View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.nvdcve;
19  
20  import java.util.List;
21  import java.util.Set;
22  
23  import static org.junit.Assert.assertTrue;
24  
25  import org.junit.Test;
26  import org.owasp.dependencycheck.BaseTest;
27  import org.owasp.dependencycheck.dependency.Vulnerability;
28  import org.owasp.dependencycheck.dependency.VulnerableSoftware;
29  
30  /**
31   *
32   * @author Jeremy Long
33   */
34  public class CveDBMySQLTest extends BaseTest {
35  
36      /**
37       * Pretty useless tests of open, commit, and close methods, of class CveDB.
38       */
39      @Test
40      public void testOpen() throws DatabaseException {
41          try {
42              CveDB instance = new CveDB();
43              instance.open();
44              instance.close();
45          } catch (DatabaseException ex) {
46              System.out.println("Unable to connect to the My SQL database; verify that the db server is running and that the schema has been generated");
47              throw ex;
48          }
49      }
50  
51      /**
52       * Test of getCPEs method, of class CveDB.
53       */
54      @Test
55      public void testGetCPEs() throws Exception {
56          CveDB instance = new CveDB();
57          try {
58              String vendor = "apache";
59              String product = "struts";
60              instance.open();
61              Set<VulnerableSoftware> result = instance.getCPEs(vendor, product);
62              assertTrue("Has data been loaded into the MySQL DB? if not consider using the CLI to populate it", result.size() > 5);
63          } catch (Exception ex) {
64              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
65              throw ex;
66          } finally {
67              instance.close();
68          }
69      }
70  
71      /**
72       * Test of getVulnerabilities method, of class CveDB.
73       */
74      @Test
75      public void testGetVulnerabilities() throws Exception {
76          String cpeStr = "cpe:/a:apache:struts:2.1.2";
77          CveDB instance = new CveDB();
78          try {
79              instance.open();
80              List<Vulnerability> result = instance.getVulnerabilities(cpeStr);
81              assertTrue(result.size() > 5);
82          } catch (Exception ex) {
83              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
84              throw ex;
85          } finally {
86              instance.close();
87          }
88      }
89  }