View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.cwe;
19  
20  import org.slf4j.Logger;
21  import org.slf4j.LoggerFactory;
22  
23  import java.io.IOException;
24  import java.io.InputStream;
25  import java.io.ObjectInputStream;
26  import java.util.HashMap;
27  import java.util.Map;
28  
29  /**
30   *
31   * @author Jeremy Long
32   */
33  public final class CweDB {
34  
35      /**
36       * The Logger.
37       */
38      private static final Logger LOGGER = LoggerFactory.getLogger(CweDB.class);
39  
40      /**
41       * Empty private constructor as this is a utility class.
42       */
43      private CweDB() {
44          //empty
45      }
46      /**
47       * A HashMap of the CWE data.
48       */
49      private static final Map<String, String> CWE = loadData();
50  
51      /**
52       * Loads a HashMap containing the CWE data from a resource found in the jar.
53       *
54       * @return a HashMap of CWE data
55       */
56      private static Map<String, String> loadData() {
57          ObjectInputStream oin = null;
58          try {
59              final String filePath = "data/cwe.hashmap.serialized";
60              final InputStream input = CweDB.class.getClassLoader().getResourceAsStream(filePath);
61              oin = new ObjectInputStream(input);
62              @SuppressWarnings("unchecked")
63              final Map<String, String> ret = (HashMap<String, String>) oin.readObject();
64              return ret;
65          } catch (ClassNotFoundException ex) {
66              LOGGER.warn("Unable to load CWE data. This should not be an issue.");
67              LOGGER.debug("", ex);
68          } catch (IOException ex) {
69              LOGGER.warn("Unable to load CWE data due to an IO Error. This should not be an issue.");
70              LOGGER.debug("", ex);
71          } finally {
72              if (oin != null) {
73                  try {
74                      oin.close();
75                  } catch (IOException ex) {
76                      LOGGER.trace("", ex);
77                  }
78              }
79          }
80          return null;
81      }
82  
83      /**
84       * <p>
85       * Returns the full CWE name from the CWE ID.</p>
86       *
87       * @param cweId the CWE ID
88       * @return the full name of the CWE
89       */
90      public static String getCweName(String cweId) {
91          if (cweId != null) {
92              return CWE.get(cweId);
93          }
94          return null;
95      }
96  }