Coverage Report

Coverage Report - org.owasp.dependencycheck.suppression.SuppressionParser

Classes in this File

Line Coverage

Branch Coverage

Complexity

SuppressionParser

58%

17/29

N/A

 /*
  * This file is part of dependency-check-core.
  *
  * Dependency-check-core is free software: you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the Free
  * Software Foundation, either version 3 of the License, or (at your option) any
  * later version.
  *
  * Dependency-check-core is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  * details.
  *
  * You should have received a copy of the GNU General Public License along with
  * dependency-check-core. If not, see http://www.gnu.org/licenses/.
  *
  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.suppression;
 
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParser;
 import javax.xml.parsers.SAXParserFactory;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 import org.xml.sax.XMLReader;
 
 /**
  * A simple validating parser for XML Suppression Rules.
  *
  * @author Jeremy Long (jeremy.long@owasp.org)
  */
 public class SuppressionParser {
 
     /**
      * JAXP Schema Language. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
     /**
      * W3C XML Schema. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
     /**
      * JAXP Schema Source. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String JAXP_SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";
 
     /**
      * Parses the given xml file and returns a list of the suppression rules
      * contained.
      *
      * @param file an xml file containing suppression rules
      * @return a list of suppression rules
      * @throws SuppressionParseException thrown if the xml file cannot be parsed
      */
     public List<SuppressionRule> parseSuppressionRules(File file) throws SuppressionParseException {
         try {
             final InputStream schemaStream = this.getClass().getClassLoader().getResourceAsStream("schema/suppression.xsd");
             final SuppressionHandler handler = new SuppressionHandler();
 
             final SAXParserFactory factory = SAXParserFactory.newInstance();
             factory.setNamespaceAware(true);
             factory.setValidating(true);
             final SAXParser saxParser = factory.newSAXParser();
             saxParser.setProperty(SuppressionParser.JAXP_SCHEMA_LANGUAGE, SuppressionParser.W3C_XML_SCHEMA);
             saxParser.setProperty(SuppressionParser.JAXP_SCHEMA_SOURCE, new InputSource(schemaStream));
             final XMLReader xmlReader = saxParser.getXMLReader();
             xmlReader.setErrorHandler(new SuppressionErrorHandler());
             xmlReader.setContentHandler(handler);
 
             final InputStream inputStream = new FileInputStream(file);
             final Reader reader = new InputStreamReader(inputStream, "UTF-8");
             final InputSource in = new InputSource(reader);
             //in.setEncoding("UTF-8");
 
             xmlReader.parse(in);
 
 
             return handler.getSupressionRules();
         } catch (ParserConfigurationException ex) {
             Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
             throw new SuppressionParseException(ex);
         } catch (SAXException ex) {
             Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
             throw new SuppressionParseException(ex);
         } catch (FileNotFoundException ex) {
             Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
             throw new SuppressionParseException(ex);
         } catch (IOException ex) {
             Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
             throw new SuppressionParseException(ex);
         }
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Dependency-check-core is free software: you can redistribute it and/or modify it
5		* under the terms of the GNU General Public License as published by the Free
6		* Software Foundation, either version 3 of the License, or (at your option) any
7		* later version.
8		*
9		* Dependency-check-core is distributed in the hope that it will be useful, but
10		* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11		* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
12		* details.
13		*
14		* You should have received a copy of the GNU General Public License along with
15		* dependency-check-core. If not, see http://www.gnu.org/licenses/.
16		*
17		* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
18		*/
19		package org.owasp.dependencycheck.suppression;
20
21		import java.io.File;
22		import java.io.FileInputStream;
23		import java.io.FileNotFoundException;
24		import java.io.IOException;
25		import java.io.InputStream;
26		import java.io.InputStreamReader;
27		import java.io.Reader;
28		import java.util.List;
29		import java.util.logging.Level;
30		import java.util.logging.Logger;
31		import javax.xml.parsers.ParserConfigurationException;
32		import javax.xml.parsers.SAXParser;
33		import javax.xml.parsers.SAXParserFactory;
34		import org.xml.sax.InputSource;
35		import org.xml.sax.SAXException;
36		import org.xml.sax.XMLReader;
37
38		/**
39		* A simple validating parser for XML Suppression Rules.
40		*
41		* @author Jeremy Long (jeremy.long@owasp.org)
42		*/
43	1	public class SuppressionParser {
44
45		/**
46		* JAXP Schema Language. Source:
47		* http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
48		*/
49		public static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
50		/**
51		* W3C XML Schema. Source:
52		* http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
53		*/
54		public static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
55		/**
56		* JAXP Schema Source. Source:
57		* http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
58		*/
59		public static final String JAXP_SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";
60
61		/**
62		* Parses the given xml file and returns a list of the suppression rules
63		* contained.
64		*
65		* @param file an xml file containing suppression rules
66		* @return a list of suppression rules
67		* @throws SuppressionParseException thrown if the xml file cannot be parsed
68		*/
69		public List<SuppressionRule> parseSuppressionRules(File file) throws SuppressionParseException {
70		try {
71	1	final InputStream schemaStream = this.getClass().getClassLoader().getResourceAsStream("schema/suppression.xsd");
72	1	final SuppressionHandler handler = new SuppressionHandler();
73
74	1	final SAXParserFactory factory = SAXParserFactory.newInstance();
75	1	factory.setNamespaceAware(true);
76	1	factory.setValidating(true);
77	1	final SAXParser saxParser = factory.newSAXParser();
78	1	saxParser.setProperty(SuppressionParser.JAXP_SCHEMA_LANGUAGE, SuppressionParser.W3C_XML_SCHEMA);
79	1	saxParser.setProperty(SuppressionParser.JAXP_SCHEMA_SOURCE, new InputSource(schemaStream));
80	1	final XMLReader xmlReader = saxParser.getXMLReader();
81	1	xmlReader.setErrorHandler(new SuppressionErrorHandler());
82	1	xmlReader.setContentHandler(handler);
83
84	1	final InputStream inputStream = new FileInputStream(file);
85	1	final Reader reader = new InputStreamReader(inputStream, "UTF-8");
86	1	final InputSource in = new InputSource(reader);
87		//in.setEncoding("UTF-8");
88
89	1	xmlReader.parse(in);
90
91
92	1	return handler.getSupressionRules();
93	0	} catch (ParserConfigurationException ex) {
94	0	Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
95	0	throw new SuppressionParseException(ex);
96	0	} catch (SAXException ex) {
97	0	Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
98	0	throw new SuppressionParseException(ex);
99	0	} catch (FileNotFoundException ex) {
100	0	Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
101	0	throw new SuppressionParseException(ex);
102	0	} catch (IOException ex) {
103	0	Logger.getLogger(SuppressionParser.class.getName()).log(Level.FINE, null, ex);
104	0	throw new SuppressionParseException(ex);
105		}
106		}
107		}