationTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../testapidocs/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2014 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.analyzer;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertEquals;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertTrue;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.cpe.AbstractDatabaseTestCase;
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
<a class="jxr_linenumber" name="L28" href="#L28">28</a>
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <em class="jxr_javadoccomment"> * Testing the vulnerability suppression analyzer.</em>
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.html">VulnerabilitySuppressionAnalyzerIntegrationTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/data/cpe/AbstractDatabaseTestCase.html">AbstractDatabaseTestCase</a> {
<a class="jxr_linenumber" name="L35" href="#L35">35</a>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <em class="jxr_javadoccomment"> * Test of getName method, of class VulnerabilitySuppressionAnalyzer.</em>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L39" href="#L39">39</a> @Test
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetName() {
<a class="jxr_linenumber" name="L41" href="#L41">41</a> VulnerabilitySuppressionAnalyzer instance = <strong class="jxr_keyword">new</strong> VulnerabilitySuppressionAnalyzer();
<a class="jxr_linenumber" name="L42" href="#L42">42</a> String expResult = <span class="jxr_string">"Vulnerability Suppression Analyzer"</span>;
<a class="jxr_linenumber" name="L43" href="#L43">43</a> String result = instance.getName();
<a class="jxr_linenumber" name="L44" href="#L44">44</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L45" href="#L45">45</a> }
<a class="jxr_linenumber" name="L46" href="#L46">46</a>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> * Test of getAnalysisPhase method, of class VulnerabilitySuppressionAnalyzer.</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> @Test
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetAnalysisPhase() {
<a class="jxr_linenumber" name="L52" href="#L52">52</a> VulnerabilitySuppressionAnalyzer instance = <strong class="jxr_keyword">new</strong> VulnerabilitySuppressionAnalyzer();
<a class="jxr_linenumber" name="L53" href="#L53">53</a> AnalysisPhase expResult = AnalysisPhase.POST_FINDING_ANALYSIS;
<a class="jxr_linenumber" name="L54" href="#L54">54</a> AnalysisPhase result = instance.getAnalysisPhase();
<a class="jxr_linenumber" name="L55" href="#L55">55</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L56" href="#L56">56</a> }
<a class="jxr_linenumber" name="L57" href="#L57">57</a>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <em class="jxr_javadoccomment"> * Test of analyze method, of class VulnerabilitySuppressionAnalyzer.</em>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> @Test
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testAnalyze() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L63" href="#L63">63</a>
<a class="jxr_linenumber" name="L64" href="#L64">64</a> File file = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"FileHelpers.2.0.0.0.nupkg"</span>).getPath());
<a class="jxr_linenumber" name="L65" href="#L65">65</a> File suppression = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"FileHelpers.2.0.0.0.suppression.xml"</span>).getPath());
<a class="jxr_linenumber" name="L66" href="#L66">66</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L67" href="#L67">67</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L68" href="#L68">68</a> engine.scan(file);
<a class="jxr_linenumber" name="L69" href="#L69">69</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="L70" href="#L70">70</a> Dependency dependency = getDependency(engine, file);
<a class="jxr_linenumber" name="L71" href="#L71">71</a> assertTrue(dependency.getVulnerabilities().size() &gt; 0);
<a class="jxr_linenumber" name="L72" href="#L72">72</a> Settings.setString(Settings.KEYS.SUPPRESSION_FILE, suppression.getAbsolutePath());
<a class="jxr_linenumber" name="L73" href="#L73">73</a> VulnerabilitySuppressionAnalyzer instance = <strong class="jxr_keyword">new</strong> VulnerabilitySuppressionAnalyzer();
<a class="jxr_linenumber" name="L74" href="#L74">74</a> instance.initialize();
<a class="jxr_linenumber" name="L75" href="#L75">75</a> instance.analyze(dependency, engine);
<a class="jxr_linenumber" name="L76" href="#L76">76</a> assertTrue(dependency.getVulnerabilities().size() == 0);
<a class="jxr_linenumber" name="L77" href="#L77">77</a> engine.cleanup();
<a class="jxr_linenumber" name="L78" href="#L78">78</a> }
<a class="jxr_linenumber" name="L79" href="#L79">79</a>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L81" href="#L81">81</a> <em class="jxr_javadoccomment"> * Retrieves a specific dependency from the engine.</em>
<a class="jxr_linenumber" name="L82" href="#L82">82</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L83" href="#L83">83</a> <em class="jxr_javadoccomment"> * @param engine the engine</em>
<a class="jxr_linenumber" name="L84" href="#L84">84</a> <em class="jxr_javadoccomment"> * @param file the dependency to retrieve</em>
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <em class="jxr_javadoccomment"> * @return the dependency</em>
<a class="jxr_linenumber" name="L86" href="#L86">86</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L87" href="#L87">87</a> <strong class="jxr_keyword">private</strong> Dependency getDependency(Engine engine, File file) {
