View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2015 Institute for Defense Analyses. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.analyzer;
19  
20  import org.junit.After;
21  import org.junit.Before;
22  import org.junit.Test;
23  import org.owasp.dependencycheck.BaseTest;
24  import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
25  import org.owasp.dependencycheck.dependency.Dependency;
26  
27  import java.io.File;
28  
29  import static org.junit.Assert.assertEquals;
30  import static org.junit.Assert.assertTrue;
31  
32  /**
33   * Unit tests for AutoconfAnalyzer. The test resources under autoconf/ were obtained from outside open source software projects.
34   * Links to those projects are given below.
35   *
36   * @author Dale Visser
37   * @see <a href="http://readable.sourceforge.net/">Readable Lisp S-expressions Project</a>
38   * @see <a href="https://gnu.org/software/binutils/">GNU Binutils</a>
39   * @see <a href="https://gnu.org/software/ghostscript/">GNU Ghostscript</a>
40   */
41  public class AutoconfAnalyzerTest extends BaseTest {
42  
43      /**
44       * The analyzer to test.
45       */
46      AutoconfAnalyzer analyzer;
47  
48      private void assertCommonEvidence(Dependency result, String product,
49              String version, String vendor) {
50          assertProductAndVersion(result, product, version);
51          assertTrue("Expected vendor evidence to contain \"" + vendor + "\".",
52                  result.getVendorEvidence().toString().contains(vendor));
53      }
54  
55      private void assertProductAndVersion(Dependency result, String product,
56              String version) {
57          assertTrue("Expected product evidence to contain \"" + product + "\".",
58                  result.getProductEvidence().toString().contains(product));
59          assertTrue("Expected version evidence to contain \"" + version + "\".",
60                  result.getVersionEvidence().toString().contains(version));
61      }
62  
63      /**
64       * Correctly setup the analyzer for testing.
65       *
66       * @throws Exception thrown if there is a problem
67       */
68      @Before
69      public void setUp() throws Exception {
70          analyzer = new AutoconfAnalyzer();
71          analyzer.setFilesMatched(true);
72          analyzer.initialize();
73      }
74  
75      /**
76       * Cleanup the analyzer's temp files, etc.
77       *
78       * @throws Exception thrown if there is a problem
79       */
80      @After
81      public void tearDown() throws Exception {
82          analyzer.close();
83          analyzer = null;
84      }
85  
86      /**
87       * Test whether expected evidence is gathered from Ghostscript's configure.ac.
88       *
89       * @throws AnalysisException is thrown when an exception occurs.
90       */
91      @Test
92      public void testAnalyzeConfigureAC1() throws AnalysisException {
93          final Dependency result = new Dependency(BaseTest.getResourceAsFile(
94                  this, "autoconf/ghostscript/configure.ac"));
95          analyzer.analyze(result, null);
96          assertCommonEvidence(result, "ghostscript", "8.62.0", "gnu");
97      }
98  
99      /**
100      * Test whether expected evidence is gathered from Readable's configure.ac.
101      *
102      * @throws AnalysisException is thrown when an exception occurs.
103      */
104     @Test
105     public void testAnalyzeConfigureAC2() throws AnalysisException {
106         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
107                 this, "autoconf/readable-code/configure.ac"));
108         analyzer.analyze(result, null);
109         assertReadableCodeEvidence(result);
110     }
111 
112     private void assertReadableCodeEvidence(final Dependency result) {
113         assertCommonEvidence(result, "readable", "1.0.7", "dwheeler");
114         final String url = "http://readable.sourceforge.net/";
115         assertTrue("Expected product evidence to contain \"" + url + "\".",
116                 result.getVendorEvidence().toString().contains(url));
117     }
118 
119     /**
120      * Test whether expected evidence is gathered from GNU Binutil's configure.
121      *
122      * @throws AnalysisException is thrown when an exception occurs.
123      */
124     @Test
125     public void testAnalyzeConfigureScript() throws AnalysisException {
126         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
127                 this, "autoconf/binutils/configure"));
128         analyzer.analyze(result, null);
129         assertProductAndVersion(result, "binutils", "2.25.51");
130     }
131 
132     /**
133      * Test whether expected evidence is gathered from GNU Ghostscript's configure.
134      *
135      * @throws AnalysisException is thrown when an exception occurs.
136      */
137     @Test
138     public void testAnalyzeReadableConfigureScript() throws AnalysisException {
139         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
140                 this, "autoconf/readable-code/configure"));
141         analyzer.analyze(result, null);
142         assertReadableCodeEvidence(result);
143     }
144 
145     /**
146      * Test of getName method, of {@link AutoconfAnalyzer}.
147      */
148     @Test
149     public void testGetName() {
150         assertEquals("Analyzer name wrong.", "Autoconf Analyzer",
151                 analyzer.getName());
152     }
153 
154     /**
155      * Test of {@link AutoconfAnalyzer#accept(File)}.
156      */
157     @Test
158     public void testSupportsFileExtension() {
159         assertTrue("Should support \"ac\" extension.",
160                 analyzer.accept(new File("configure.ac")));
161         assertTrue("Should support \"in\" extension.",
162                 analyzer.accept(new File("configure.in")));
163         assertTrue("Should support \"configure\" extension.",
164                 analyzer.accept(new File("configure")));
165     }
166 }