View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.nvdcve;
19  
20  import java.util.List;
21  import java.util.Set;
22  import org.junit.After;
23  import org.junit.AfterClass;
24  import static org.junit.Assert.assertTrue;
25  import org.junit.Before;
26  import org.junit.BeforeClass;
27  import org.junit.Test;
28  import org.owasp.dependencycheck.dependency.VulnerableSoftware;
29  
30  /**
31   *
32   * @author Jeremy Long
33   */
34  public class CveDBMySQLTest {
35  
36      @BeforeClass
37      public static void setUpClass() {
38      }
39  
40      @AfterClass
41      public static void tearDownClass() {
42      }
43  
44      @Before
45      public void setUp() throws Exception {
46      }
47  
48      @After
49      public void tearDown() throws Exception {
50      }
51  
52      /**
53       * Pretty useless tests of open, commit, and close methods, of class CveDB.
54       */
55      @Test
56      public void testOpen() throws DatabaseException {
57          try {
58              CveDB instance = new CveDB();
59              instance.open();
60              instance.close();
61          } catch (DatabaseException ex) {
62              System.out.println("Unable to connect to the My SQL database; verify that the db server is running and that the schema has been generated");
63              throw ex;
64          }
65      }
66  
67      /**
68       * Test of getCPEs method, of class CveDB.
69       */
70      @Test
71      public void testGetCPEs() throws Exception {
72          CveDB instance = new CveDB();
73          try {
74              String vendor = "apache";
75              String product = "struts";
76              instance.open();
77              Set<VulnerableSoftware> result = instance.getCPEs(vendor, product);
78              assertTrue("Has data been loaded into the MySQL DB? if not consider using the CLI to populate it", result.size() > 5);
79          } catch (Exception ex) {
80              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
81              throw ex;
82          } finally {
83              instance.close();
84          }
85      }
86  
87      /**
88       * Test of getVulnerabilities method, of class CveDB.
89       */
90      @Test
91      public void testGetVulnerabilities() throws Exception {
92          String cpeStr = "cpe:/a:apache:struts:2.1.2";
93          CveDB instance = new CveDB();
94          try {
95              instance.open();
96              List result = instance.getVulnerabilities(cpeStr);
97              assertTrue(result.size() > 5);
98          } catch (Exception ex) {
99              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
100             throw ex;
101         } finally {
102             instance.close();
103         }
104     }
105 }