<a class="jxr_linenumber" name="L88" href="#L88">88</a> <strong class="jxr_keyword">for</strong> (Dependency d : engine.getDependencies()) {
<a class="jxr_linenumber" name="L89" href="#L89">89</a> <strong class="jxr_keyword">if</strong> (d.getFileName().equals(file.getName())) {
<a class="jxr_linenumber" name="L90" href="#L90">90</a> <strong class="jxr_keyword">return</strong> d;
<a class="jxr_linenumber" name="L91" href="#L91">91</a> }
<a class="jxr_linenumber" name="L92" href="#L92">92</a> }
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="L94" href="#L94">94</a> }
<a class="jxr_linenumber" name="L95" href="#L95">95</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

88
dependency-check-core/xref-test/org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.html Normal file
View File

@@ -0,0 +1,88 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>CveDBIntegrationTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../../testapidocs/org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.nvdcve;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.util.List;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> java.util.Set;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertTrue;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.VulnerableSoftware;
<a class="jxr_linenumber" name="L25" href="#L25">25</a>
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.html">CveDBIntegrationTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/BaseDBTestCase.html">BaseDBTestCase</a> {
<a class="jxr_linenumber" name="L31" href="#L31">31</a>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> * Pretty useless tests of open, commit, and close methods, of class CveDB.</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> @Test
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testOpen() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L37" href="#L37">37</a> CveDB instance = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L38" href="#L38">38</a> instance.open();
<a class="jxr_linenumber" name="L39" href="#L39">39</a> instance.commit();
<a class="jxr_linenumber" name="L40" href="#L40">40</a> instance.close();
<a class="jxr_linenumber" name="L41" href="#L41">41</a> }
<a class="jxr_linenumber" name="L42" href="#L42">42</a>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> * Test of getCPEs method, of class CveDB.</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> @Test
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetCPEs() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L48" href="#L48">48</a> CveDB instance = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L50" href="#L50">50</a> String vendor = <span class="jxr_string">"apache"</span>;
<a class="jxr_linenumber" name="L51" href="#L51">51</a> String product = <span class="jxr_string">"struts"</span>;
<a class="jxr_linenumber" name="L52" href="#L52">52</a> instance.open();
<a class="jxr_linenumber" name="L53" href="#L53">53</a> Set&lt;VulnerableSoftware&gt; result = instance.getCPEs(vendor, product);
<a class="jxr_linenumber" name="L54" href="#L54">54</a> assertTrue(result.size() &gt; 5);
<a class="jxr_linenumber" name="L55" href="#L55">55</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L56" href="#L56">56</a> instance.close();
<a class="jxr_linenumber" name="L57" href="#L57">57</a> }
<a class="jxr_linenumber" name="L58" href="#L58">58</a> }
<a class="jxr_linenumber" name="L59" href="#L59">59</a>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <em class="jxr_javadoccomment"> * Test of getVulnerabilities method, of class CveDB.</em>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L63" href="#L63">63</a> @Test
<a class="jxr_linenumber" name="L64" href="#L64">64</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetVulnerabilities() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L65" href="#L65">65</a> String cpeStr = <span class="jxr_string">"cpe:/a:apache:struts:2.1.2"</span>;
<a class="jxr_linenumber" name="L66" href="#L66">66</a> CveDB instance = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L68" href="#L68">68</a> instance.open();
<a class="jxr_linenumber" name="L69" href="#L69">69</a> List result = instance.getVulnerabilities(cpeStr);
<a class="jxr_linenumber" name="L70" href="#L70">70</a> assertTrue(result.size() &gt; 5);
<a class="jxr_linenumber" name="L71" href="#L71">71</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="L72" href="#L72">72</a> instance.close();
<a class="jxr_linenumber" name="L73" href="#L73">73</a> }
<a class="jxr_linenumber" name="L74" href="#L74">74</a> }
<a class="jxr_linenumber" name="L75" href="#L75">75</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

128
dependency-check-core/xref-test/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.html Normal file
View File

@@ -0,0 +1,128 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>DatabasePropertiesIntegrationTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../../testapidocs/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2013 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.data.nvdcve;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.util.Properties;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertEquals;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> <strong class="jxr_keyword">static</strong> org.junit.Assert.assertTrue;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.update.NvdCveInfo;
