Coverage Report

Coverage Report - org.owasp.dependencycheck.data.update.task.CallableDownloadTask

Classes in this File

Line Coverage

Branch Coverage

Complexity

CallableDownloadTask

0/52

0/34

2.455

 /*
  * This file is part of dependency-check-core.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.data.update.task;
 
 import java.io.File;
 import java.io.IOException;
 import java.net.URL;
 import java.util.concurrent.Callable;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Future;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
 import org.owasp.dependencycheck.data.update.NvdCveInfo;
 import org.owasp.dependencycheck.data.update.exception.UpdateException;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 import org.owasp.dependencycheck.utils.Downloader;
 import org.owasp.dependencycheck.utils.Settings;
 
 /**
  * A callable object to download two files.
  *
  * @author Jeremy Long <jeremy.long@owasp.org>
  */
 public class CallableDownloadTask implements Callable<Future<ProcessTask>> {
 
     /**
      * The Logger.
      */
     private static final Logger LOGGER = Logger.getLogger(CallableDownloadTask.class.getName());
 
     /**
      * Simple constructor for the callable download task.
      *
      * @param nvdCveInfo the NVD CVE info
      * @param processor the processor service to submit the downloaded files to
      * @param cveDB the CVE DB to use to store the vulnerability data
      * @param settings a reference to the global settings object; this is necessary so that when the thread is started
      * the dependencies have a correct reference to the global settings.
      * @throws UpdateException thrown if temporary files could not be created
      */
     public CallableDownloadTask(NvdCveInfo nvdCveInfo, ExecutorService processor, CveDB cveDB, Settings settings) throws UpdateException {
         this.nvdCveInfo = nvdCveInfo;
         this.processorService = processor;
         this.cveDB = cveDB;
         this.settings = settings;
 
         final File file1;
         final File file2;
 
         try {
             file1 = File.createTempFile("cve" + nvdCveInfo.getId() + "_", ".xml", Settings.getTempDirectory());
             file2 = File.createTempFile("cve_1_2_" + nvdCveInfo.getId() + "_", ".xml", Settings.getTempDirectory());
         } catch (IOException ex) {
             throw new UpdateException("Unable to create temporary files", ex);
         }
         this.first = file1;
         this.second = file2;
 
     }
     /**
      * The CVE DB to use when processing the files.
      */
     private CveDB cveDB;
     /**
      * The processor service to pass the results of the download to.
      */
     private ExecutorService processorService;
     /**
      * The NVD CVE Meta Data.
      */
     private NvdCveInfo nvdCveInfo;
     /**
      * A reference to the global settings object.
      */
     private Settings settings;
 
     /**
      * Get the value of nvdCveInfo.
      *
      * @return the value of nvdCveInfo
      */
     public NvdCveInfo getNvdCveInfo() {
         return nvdCveInfo;
     }
 
     /**
      * Set the value of nvdCveInfo.
      *
      * @param nvdCveInfo new value of nvdCveInfo
      */
     public void setNvdCveInfo(NvdCveInfo nvdCveInfo) {
         this.nvdCveInfo = nvdCveInfo;
     }
     /**
      * a file.
      */
     private File first;
 
     /**
      * Get the value of first.
      *
      * @return the value of first
      */
     public File getFirst() {
         return first;
     }
 
     /**
      * Set the value of first.
      *
      * @param first new value of first
      */
     public void setFirst(File first) {
         this.first = first;
     }
     /**
      * a file.
      */
     private File second;
 
     /**
      * Get the value of second.
      *
      * @return the value of second
      */
     public File getSecond() {
         return second;
     }
 
     /**
      * Set the value of second.
      *
      * @param second new value of second
      */
     public void setSecond(File second) {
         this.second = second;
     }
     /**
      * A placeholder for an exception.
      */
     private Exception exception = null;
 
     /**
      * Get the value of exception.
      *
      * @return the value of exception
      */
     public Exception getException() {
         return exception;
     }
 
     /**
      * returns whether or not an exception occurred during download.
      *
      * @return whether or not an exception occurred during download
      */
     public boolean hasException() {
         return exception != null;
     }
 
