View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.nvdcve;
19  
20  import java.util.List;
21  import java.util.Set;
22  import org.junit.After;
23  import org.junit.AfterClass;
24  import static org.junit.Assert.assertTrue;
25  import org.junit.Before;
26  import org.junit.BeforeClass;
27  import org.junit.Test;
28  import org.owasp.dependencycheck.BaseTest;
29  import org.owasp.dependencycheck.dependency.Vulnerability;
30  import org.owasp.dependencycheck.dependency.VulnerableSoftware;
31  import org.owasp.dependencycheck.utils.Settings;
32  
33  /**
34   *
35   * @author Jeremy Long
36   */
37  public class CveDBMySQLTest extends BaseTest {
38  
39      /**
40       * Pretty useless tests of open, commit, and close methods, of class CveDB.
41       */
42      @Test
43      public void testOpen() throws DatabaseException {
44          try {
45              CveDB instance = new CveDB();
46              instance.open();
47              instance.close();
48          } catch (DatabaseException ex) {
49              System.out.println("Unable to connect to the My SQL database; verify that the db server is running and that the schema has been generated");
50              throw ex;
51          }
52      }
53  
54      /**
55       * Test of getCPEs method, of class CveDB.
56       */
57      @Test
58      public void testGetCPEs() throws Exception {
59          CveDB instance = new CveDB();
60          try {
61              String vendor = "apache";
62              String product = "struts";
63              instance.open();
64              Set<VulnerableSoftware> result = instance.getCPEs(vendor, product);
65              assertTrue("Has data been loaded into the MySQL DB? if not consider using the CLI to populate it", result.size() > 5);
66          } catch (Exception ex) {
67              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
68              throw ex;
69          } finally {
70              instance.close();
71          }
72      }
73  
74      /**
75       * Test of getVulnerabilities method, of class CveDB.
76       */
77      @Test
78      public void testGetVulnerabilities() throws Exception {
79          String cpeStr = "cpe:/a:apache:struts:2.1.2";
80          CveDB instance = new CveDB();
81          try {
82              instance.open();
83              List<Vulnerability> result = instance.getVulnerabilities(cpeStr);
84              assertTrue(result.size() > 5);
85          } catch (Exception ex) {
86              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
87              throw ex;
88          } finally {
89              instance.close();
90          }
91      }
92  }