<a class="jxr_linenumber" name="L25" href="#L25">25</a>
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.html">DatabasePropertiesIntegrationTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../../org/owasp/dependencycheck/data/nvdcve/BaseDBTestCase.html">BaseDBTestCase</a> {
<a class="jxr_linenumber" name="L31" href="#L31">31</a>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> * Test of isEmpty method, of class DatabaseProperties.</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> @Test
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testIsEmpty() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L37" href="#L37">37</a> CveDB cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L38" href="#L38">38</a> cveDB.open();
<a class="jxr_linenumber" name="L39" href="#L39">39</a> DatabaseProperties instance = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <strong class="jxr_keyword">boolean</strong> expResult = false;
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <strong class="jxr_keyword">boolean</strong> result = instance.isEmpty();
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <em class="jxr_comment">//no exception means the call worked... whether or not it is empty depends on if the db is new</em>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_comment">//assertEquals(expResult, result);</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> cveDB.close();
<a class="jxr_linenumber" name="L45" href="#L45">45</a> }
<a class="jxr_linenumber" name="L46" href="#L46">46</a>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> * Test of save method, of class DatabaseProperties.</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> @Test
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testSave() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L52" href="#L52">52</a> NvdCveInfo updatedValue = <strong class="jxr_keyword">new</strong> NvdCveInfo();
<a class="jxr_linenumber" name="L53" href="#L53">53</a> String key = <span class="jxr_string">"test"</span>;
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <strong class="jxr_keyword">long</strong> expected = 1337;
<a class="jxr_linenumber" name="L55" href="#L55">55</a> updatedValue.setId(key);
<a class="jxr_linenumber" name="L56" href="#L56">56</a> updatedValue.setTimestamp(expected);
<a class="jxr_linenumber" name="L57" href="#L57">57</a> CveDB cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L58" href="#L58">58</a> cveDB.open();
<a class="jxr_linenumber" name="L59" href="#L59">59</a> DatabaseProperties instance = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L60" href="#L60">60</a> instance.save(updatedValue);
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <em class="jxr_comment">//reload the properties</em>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> cveDB.close();
<a class="jxr_linenumber" name="L63" href="#L63">63</a> cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L64" href="#L64">64</a> cveDB.open();
<a class="jxr_linenumber" name="L65" href="#L65">65</a> instance = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L66" href="#L66">66</a> cveDB.close();
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <strong class="jxr_keyword">long</strong> results = Long.parseLong(instance.getProperty(<span class="jxr_string">"NVD CVE "</span> + key));
<a class="jxr_linenumber" name="L68" href="#L68">68</a> assertEquals(expected, results);
<a class="jxr_linenumber" name="L69" href="#L69">69</a> }
<a class="jxr_linenumber" name="L70" href="#L70">70</a>
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> <em class="jxr_javadoccomment"> * Test of getProperty method, of class DatabaseProperties.</em>
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L74" href="#L74">74</a> @Test
<a class="jxr_linenumber" name="L75" href="#L75">75</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetProperty_String_String() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L76" href="#L76">76</a> String key = <span class="jxr_string">"doesn't exist"</span>;
<a class="jxr_linenumber" name="L77" href="#L77">77</a> String defaultValue = <span class="jxr_string">"default"</span>;
<a class="jxr_linenumber" name="L78" href="#L78">78</a> CveDB cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L79" href="#L79">79</a> cveDB.open();
<a class="jxr_linenumber" name="L80" href="#L80">80</a> DatabaseProperties instance = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L81" href="#L81">81</a> cveDB.close();
<a class="jxr_linenumber" name="L82" href="#L82">82</a> String expResult = <span class="jxr_string">"default"</span>;
<a class="jxr_linenumber" name="L83" href="#L83">83</a> String result = instance.getProperty(key, defaultValue);
<a class="jxr_linenumber" name="L84" href="#L84">84</a> assertEquals(expResult, result);
<a class="jxr_linenumber" name="L85" href="#L85">85</a> }
<a class="jxr_linenumber" name="L86" href="#L86">86</a>
<a class="jxr_linenumber" name="L87" href="#L87">87</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L88" href="#L88">88</a> <em class="jxr_javadoccomment"> * Test of getProperty method, of class DatabaseProperties.</em>
<a class="jxr_linenumber" name="L89" href="#L89">89</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L90" href="#L90">90</a> @Test
<a class="jxr_linenumber" name="L91" href="#L91">91</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetProperty_String() <strong class="jxr_keyword">throws</strong> DatabaseException {
