1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package org.owasp.dependencycheck.dependency;
19
20 import org.junit.After;
21 import org.junit.AfterClass;
22 import static org.junit.Assert.assertEquals;
23 import static org.junit.Assert.assertTrue;
24 import static org.junit.Assert.assertFalse;
25 import org.junit.Before;
26 import org.junit.BeforeClass;
27 import org.junit.Test;
28 import org.owasp.dependencycheck.BaseTest;
29
30
31
32
33
34 public class VulnerableSoftwareTest extends BaseTest {
35
36
37
38
39 @Test
40 public void testEquals() {
41 VulnerableSoftware obj = new VulnerableSoftware();
42 obj.setCpe("cpe:/a:mortbay:jetty:6.1.0");
43 VulnerableSoftware instance = new VulnerableSoftware();
44 instance.setCpe("cpe:/a:mortbay:jetty:6.1");
45 assertFalse(instance.equals(obj));
46 }
47
48
49
50
51 @Test
52 public void testEquals2() {
53 VulnerableSoftware obj = new VulnerableSoftware();
54 obj.setCpe("cpe:/a:mortbay:jetty:6.1.0");
55 VulnerableSoftware instance = new VulnerableSoftware();
56 instance.setCpe("cpe:/a:mortbay:jetty:6.1.0");
57 obj.setPreviousVersion("1");
58 assertTrue(instance.equals(obj));
59 }
60
61
62
63
64 @Test
65 public void testHashCode() {
66 VulnerableSoftware instance = new VulnerableSoftware();
67 instance.setCpe("cpe:/a:mortbay:jetty:6.1");
68 int expResult = 1849413912;
69 int result = instance.hashCode();
70 assertEquals(expResult, result);
71 }
72
73
74
75
76 @Test
77 public void testCompareTo() {
78 VulnerableSoftware vs = new VulnerableSoftware();
79 vs.setCpe("cpe:/a:mortbay:jetty:6.1.0");
80 VulnerableSoftware instance = new VulnerableSoftware();
81 instance.setCpe("cpe:/a:mortbay:jetty:6.1");
82 int expResult = -2;
83 int result = instance.compareTo(vs);
84 assertEquals(expResult, result);
85
86 vs = new VulnerableSoftware();
87 vs.setCpe("cpe:/a:yahoo:toolbar:3.1.0.20130813024103");
88 instance = new VulnerableSoftware();
89 instance.setCpe("cpe:/a:yahoo:toolbar:3.1.0.20130813024104");
90 expResult = 1;
91 result = instance.compareTo(vs);
92 assertEquals(expResult, result);
93 }
94
95 @Test
96 public void testCompareToNonNumerical() {
97 VulnerableSoftware vs = new VulnerableSoftware();
98 vs.setCpe("cpe:/a:mysql:mysql:5.1.23a");
99 VulnerableSoftware vs1 = new VulnerableSoftware();
100 vs1.setCpe("cpe:/a:mysql:mysql:5.1.23a");
101 vs1.setPreviousVersion("1");
102 assertEquals(0, vs.compareTo(vs1));
103 assertEquals(0, vs1.compareTo(vs));
104 }
105
106 @Test
107 public void testCompareToComplex() {
108 VulnerableSoftware vs = new VulnerableSoftware();
109 VulnerableSoftware vs1 = new VulnerableSoftware();
110
111 vs.setCpe("2.1");
112 vs1.setCpe("2.1.10");
113 assertTrue(vs.compareTo(vs1) < 0);
114
115 vs.setCpe("cpe:/a:hp:system_management_homepage:2.1.1");
116 vs1.setCpe("cpe:/a:hp:system_management_homepage:2.1.10");
117 assertTrue(vs.compareTo(vs1) < 0);
118
119 vs.setCpe("10");
120 vs1.setCpe("10-186");
121 assertTrue(vs.compareTo(vs1) < 0);
122
123 vs.setCpe("2.1.10");
124 vs1.setCpe("2.1.10-186");
125 assertTrue(vs.compareTo(vs1) < 0);
126
127 vs.setCpe("cpe:/a:hp:system_management_homepage:2.1.10");
128 vs1.setCpe("cpe:/a:hp:system_management_homepage:2.1.10-186");
129 assertTrue(vs.compareTo(vs1) < 0);
130
131 }
132
133 @Test
134 public void testEqualsPreviousVersion() {
135 VulnerableSoftware vs = new VulnerableSoftware();
136 vs.setCpe("cpe:/a:mysql:mysql:5.1.23a");
137 VulnerableSoftware vs1 = new VulnerableSoftware();
138 vs1.setCpe("cpe:/a:mysql:mysql:5.1.23a");
139 vs1.setPreviousVersion("1");
140 assertEquals(vs, vs1);
141 assertEquals(vs1, vs);
142
143 }
144
145 @Test
146 public void testParseCPE() {
147 VulnerableSoftware vs = new VulnerableSoftware();
148
149 vs.setCpe("cpe:/a:mysql:mysql:5.1.23a");
150 assertEquals("mysql", vs.getVendor());
151 assertEquals("mysql", vs.getProduct());
152 assertEquals("5.1.23a", vs.getVersion());
153 }
154 }