Coverage Report

Coverage Report - org.owasp.dependencycheck.data.update.DatabaseUpdater

Classes in this File

Line Coverage

Branch Coverage

Complexity

DatabaseUpdater

0/25

0/8

4.5

 /*
  * This file is part of dependency-check-core.
  *
  * Dependency-check-core is free software: you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the Free
  * Software Foundation, either version 3 of the License, or (at your option) any
  * later version.
  *
  * Dependency-check-core is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  * details.
  *
  * You should have received a copy of the GNU General Public License along with
  * dependency-check-core. If not, see http://www.gnu.org/licenses/.
  *
  * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.data.update;
 
 import java.io.File;
 import java.io.IOException;
 import org.owasp.dependencycheck.data.CachedWebDataSource;
 import java.net.MalformedURLException;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.owasp.dependencycheck.data.UpdateException;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 import org.owasp.dependencycheck.utils.FileUtils;
 import org.owasp.dependencycheck.utils.Settings;
 
 /**
  * Class responsible for updating the CPE and NVDCVE data stores.
  *
  * @author Jeremy Long (jeremy.long@owasp.org)
  */
 public class DatabaseUpdater implements CachedWebDataSource {
 
     /**
      * <p>Downloads the latest NVD CVE XML file from the web and imports it into
      * the current CVE Database.</p>
      *
      * @throws UpdateException is thrown if there is an error updating the
      * database
      */
     @Override
     public void update() throws UpdateException {
         try {
             final StandardUpdate task = new StandardUpdate();
             if (task.isUpdateNeeded()) {
                 if (task.shouldDeleteAndRecreate()) {
                     try {
                         deleteExistingData();
                     } catch (IOException ex) {
                         Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, "Unable to delete the existing data directory");
                         Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
                     }
                 }
                 task.update();
             }
         } catch (MalformedURLException ex) {
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
                     "NVD CVE properties files contain an invalid URL, unable to update the data to use the most current data.");
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
         } catch (DownloadFailedException ex) {
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
                     "Unable to download the NVD CVE data, unable to update the data to use the most current data.");
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
         }
     }
 
     /**
      * Deletes the existing data directories.
      *
      * @throws IOException thrown if the directory cannot be deleted
      */
     protected void deleteExistingData() throws IOException {
         File data = Settings.getDataFile(Settings.KEYS.CVE_DATA_DIRECTORY);
         if (data.exists()) {
             FileUtils.delete(data);
         }
         data = DataStoreMetaInfo.getPropertiesFile();
         if (data.exists()) {
             FileUtils.delete(data);
         }
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Dependency-check-core is free software: you can redistribute it and/or modify it
5		* under the terms of the GNU General Public License as published by the Free
6		* Software Foundation, either version 3 of the License, or (at your option) any
7		* later version.
8		*
9		* Dependency-check-core is distributed in the hope that it will be useful, but
10		* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11		* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
12		* details.
13		*
14		* You should have received a copy of the GNU General Public License along with
15		* dependency-check-core. If not, see http://www.gnu.org/licenses/.
16		*
17		* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
18		*/
19		package org.owasp.dependencycheck.data.update;
20
21		import java.io.File;
22		import java.io.IOException;
23		import org.owasp.dependencycheck.data.CachedWebDataSource;
24		import java.net.MalformedURLException;
25		import java.util.logging.Level;
26		import java.util.logging.Logger;
27		import org.owasp.dependencycheck.data.UpdateException;
28		import org.owasp.dependencycheck.utils.DownloadFailedException;
29		import org.owasp.dependencycheck.utils.FileUtils;
30		import org.owasp.dependencycheck.utils.Settings;
31
32		/**
33		* Class responsible for updating the CPE and NVDCVE data stores.
34		*
35		* @author Jeremy Long (jeremy.long@owasp.org)
36		*/
37	0	public class DatabaseUpdater implements CachedWebDataSource {
38
39		/**
40		* <p>Downloads the latest NVD CVE XML file from the web and imports it into
41		* the current CVE Database.</p>
42		*
43		* @throws UpdateException is thrown if there is an error updating the
44		* database
45		*/
46		@Override
47		public void update() throws UpdateException {
48		try {
49	0	final StandardUpdate task = new StandardUpdate();
50	0	if (task.isUpdateNeeded()) {
51	0	if (task.shouldDeleteAndRecreate()) {
52		try {
53	0	deleteExistingData();
54	0	} catch (IOException ex) {
55	0	Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, "Unable to delete the existing data directory");
56	0	Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
57	0	}
58		}
59	0	task.update();
60		}
61	0	} catch (MalformedURLException ex) {
62	0	Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
63		"NVD CVE properties files contain an invalid URL, unable to update the data to use the most current data.");
64	0	Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
65	0	} catch (DownloadFailedException ex) {
66	0	Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
67		"Unable to download the NVD CVE data, unable to update the data to use the most current data.");
68	0	Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
69	0	}
70	0	}
71
72		/**
73		* Deletes the existing data directories.
74		*
75		* @throws IOException thrown if the directory cannot be deleted
76		*/
77		protected void deleteExistingData() throws IOException {
78	0	File data = Settings.getDataFile(Settings.KEYS.CVE_DATA_DIRECTORY);
79	0	if (data.exists()) {
80	0	FileUtils.delete(data);
81		}
82	0	data = DataStoreMetaInfo.getPropertiesFile();
83	0	if (data.exists()) {
84	0	FileUtils.delete(data);
85		}
86	0	}
87		}