<a class="jxr_linenumber" name="L92" href="#L92">92</a> String key = <span class="jxr_string">"version"</span>;
<a class="jxr_linenumber" name="L93" href="#L93">93</a> CveDB cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L94" href="#L94">94</a> cveDB.open();
<a class="jxr_linenumber" name="L95" href="#L95">95</a> DatabaseProperties instance = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L96" href="#L96">96</a> cveDB.close();
<a class="jxr_linenumber" name="L97" href="#L97">97</a> String result = instance.getProperty(key);
<a class="jxr_linenumber" name="L98" href="#L98">98</a> <strong class="jxr_keyword">double</strong> version = Double.parseDouble(result);
<a class="jxr_linenumber" name="L99" href="#L99">99</a> assertTrue(version &gt;= 2.8);
<a class="jxr_linenumber" name="L100" href="#L100">100</a> assertTrue(version &lt;= 10);
<a class="jxr_linenumber" name="L101" href="#L101">101</a> }
<a class="jxr_linenumber" name="L102" href="#L102">102</a>
<a class="jxr_linenumber" name="L103" href="#L103">103</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L104" href="#L104">104</a> <em class="jxr_javadoccomment"> * Test of getProperties method, of class DatabaseProperties.</em>
<a class="jxr_linenumber" name="L105" href="#L105">105</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L106" href="#L106">106</a> @Test
<a class="jxr_linenumber" name="L107" href="#L107">107</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGetProperties() <strong class="jxr_keyword">throws</strong> DatabaseException {
<a class="jxr_linenumber" name="L108" href="#L108">108</a> CveDB cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L109" href="#L109">109</a> cveDB.open();
<a class="jxr_linenumber" name="L110" href="#L110">110</a> DatabaseProperties instance = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L111" href="#L111">111</a> cveDB.close();
<a class="jxr_linenumber" name="L112" href="#L112">112</a> Properties result = instance.getProperties();
<a class="jxr_linenumber" name="L113" href="#L113">113</a> assertTrue(result.size() &gt; 0);
<a class="jxr_linenumber" name="L114" href="#L114">114</a> }
<a class="jxr_linenumber" name="L115" href="#L115">115</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

168
dependency-check-core/xref-test/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.html Normal file
View File

@@ -0,0 +1,168 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>ReportGeneratorIntegrationTest xref</title>
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../testapidocs/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.reporting;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> java.io.InputStream;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> javax.xml.XMLConstants;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> javax.xml.transform.stream.StreamSource;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> javax.xml.validation.Schema;
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <strong class="jxr_keyword">import</strong> javax.xml.validation.SchemaFactory;
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">import</strong> javax.xml.validation.Validator;
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">import</strong> org.junit.Before;
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <strong class="jxr_keyword">import</strong> org.junit.Test;
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.BaseTest;
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.CveDB;
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
<a class="jxr_linenumber" name="L34" href="#L34">34</a>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.html">ReportGeneratorIntegrationTest</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../org/owasp/dependencycheck/BaseTest.html">BaseTest</a> {
<a class="jxr_linenumber" name="L40" href="#L40">40</a>
<a class="jxr_linenumber" name="L41" href="#L41">41</a> @Before
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setUp() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L43" href="#L43">43</a> org.owasp.dependencycheck.data.nvdcve.BaseDBTestCase.ensureDBExists();
<a class="jxr_linenumber" name="L44" href="#L44">44</a> }
<a class="jxr_linenumber" name="L45" href="#L45">45</a>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment"> * Test of generateReport method, of class ReportGenerator.</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> * @throws Exception is thrown when an exception occurs.</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L51" href="#L51">51</a> @Test
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGenerateReport() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L53" href="#L53">53</a> String templateName = <span class="jxr_string">"HtmlReport"</span>;
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <em class="jxr_comment">// File f = new File("target/test-reports");</em>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> <em class="jxr_comment">// if (!f.exists()) {</em>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_comment">// f.mkdir();</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_comment">// String writeTo = "target/test-reports/Report.html";</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <em class="jxr_comment">// Map&lt;String, Object&gt; properties = new HashMap&lt;String, Object&gt;();</em>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <em class="jxr_comment">// Dependency d = new Dependency();</em>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <em class="jxr_comment">// d.setFileName("FileName.jar");</em>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <em class="jxr_comment">// d.setActualFilePath("lib/FileName.jar");</em>
