Coverage Report

Coverage Report - org.owasp.dependencycheck.data.nvdcve.DatabaseProperties

Classes in this File

Line Coverage

Branch Coverage

Complexity

DatabaseProperties

21%

7/32

0/12

1.875

 /*
  * This file is part of dependency-check-core.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.data.nvdcve;
 
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.Map;
 import java.util.Map.Entry;
 import java.util.Properties;
 import java.util.TreeMap;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.owasp.dependencycheck.data.update.NvdCveInfo;
 import org.owasp.dependencycheck.data.update.exception.UpdateException;
 
 /**
  * This is a wrapper around a set of properties that are stored in the database.
  *
  * @author Jeremy Long <jeremy.long@owasp.org>
  */
 public class DatabaseProperties {
 
     /**
      * The Logger.
      */
     private static final Logger LOGGER = Logger.getLogger(DatabaseProperties.class.getName());
     /**
      * Modified key word, used as a key to store information about the modified file (i.e. the containing the last 8
      * days of updates)..
      */
     public static final String MODIFIED = "Modified";
     /**
      * The properties file key for the last updated field - used to store the last updated time of the Modified NVD CVE
      * xml file.
      */
     public static final String LAST_UPDATED = "NVD CVE Modified";
     /**
      * Stores the last updated time for each of the NVD CVE files. These timestamps should be updated if we process the
      * modified file within 7 days of the last update.
      */
     public static final String LAST_UPDATED_BASE = "NVD CVE ";
     /**
      * A collection of properties about the data.
      */
     private Properties properties;
     /**
      * A reference to the database.
      */
     private CveDB cveDB;
 
     /**
      * Constructs a new data properties object.
      *
      * @param cveDB the database object holding the properties
      */
     DatabaseProperties(CveDB cveDB) {
         this.cveDB = cveDB;
         loadProperties();
     }
 
     /**
      * Loads the properties from the database.
      */
     private void loadProperties() {
         this.properties = cveDB.getProperties();
     }
 
     /**
      * Returns whether or not any properties are set.
      *
      * @return whether or not any properties are set
      */
     public boolean isEmpty() {
         return properties == null || properties.isEmpty();
     }
 
     /**
      * Writes a properties file containing the last updated date to the VULNERABLE_CPE directory.
      *
      * @param updatedValue the updated NVD CVE entry
      * @throws UpdateException is thrown if there is an update exception
      */
     public void save(NvdCveInfo updatedValue) throws UpdateException {
         if (updatedValue == null) {
             return;
         }
         properties.put(LAST_UPDATED_BASE + updatedValue.getId(), String.valueOf(updatedValue.getTimestamp()));
         cveDB.saveProperty(LAST_UPDATED_BASE + updatedValue.getId(), String.valueOf(updatedValue.getTimestamp()));
     }
 
     /**
      * Returns the property value for the given key. If the key is not contained in the underlying properties null is
      * returned.
      *
      * @param key the property key
      * @return the value of the property
      */
     public String getProperty(String key) {
         return properties.getProperty(key);
     }
 
     /**
      * Returns the property value for the given key. If the key is not contained in the underlying properties the
      * default value is returned.
      *
      * @param key the property key
      * @param defaultValue the default value
      * @return the value of the property
      */
     public String getProperty(String key, String defaultValue) {
         return properties.getProperty(key, defaultValue);
     }
 
     /**
      * Returns the collection of Database Properties as a properties collection.
      *
      * @return the collection of Database Properties
      */
     public Properties getProperties() {
         return properties;
     }
 