     @Override
     public Future<ProcessTask> call() throws Exception {
         try {
             Settings.setInstance(settings);
             final URL url1 = new URL(nvdCveInfo.getUrl());
             final URL url2 = new URL(nvdCveInfo.getOldSchemaVersionUrl());
             String msg = String.format("Download Started for NVD CVE - %s", nvdCveInfo.getId());
             LOGGER.log(Level.INFO, msg);
             try {
                 Downloader.fetchFile(url1, first);
                 Downloader.fetchFile(url2, second);
             } catch (DownloadFailedException ex) {
                 msg = String.format("Download Failed for NVD CVE - %s%nSome CVEs may not be reported.", nvdCveInfo.getId());
                 LOGGER.log(Level.WARNING, msg);
                 LOGGER.log(Level.FINE, null, ex);
                 return null;
             }
 
             msg = String.format("Download Complete for NVD CVE - %s", nvdCveInfo.getId());
             LOGGER.log(Level.INFO, msg);
 
             final ProcessTask task = new ProcessTask(cveDB, this, settings);
             return this.processorService.submit(task);
 
         } catch (Throwable ex) {
             final String msg = String.format("An exception occurred downloading NVD CVE - %s%nSome CVEs may not be reported.", nvdCveInfo.getId());
             LOGGER.log(Level.WARNING, msg);
             LOGGER.log(Level.FINE, "Download Task Failed", ex);
         } finally {
             Settings.cleanup(false);
         }
         return null;
     }
 