<a class="jxr_linenumber" name="L63" href="#L63">63</a> <em class="jxr_comment">// d.addCPEentry("cpe://a:/some:cpe:1.0");</em>
<a class="jxr_linenumber" name="L64" href="#L64">64</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L65" href="#L65">65</a> <em class="jxr_comment">// List&lt;Dependency&gt; dependencies = new ArrayList&lt;Dependency&gt;();</em>
<a class="jxr_linenumber" name="L66" href="#L66">66</a> <em class="jxr_comment">// d.getProductEvidence().addEvidence("jar","filename","&lt;test&gt;test", Confidence.HIGH);</em>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <em class="jxr_comment">// d.getProductEvidence().addEvidence("manifest","vendor","&lt;test&gt;test", Confidence.HIGH);</em>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <em class="jxr_comment">// for (Evidence e : d.getProductEvidence().iterator(Confidence.HIGH)) {</em>
<a class="jxr_linenumber" name="L70" href="#L70">70</a> <em class="jxr_comment">// String t = e.getValue();</em>
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> <em class="jxr_comment">// dependencies.add(d);</em>
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L74" href="#L74">74</a> <em class="jxr_comment">// Dependency d2 = new Dependency();</em>
<a class="jxr_linenumber" name="L75" href="#L75">75</a> <em class="jxr_comment">// d2.setFileName("Another.jar");</em>
<a class="jxr_linenumber" name="L76" href="#L76">76</a> <em class="jxr_comment">// d2.setActualFilePath("lib/Another.jar");</em>
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <em class="jxr_comment">// d2.addCPEentry("cpe://a:/another:cpe:1.0");</em>
<a class="jxr_linenumber" name="L78" href="#L78">78</a> <em class="jxr_comment">// d2.addCPEentry("cpe://a:/another:cpe:1.1");</em>
<a class="jxr_linenumber" name="L79" href="#L79">79</a> <em class="jxr_comment">// d2.addCPEentry("cpe://a:/another:cpe:1.2");</em>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> <em class="jxr_comment">// d2.getProductEvidence().addEvidence("jar","filename","another.jar", Confidence.HIGH);</em>
<a class="jxr_linenumber" name="L81" href="#L81">81</a> <em class="jxr_comment">// d2.getProductEvidence().addEvidence("manifest","vendor","Company A", Confidence.MEDIUM);</em>
<a class="jxr_linenumber" name="L82" href="#L82">82</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L83" href="#L83">83</a> <em class="jxr_comment">// for (Evidence e : d2.getProductEvidence().iterator(Confidence.HIGH)) {</em>
<a class="jxr_linenumber" name="L84" href="#L84">84</a> <em class="jxr_comment">// String t = e.getValue();</em>
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L86" href="#L86">86</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L87" href="#L87">87</a> <em class="jxr_comment">// dependencies.add(d2);</em>
<a class="jxr_linenumber" name="L88" href="#L88">88</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L89" href="#L89">89</a> <em class="jxr_comment">// Dependency d3 = new Dependency();</em>
<a class="jxr_linenumber" name="L90" href="#L90">90</a> <em class="jxr_comment">// d3.setFileName("Third.jar");</em>
<a class="jxr_linenumber" name="L91" href="#L91">91</a> <em class="jxr_comment">// d3.setActualFilePath("lib/Third.jar");</em>
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <em class="jxr_comment">// d3.getProductEvidence().addEvidence("jar","filename","third.jar", Confidence.HIGH);</em>
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <em class="jxr_comment">// for (Evidence e : d3.getProductEvidence().iterator(Confidence.HIGH)) {</em>
<a class="jxr_linenumber" name="L95" href="#L95">95</a> <em class="jxr_comment">// String t = e.getValue();</em>
<a class="jxr_linenumber" name="L96" href="#L96">96</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="L97" href="#L97">97</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L98" href="#L98">98</a> <em class="jxr_comment">// dependencies.add(d3);</em>
<a class="jxr_linenumber" name="L99" href="#L99">99</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L100" href="#L100">100</a> <em class="jxr_comment">// properties.put("dependencies",dependencies);</em>
<a class="jxr_linenumber" name="L101" href="#L101">101</a> <em class="jxr_comment">//</em>
<a class="jxr_linenumber" name="L102" href="#L102">102</a> <em class="jxr_comment">// ReportGenerator instance = new ReportGenerator();</em>
<a class="jxr_linenumber" name="L103" href="#L103">103</a> <em class="jxr_comment">// instance.generateReport(templateName, writeTo, properties);</em>
<a class="jxr_linenumber" name="L104" href="#L104">104</a> <em class="jxr_comment">//assertTrue("need to add a real check here", false);</em>
<a class="jxr_linenumber" name="L105" href="#L105">105</a> }
<a class="jxr_linenumber" name="L106" href="#L106">106</a>
<a class="jxr_linenumber" name="L107" href="#L107">107</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L108" href="#L108">108</a> <em class="jxr_javadoccomment"> * Generates an XML report containing known vulnerabilities and realistic data and validates the generated XML</em>
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <em class="jxr_javadoccomment"> * document against the XSD.</em>