     /**
      * Returns a map of the meta data from the database properties. This primarily contains timestamps of when the NVD
      * CVE information was last updated.
      *
      * @return a map of the database meta data
      */
     public Map getMetaData() {
         final TreeMap map = new TreeMap();
         for (Entry<Object, Object> entry : properties.entrySet()) {
             final String key = (String) entry.getKey();
             if (!"version".equals(key)) {
                 if (key.startsWith("NVD CVE ")) {
                     try {
                         final long epoch = Long.parseLong((String) entry.getValue());
                         final Date date = new Date(epoch);
                         final DateFormat format = new SimpleDateFormat("dd/MM/yyyy HH:mm:ss");
                         final String formatted = format.format(date);
                         map.put(key, formatted);
                     } catch (Throwable ex) { //deliberately being broad in this catch clause
                         LOGGER.log(Level.FINE, "Unable to parse timestamp from DB", ex);
                         map.put(key, entry.getValue());
                     }
                 } else {
                     map.put(key, entry.getValue());
                 }
             }
         }
         return map;
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.data.nvdcve;
19
20		import java.text.DateFormat;
21		import java.text.SimpleDateFormat;
22		import java.util.Date;
23		import java.util.Map;
24		import java.util.Map.Entry;
25		import java.util.Properties;
26		import java.util.TreeMap;
27		import java.util.logging.Level;
28		import java.util.logging.Logger;
29		import org.owasp.dependencycheck.data.update.NvdCveInfo;
30		import org.owasp.dependencycheck.data.update.exception.UpdateException;
31
32		/**
33		* This is a wrapper around a set of properties that are stored in the database.
34		*
35		* @author Jeremy Long <jeremy.long@owasp.org>
36		*/
37		public class DatabaseProperties {
38
39		/**
40		* The Logger.
41		*/
42	1	private static final Logger LOGGER = Logger.getLogger(DatabaseProperties.class.getName());
43		/**
44		* Modified key word, used as a key to store information about the modified file (i.e. the containing the last 8
45		* days of updates)..
46		*/
47		public static final String MODIFIED = "Modified";
48		/**
49		* The properties file key for the last updated field - used to store the last updated time of the Modified NVD CVE
50		* xml file.
51		*/
52		public static final String LAST_UPDATED = "NVD CVE Modified";
53		/**
54		* Stores the last updated time for each of the NVD CVE files. These timestamps should be updated if we process the
55		* modified file within 7 days of the last update.
56		*/
57		public static final String LAST_UPDATED_BASE = "NVD CVE ";
58		/**
59		* A collection of properties about the data.
60		*/
61		private Properties properties;
62		/**
63		* A reference to the database.
64		*/
65		private CveDB cveDB;
66
67		/**
68		* Constructs a new data properties object.
69		*
70		* @param cveDB the database object holding the properties
71		*/
72	3	DatabaseProperties(CveDB cveDB) {
73	3	this.cveDB = cveDB;
74	3	loadProperties();
75	3	}
76
77		/**
78		* Loads the properties from the database.
79		*/
80		private void loadProperties() {
81	3	this.properties = cveDB.getProperties();
82	3	}
83
84		/**
85		* Returns whether or not any properties are set.
86		*
87		* @return whether or not any properties are set
88		*/
89		public boolean isEmpty() {
90	0	return properties == null \|\| properties.isEmpty();
91		}
92
93		/**
94		* Writes a properties file containing the last updated date to the VULNERABLE_CPE directory.
95		*
96		* @param updatedValue the updated NVD CVE entry
97		* @throws UpdateException is thrown if there is an update exception
98		*/
99		public void save(NvdCveInfo updatedValue) throws UpdateException {
100	0	if (updatedValue == null) {
101	0	return;
102		}
103	0	properties.put(LAST_UPDATED_BASE + updatedValue.getId(), String.valueOf(updatedValue.getTimestamp()));
104	0	cveDB.saveProperty(LAST_UPDATED_BASE + updatedValue.getId(), String.valueOf(updatedValue.getTimestamp()));
105	0	}
106
107		/**
108		* Returns the property value for the given key. If the key is not contained in the underlying properties null is
109		* returned.
110		*
111		* @param key the property key
112		* @return the value of the property
113		*/
114		public String getProperty(String key) {
115	0	return properties.getProperty(key);
116		}
117
118		/**
119		* Returns the property value for the given key. If the key is not contained in the underlying properties the
120		* default value is returned.
121		*
122		* @param key the property key
123		* @param defaultValue the default value
124		* @return the value of the property
125		*/
126		public String getProperty(String key, String defaultValue) {
127	0	return properties.getProperty(key, defaultValue);
128		}
129
130		/**
131		* Returns the collection of Database Properties as a properties collection.
132		*
133		* @return the collection of Database Properties
134		*/
135		public Properties getProperties() {
136		return properties;
137		}
138
139		/**
140		* Returns a map of the meta data from the database properties. This primarily contains timestamps of when the NVD
141		* CVE information was last updated.
142		*
143		* @return a map of the database meta data
144		*/
145		public Map getMetaData() {
146	0	final TreeMap map = new TreeMap();
147	0	for (Entry<Object, Object> entry : properties.entrySet()) {
148	0	final String key = (String) entry.getKey();
149	0	if (!"version".equals(key)) {
150	0	if (key.startsWith("NVD CVE ")) {
151		try {
152	0	final long epoch = Long.parseLong((String) entry.getValue());
153	0	final Date date = new Date(epoch);
154	0	final DateFormat format = new SimpleDateFormat("dd/MM/yyyy HH:mm:ss");
155	0	final String formatted = format.format(date);
156	0	map.put(key, formatted);
157	0	} catch (Throwable ex) { //deliberately being broad in this catch clause
158	0	LOGGER.log(Level.FINE, "Unable to parse timestamp from DB", ex);
159	0	map.put(key, entry.getValue());
160	0	}
161		} else {
162	0	map.put(key, entry.getValue());
163		}
164		}
165	0	}
166	0	return map;
167		}
168		}