View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.nvdcve;
19  
20  import java.util.List;
21  import java.util.Set;
22  import org.junit.After;
23  import org.junit.AfterClass;
24  import static org.junit.Assert.assertTrue;
25  import org.junit.Before;
26  import org.junit.BeforeClass;
27  import org.junit.Test;
28  import org.owasp.dependencycheck.dependency.Vulnerability;
29  import org.owasp.dependencycheck.dependency.VulnerableSoftware;
30  import org.owasp.dependencycheck.utils.Settings;
31  
32  /**
33   *
34   * @author Jeremy Long
35   */
36  public class CveDBMySQLTest {
37  
38      @BeforeClass
39      public static void setUpClass() {
40          Settings.initialize();
41      }
42  
43      @AfterClass
44      public static void tearDownClass() {
45          Settings.cleanup();
46      }
47  
48      @Before
49      public void setUp() throws Exception {
50      }
51  
52      @After
53      public void tearDown() throws Exception {
54      }
55  
56      /**
57       * Pretty useless tests of open, commit, and close methods, of class CveDB.
58       */
59      @Test
60      public void testOpen() throws DatabaseException {
61          try {
62              CveDB instance = new CveDB();
63              instance.open();
64              instance.close();
65          } catch (DatabaseException ex) {
66              System.out.println("Unable to connect to the My SQL database; verify that the db server is running and that the schema has been generated");
67              throw ex;
68          }
69      }
70  
71      /**
72       * Test of getCPEs method, of class CveDB.
73       */
74      @Test
75      public void testGetCPEs() throws Exception {
76          CveDB instance = new CveDB();
77          try {
78              String vendor = "apache";
79              String product = "struts";
80              instance.open();
81              Set<VulnerableSoftware> result = instance.getCPEs(vendor, product);
82              assertTrue("Has data been loaded into the MySQL DB? if not consider using the CLI to populate it", result.size() > 5);
83          } catch (Exception ex) {
84              System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
85              throw ex;
86          } finally {
87              instance.close();
88          }
89      }
90  
91      /**
92       * Test of getVulnerabilities method, of class CveDB.
93       */
94      @Test
95      public void testGetVulnerabilities() throws Exception {
96          String cpeStr = "cpe:/a:apache:struts:2.1.2";
97          CveDB instance = new CveDB();
98          try {
99              instance.open();
100             List<Vulnerability> result = instance.getVulnerabilities(cpeStr);
101             assertTrue(result.size() > 5);
102         } catch (Exception ex) {
103             System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
104             throw ex;
105         } finally {
106             instance.close();
107         }
108     }
109 }