<a class="jxr_linenumber" name="L110" href="#L110">110</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L111" href="#L111">111</a> <em class="jxr_javadoccomment"> * @throws Exception</em>
<a class="jxr_linenumber" name="L112" href="#L112">112</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L113" href="#L113">113</a> @Test
<a class="jxr_linenumber" name="L114" href="#L114">114</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testGenerateXMLReport() <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L115" href="#L115">115</a> String templateName = <span class="jxr_string">"XmlReport"</span>;
<a class="jxr_linenumber" name="L116" href="#L116">116</a>
<a class="jxr_linenumber" name="L117" href="#L117">117</a> File f = <strong class="jxr_keyword">new</strong> File(<span class="jxr_string">"target/test-reports"</span>);
<a class="jxr_linenumber" name="L118" href="#L118">118</a> <strong class="jxr_keyword">if</strong> (!f.exists()) {
<a class="jxr_linenumber" name="L119" href="#L119">119</a> f.mkdir();
<a class="jxr_linenumber" name="L120" href="#L120">120</a> }
<a class="jxr_linenumber" name="L121" href="#L121">121</a> String writeTo = <span class="jxr_string">"target/test-reports/Report.xml"</span>;
<a class="jxr_linenumber" name="L122" href="#L122">122</a>
<a class="jxr_linenumber" name="L123" href="#L123">123</a> File struts = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"struts2-core-2.1.2.jar"</span>).getPath());
<a class="jxr_linenumber" name="L124" href="#L124">124</a> File axis = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"axis2-adb-1.4.1.jar"</span>).getPath());
<a class="jxr_linenumber" name="L125" href="#L125">125</a> File jetty = <strong class="jxr_keyword">new</strong> File(<strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResource(<span class="jxr_string">"org.mortbay.jetty.jar"</span>).getPath());
<a class="jxr_linenumber" name="L126" href="#L126">126</a>
<a class="jxr_linenumber" name="L127" href="#L127">127</a> <strong class="jxr_keyword">boolean</strong> autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
<a class="jxr_linenumber" name="L128" href="#L128">128</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
<a class="jxr_linenumber" name="L129" href="#L129">129</a> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="L130" href="#L130">130</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, autoUpdate);
<a class="jxr_linenumber" name="L131" href="#L131">131</a>
<a class="jxr_linenumber" name="L132" href="#L132">132</a> engine.scan(struts);
<a class="jxr_linenumber" name="L133" href="#L133">133</a> engine.scan(axis);
<a class="jxr_linenumber" name="L134" href="#L134">134</a> engine.scan(jetty);
<a class="jxr_linenumber" name="L135" href="#L135">135</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="L136" href="#L136">136</a>
<a class="jxr_linenumber" name="L137" href="#L137">137</a> CveDB cveDB = <strong class="jxr_keyword">new</strong> CveDB();
<a class="jxr_linenumber" name="L138" href="#L138">138</a> cveDB.open();
<a class="jxr_linenumber" name="L139" href="#L139">139</a> DatabaseProperties dbProp = cveDB.getDatabaseProperties();
<a class="jxr_linenumber" name="L140" href="#L140">140</a> cveDB.close();
<a class="jxr_linenumber" name="L141" href="#L141">141</a>
<a class="jxr_linenumber" name="L142" href="#L142">142</a> ReportGenerator generator = <strong class="jxr_keyword">new</strong> ReportGenerator(<span class="jxr_string">"Test Report"</span>, engine.getDependencies(), engine.getAnalyzers(), dbProp);
<a class="jxr_linenumber" name="L143" href="#L143">143</a> generator.generateReport(templateName, writeTo);
<a class="jxr_linenumber" name="L144" href="#L144">144</a>
<a class="jxr_linenumber" name="L145" href="#L145">145</a> engine.cleanup();
<a class="jxr_linenumber" name="L146" href="#L146">146</a>
<a class="jxr_linenumber" name="L147" href="#L147">147</a> InputStream xsdStream = ReportGenerator.<strong class="jxr_keyword">class</strong>.getClassLoader().getResourceAsStream(<span class="jxr_string">"schema/DependencyCheck.xsd"</span>);
<a class="jxr_linenumber" name="L148" href="#L148">148</a> StreamSource xsdSource = <strong class="jxr_keyword">new</strong> StreamSource(xsdStream);
<a class="jxr_linenumber" name="L149" href="#L149">149</a> StreamSource xmlSource = <strong class="jxr_keyword">new</strong> StreamSource(<strong class="jxr_keyword">new</strong> File(writeTo));
<a class="jxr_linenumber" name="L150" href="#L150">150</a> SchemaFactory sf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
<a class="jxr_linenumber" name="L151" href="#L151">151</a> Schema schema = sf.newSchema(xsdSource);
<a class="jxr_linenumber" name="L152" href="#L152">152</a> Validator validator = schema.newValidator();
<a class="jxr_linenumber" name="L153" href="#L153">153</a> validator.validate(xmlSource);
<a class="jxr_linenumber" name="L154" href="#L154">154</a> }
<a class="jxr_linenumber" name="L155" href="#L155">155</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

87
dependency-check-core/xref/org/owasp/dependencycheck/reporting/EscapeTool.html Normal file
View File

@@ -0,0 +1,87 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>EscapeTool xref</title>