     /**
      * Attempts to delete the files that were downloaded.
      */
     public void cleanup() {
         boolean deleted = false;
         try {
             if (first != null && first.exists()) {
                 deleted = first.delete();
             }
         } finally {
             if (first != null && (first.exists() || !deleted)) {
                 first.deleteOnExit();
             }
         }
         try {
             deleted = false;
             if (second != null && second.exists()) {
                 deleted = second.delete();
             }
         } finally {
             if (second != null && (second.exists() || !deleted)) {
                 second.deleteOnExit();
             }
         }
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.data.update.task;
19
20		import java.io.File;
21		import java.io.IOException;
22		import java.net.URL;
23		import java.util.concurrent.Callable;
24		import java.util.concurrent.ExecutorService;
25		import java.util.concurrent.Future;
26		import java.util.logging.Level;
27		import java.util.logging.Logger;
28		import org.owasp.dependencycheck.data.nvdcve.CveDB;
29		import org.owasp.dependencycheck.data.update.NvdCveInfo;
30		import org.owasp.dependencycheck.data.update.exception.UpdateException;
31		import org.owasp.dependencycheck.utils.DownloadFailedException;
32		import org.owasp.dependencycheck.utils.Downloader;
33		import org.owasp.dependencycheck.utils.Settings;
34
35		/**
36		* A callable object to download two files.
37		*
38		* @author Jeremy Long <jeremy.long@owasp.org>
39		*/
40	0	public class CallableDownloadTask implements Callable<Future<ProcessTask>> {
41
42		/**
43		* The Logger.
44		*/
45	0	private static final Logger LOGGER = Logger.getLogger(CallableDownloadTask.class.getName());
46
47		/**
48		* Simple constructor for the callable download task.
49		*
50		* @param nvdCveInfo the NVD CVE info
51		* @param processor the processor service to submit the downloaded files to
52		* @param cveDB the CVE DB to use to store the vulnerability data
53		* @param settings a reference to the global settings object; this is necessary so that when the thread is started
54		* the dependencies have a correct reference to the global settings.
55		* @throws UpdateException thrown if temporary files could not be created
56		*/
57	0	public CallableDownloadTask(NvdCveInfo nvdCveInfo, ExecutorService processor, CveDB cveDB, Settings settings) throws UpdateException {
58	0	this.nvdCveInfo = nvdCveInfo;
59	0	this.processorService = processor;
60	0	this.cveDB = cveDB;
61	0	this.settings = settings;
62
63		final File file1;
64		final File file2;
65
66		try {
67	0	file1 = File.createTempFile("cve" + nvdCveInfo.getId() + "_", ".xml", Settings.getTempDirectory());
68	0	file2 = File.createTempFile("cve_1_2_" + nvdCveInfo.getId() + "_", ".xml", Settings.getTempDirectory());
69	0	} catch (IOException ex) {
70	0	throw new UpdateException("Unable to create temporary files", ex);
71	0	}
72	0	this.first = file1;
73	0	this.second = file2;
74
75	0	}
76		/**
77		* The CVE DB to use when processing the files.
78		*/
79		private CveDB cveDB;
80		/**
81		* The processor service to pass the results of the download to.
82		*/
83		private ExecutorService processorService;
84		/**
85		* The NVD CVE Meta Data.
86		*/
87		private NvdCveInfo nvdCveInfo;
88		/**
89		* A reference to the global settings object.
90		*/
91		private Settings settings;
92
93		/**
94		* Get the value of nvdCveInfo.
95		*
96		* @return the value of nvdCveInfo
97		*/
98		public NvdCveInfo getNvdCveInfo() {
99		return nvdCveInfo;
100		}
101
102		/**
103		* Set the value of nvdCveInfo.
104		*
105		* @param nvdCveInfo new value of nvdCveInfo
106		*/
107		public void setNvdCveInfo(NvdCveInfo nvdCveInfo) {
108		this.nvdCveInfo = nvdCveInfo;
109		}
110		/**
111		* a file.
112		*/
113		private File first;
114
115		/**
116		* Get the value of first.
117		*
118		* @return the value of first
119		*/
120		public File getFirst() {
121		return first;
122		}
123
124		/**
125		* Set the value of first.
126		*
127		* @param first new value of first
128		*/
129		public void setFirst(File first) {
130		this.first = first;
131		}
132		/**
133		* a file.
134		*/
135		private File second;
136
137		/**
138		* Get the value of second.
139		*
140		* @return the value of second
141		*/
142		public File getSecond() {
143		return second;
144		}
145
146		/**
147		* Set the value of second.
148		*
149		* @param second new value of second
150		*/
151		public void setSecond(File second) {
152		this.second = second;
153		}
154		/**
155		* A placeholder for an exception.
156		*/
157	0	private Exception exception = null;
158
159		/**
160		* Get the value of exception.
161		*
162		* @return the value of exception
163		*/
164		public Exception getException() {
165		return exception;
166		}
167
168		/**
169		* returns whether or not an exception occurred during download.
170		*
171		* @return whether or not an exception occurred during download
172		*/
173		public boolean hasException() {
174	0	return exception != null;
175		}
176
177		@Override
178		public Future<ProcessTask> call() throws Exception {
179		try {
180	0	Settings.setInstance(settings);
181	0	final URL url1 = new URL(nvdCveInfo.getUrl());
182	0	final URL url2 = new URL(nvdCveInfo.getOldSchemaVersionUrl());
183	0	String msg = String.format("Download Started for NVD CVE - %s", nvdCveInfo.getId());
184	0	LOGGER.log(Level.INFO, msg);
185		try {
186	0	Downloader.fetchFile(url1, first);
187	0	Downloader.fetchFile(url2, second);
188	0	} catch (DownloadFailedException ex) {
189	0	msg = String.format("Download Failed for NVD CVE - %s%nSome CVEs may not be reported.", nvdCveInfo.getId());
190	0	LOGGER.log(Level.WARNING, msg);
191	0	LOGGER.log(Level.FINE, null, ex);
192	0	return null;
193	0	}
194
195	0	msg = String.format("Download Complete for NVD CVE - %s", nvdCveInfo.getId());
196	0	LOGGER.log(Level.INFO, msg);
197
198	0	final ProcessTask task = new ProcessTask(cveDB, this, settings);
199	0	return this.processorService.submit(task);
200
201	0	} catch (Throwable ex) {
202	0	final String msg = String.format("An exception occurred downloading NVD CVE - %s%nSome CVEs may not be reported.", nvdCveInfo.getId());
203	0	LOGGER.log(Level.WARNING, msg);
204	0	LOGGER.log(Level.FINE, "Download Task Failed", ex);
205		} finally {
206	0	Settings.cleanup(false);
207	0	}
208	0	return null;
209		}
210
211		/**
212		* Attempts to delete the files that were downloaded.
213		*/
214		public void cleanup() {
215	0	boolean deleted = false;
216		try {
217	0	if (first != null && first.exists()) {
218	0	deleted = first.delete();
219		}
220		} finally {
221	0	if (first != null && (first.exists() \|\| !deleted)) {
222	0	first.deleteOnExit();
223		}
224		}
225		try {
226	0	deleted = false;
227	0	if (second != null && second.exists()) {
228	0	deleted = second.delete();
229		}
230		} finally {
231	0	if (second != null && (second.exists() \|\| !deleted)) {
232	0	second.deleteOnExit();
233		}
234		}
235	0	}
236		}