<link type="text/css" rel="stylesheet" href="../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../apidocs/org/owasp/dependencycheck/reporting/EscapeTool.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * This file is part of dependency-check-core.</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * Licensed under the Apache License, Version 2.0 (the "License");</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * you may not use this file except in compliance with the License.</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2." target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.</a>0</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS,</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * See the License for the specific language governing permissions and</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * limitations under the License.</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * Copyright (c) 2014 Jeremy Long. All Rights Reserved.</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <strong class="jxr_keyword">package</strong> org.owasp.dependencycheck.reporting;
<a class="jxr_linenumber" name="L19" href="#L19">19</a>
<a class="jxr_linenumber" name="L20" href="#L20">20</a> <strong class="jxr_keyword">import</strong> java.io.UnsupportedEncodingException;
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> java.net.URLEncoder;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> org.apache.commons.lang.StringEscapeUtils;
<a class="jxr_linenumber" name="L25" href="#L25">25</a>
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <em class="jxr_javadoccomment"> * An extremely simple wrapper around various escape utils to perform URL and HTML encoding within the reports. This</em>
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <em class="jxr_javadoccomment"> * class was created to simplify the velocity configuration and avoid using the "built-in" escape tool.</em>
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <em class="jxr_javadoccomment"> * @author Jeremy Long &lt;jeremy.long@owasp.org&gt;</em>
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/reporting/EscapeTool.html">EscapeTool</a> {
<a class="jxr_linenumber" name="L33" href="#L33">33</a>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment"> * The logger.</em>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> Logger LOGGER = Logger.getLogger(EscapeTool.<strong class="jxr_keyword">class</strong>.getName());
<a class="jxr_linenumber" name="L38" href="#L38">38</a>
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <em class="jxr_javadoccomment"> * URL Encodes the provided text.</em>
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <em class="jxr_javadoccomment"> * @param text the text to encode</em>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment"> * @return the URL encoded text</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <strong class="jxr_keyword">public</strong> String url(String text) {
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <strong class="jxr_keyword">return</strong> URLEncoder.encode(text, <span class="jxr_string">"UTF-8"</span>);
<a class="jxr_linenumber" name="L48" href="#L48">48</a> } <strong class="jxr_keyword">catch</strong> (UnsupportedEncodingException ex) {
<a class="jxr_linenumber" name="L49" href="#L49">49</a> LOGGER.log(Level.WARNING, <span class="jxr_string">"UTF-8 is not supported?"</span>);
<a class="jxr_linenumber" name="L50" href="#L50">50</a> LOGGER.log(Level.INFO, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="L51" href="#L51">51</a> }
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <strong class="jxr_keyword">return</strong> <span class="jxr_string">""</span>;
<a class="jxr_linenumber" name="L53" href="#L53">53</a> }
<a class="jxr_linenumber" name="L54" href="#L54">54</a>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_javadoccomment"> * HTML Encodes the provided text.</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_javadoccomment"> * @param text the text to encode</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <em class="jxr_javadoccomment"> * @return the HTML encoded text</em>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <strong class="jxr_keyword">public</strong> String html(String text) {
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <strong class="jxr_keyword">return</strong> StringEscapeUtils.escapeHtml(text);
<a class="jxr_linenumber" name="L63" href="#L63">63</a> }
<a class="jxr_linenumber" name="L64" href="#L64">64</a>
<a class="jxr_linenumber" name="L65" href="#L65">65</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L66" href="#L66">66</a> <em class="jxr_javadoccomment"> * XML Encodes the provided text.</em>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> <em class="jxr_javadoccomment"> * @param text the text to encode</em>
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <em class="jxr_javadoccomment"> * @return the XML encoded text</em>
<a class="jxr_linenumber" name="L70" href="#L70">70</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <strong class="jxr_keyword">public</strong> String xml(String text) {
<a class="jxr_linenumber" name="L72" href="#L72">72</a> <strong class="jxr_keyword">return</strong> StringEscapeUtils.escapeXml(text);
<a class="jxr_linenumber" name="L73" href="#L73">73</a> }
<a class="jxr_linenumber" name="L74" href="#L74">74</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2012&#x2013;2014 <a href="http://www.owasp.org">OWASP</a>. All rights reserved.</div>
</body>
</html>

273
nexus-analyzer.html Normal file
View File

@@ -0,0 +1,273 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2014-04-28
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20140428" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - Nexus Analyzer</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:50px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<h2>dependency-check</h2>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Nexus Analyzer</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2014-04-28</li>
<li id="projectVersion" class="pull-right">
Version: 1.2.0
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Project Documentation</li>
<li>
<a href="project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
<li class="nav-header">General</li>
<li>
<a href="suppression.html" title="False Positives">
<i class="none"></i>
False Positives</a>
</li>
<li>
<a href="dependency-check.pptx" title="Project Presentation (pptx)">
<i class="none"></i>
Project Presentation (pptx)</a>
</li>
<li>
<a href="dependency-check.pdf" title="Project Presentation (pdf)">
<i class="none"></i>
Project Presentation (pdf)</a>
</li>
<li>
<a href="SampleReport.html" title="Sample Report">
<i class="none"></i>
Sample Report</a>
</li>
<li class="active">
<a href="#"><i class="none"></i>Nexus Analyzer</a>
</li>
<li class="nav-header">Modules</li>
<li>
<a href="dependency-check-core/index.html" title="dependency-check-core">
<i class="none"></i>
dependency-check-core</a>
</li>
<li>
<a href="dependency-check-cli/installation.html" title="dependency-check-cli">
<i class="none"></i>
dependency-check-cli</a>
</li>
<li>
<a href="dependency-check-ant/installation.html" title="dependency-check-ant">
<i class="none"></i>
dependency-check-ant</a>
</li>
<li>
<a href="dependency-check-maven/usage.html" title="dependency-check-maven">
<i class="none"></i>
dependency-check-maven</a>
</li>
<li>
<a href="dependency-check-jenkins/index.html" title="dependency-check-jenkins">
<i class="none"></i>
dependency-check-jenkins</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<h1>Nexus Analyzer</h1>
<p>Dependency Check includes an analyzer which will check for the Maven GAV (Group/Artifact/Version) information for artifacts in the scanned area. By default the information comes from <a class="externalLink" href="http://search.maven.org/" title="Maven Central">Maven Central</a>, but can be configured to use a local repository if necessary. If the artifact&#x2019;s hash is found in the configured Nexus repository, its GAV is recorded as an Identifier and the Group is collected as Vendor evidence, the Artifact is collected as Product evidence, and the Version is collected as Version evidence.</p>
<div class="section">
<h2>Default Configuration<a name="Default_Configuration"></a></h2>
<p>By default, the Nexus analyzer uses the <a class="externalLink" href="https://repository.sonatype.org/" title="Sonatype Nexus Repository">Sonatype Nexus Repository</a> to search for SHA-1 hashes of dependencies. If the proxy is configured for Dependency Check, that proxy is used in order to connect to the Nexus Central repository. So if you&#x2019;re using <tt>--proxyurl</tt> on the command-line, the <tt>proxyUrl</tt> setting in the Maven plugin, or the <tt>proxyUrl</tt> attribute in the Ant task, that proxy will be used by default. Also, the proxy port, user, and password configured globally are used as well.</p></div>
<div class="section">
<h2>Overriding Defaults<a name="Overriding_Defaults"></a></h2>
<p>If you have an internal Nexus repository you want to use, Dependency Check can be configured to use this repository rather than Sonatype. This needs to be a Nexus repository (support for Artifactory is planned). For a normal installation of Nexus, you would append <tt>/service/local/</tt> to the root of the URL to your Nexus repository. This URL can be set as:</p>
<ul>
<li><tt>analyzer.nexus.url</tt> in <tt>dependencycheck.properties</tt></li>
<li><tt>--nexus &lt;url&gt;</tt> in the CLI</li>
<li>The <tt>nexusUrl</tt> property in the Maven plugin</li>
<li>The <tt>nexusUrl</tt> attribute in the Ant task</li>
</ul>
<p>If this repository is internal and should not use the proxy, you can disable the proxy for just the Nexus analyzer. Setting this makes no difference if a proxy is not configured.</p>
<ul>
<li><tt>analyzer.nexus.proxy=false</tt> in <tt>dependencycheck.properties</tt></li>
<li><tt>--nexusUsesProxy false</tt> in the CLI</li>
<li>The <tt>nexusUsesProxy</tt> property in the Maven plugin</li>
<li>The <tt>nexusUsesProxy</tt> attribute in the Ant task</li>
</ul>
<p>Finally, the Nexus analyzer can be disabled altogether.</p>
<ul>
<li><tt>analyzer.nexus.enabled=false</tt> in <tt>dependencycheck.properties</tt></li>
<li><tt>--disableNexus</tt> in the CLI</li>
<li><tt>nexusAnalyzerEnabled</tt> property in the Maven plugin</li>
<li><tt>nexusAnalyzerEnabled</tt> attribute in the Ant task</li>
</ul></div>
<div class="section">
<h2>Logging<a name="Logging"></a></h2>
<p>You may see a log message similar to the following during analysis:</p>
<div class="source">
<pre>Mar 31, 2014 9:15:12 AM org.owasp.dependencycheck.analyzer.NexusAnalyzer initializeFileTypeAnalyzer
WARNING: There was an issue getting Nexus status. Disabling analyzer.
</pre></div>
<p>At the beginning of analysis, a check is made by the Nexus analyzer to see if it is able to reach the configured Nexus service, and if it cannot be reached, the analyzer will be disabled. If you see this message, you can use the configuration settings described above to resolve the issue, or disable the analyzer altogether.</p></div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2014
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>