Coverage Report - org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer
 
Classes in this File Line Coverage Branch Coverage Complexity
AbstractSuppressionAnalyzer
51%
22/43
35%
5/14
3.5
 
 1   
 /*
 2   
  * This file is part of dependency-check-core.
 3   
  *
 4   
  * Licensed under the Apache License, Version 2.0 (the "License");
 5   
  * you may not use this file except in compliance with the License.
 6   
  * You may obtain a copy of the License at
 7   
  *
 8   
  *     http://www.apache.org/licenses/LICENSE-2.0
 9   
  *
 10   
  * Unless required by applicable law or agreed to in writing, software
 11   
  * distributed under the License is distributed on an "AS IS" BASIS,
 12   
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 13   
  * See the License for the specific language governing permissions and
 14   
  * limitations under the License.
 15   
  *
 16   
  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
 17   
  */
 18   
 package org.owasp.dependencycheck.analyzer;
 19   
 
 20   
 import java.io.File;
 21   
 import java.io.IOException;
 22   
 import java.net.MalformedURLException;
 23   
 import java.net.URL;
 24   
 import java.util.List;
 25   
 import java.util.Set;
 26   
 import java.util.logging.Level;
 27   
 import java.util.logging.Logger;
 28   
 import java.util.regex.Pattern;
 29   
 import org.owasp.dependencycheck.suppression.SuppressionParseException;
 30   
 import org.owasp.dependencycheck.suppression.SuppressionParser;
 31   
 import org.owasp.dependencycheck.suppression.SuppressionRule;
 32   
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 33   
 import org.owasp.dependencycheck.utils.Downloader;
 34   
 import org.owasp.dependencycheck.utils.FileUtils;
 35   
 import org.owasp.dependencycheck.utils.Settings;
 36   
 
 37   
 /**
 38   
  * Abstract base suppression analyzer that contains methods for parsing the suppression xml file.
 39   
  *
 40   
  * @author Jeremy Long <jeremy.long@owasp.org>
 41   
  */
 42   
 public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
 43   
 
 44   
     //<editor-fold defaultstate="collapsed" desc="All standard implementation details of Analyzer">
 45   
     /**
 46   
      * Returns a list of file EXTENSIONS supported by this analyzer.
 47   
      *
 48   
      * @return a list of file EXTENSIONS supported by this analyzer.
 49   
      */
 50   
     public Set<String> getSupportedExtensions() {
 51   
         return null;
 52   
     }
 53   
 
 54   
     /**
 55   
      * Returns whether or not this analyzer can process the given extension.
 56   
      *
 57   
      * @param extension the file extension to test for support.
 58   
      * @return whether or not the specified file extension is supported by this analyzer.
 59   
      */
 60   
     @Override
 61   
     public boolean supportsExtension(String extension) {
 62  19 
         return true;
 63   
     }
 64   
 
 65   
     //</editor-fold>
 66   
     /**
 67   
      * The initialize method loads the suppression XML file.
 68   
      *
 69   
      * @throws Exception thrown if there is an exception
 70   
      */
 71   
     @Override
 72   
     public void initialize() throws Exception {
 73  8 
         super.initialize();
 74  8 
         loadSuppressionData();
 75  8 
     }
 76   
     /**
 77   
      * The list of suppression rules
 78   
      */
 79   
     private List<SuppressionRule> rules;
 80   
 
 81   
     /**
 82   
      * Get the value of rules.
 83   
      *
 84   
      * @return the value of rules
 85   
      */
 86   
     public List<SuppressionRule> getRules() {
 87   
         return rules;
 88   
     }
 89   
 
 90   
     /**
 91   
      * Set the value of rules.
 92   
      *
 93   
      * @param rules new value of rules
 94   
      */
 95   
     public void setRules(List<SuppressionRule> rules) {
 96   
         this.rules = rules;
 97   
     }
 98   
 
 99   
     /**
 100   
      * Loads the suppression rules file.
 101   
      *
 102   
      * @throws SuppressionParseException thrown if the XML cannot be parsed.
 103   
      */
 104   
     private void loadSuppressionData() throws SuppressionParseException {
 105  8 
         final String suppressionFilePath = Settings.getString(Settings.KEYS.SUPPRESSION_FILE);
 106  8 
         if (suppressionFilePath == null) {
 107  0 
             return;
 108   
         }
 109  8 
         File file = null;
 110  8 
         boolean deleteTempFile = false;
 111   
         try {
 112  8 
             final Pattern uriRx = Pattern.compile("^(https?|file)\\:.*", Pattern.CASE_INSENSITIVE);
 113  8 
             if (uriRx.matcher(suppressionFilePath).matches()) {
 114  8 
                 deleteTempFile = true;
 115  8 
                 file = FileUtils.getTempFile("suppression", "xml");
 116  8 
                 final URL url = new URL(suppressionFilePath);
 117   
                 try {
 118  8 
                     Downloader.fetchFile(url, file, false);
 119  0 
                 } catch (DownloadFailedException ex) {
 120  0 
                     Downloader.fetchFile(url, file, true);
 121  8 
                 }
 122   
             }
 123   
 
 124  8 
             if (file != null) {
 125  8 
                 final SuppressionParser parser = new SuppressionParser();
 126   
                 try {
 127  8 
                     rules = parser.parseSuppressionRules(file);
 128  0 
                 } catch (SuppressionParseException ex) {
 129  0 
                     final String msg = String.format("Unable to parse suppression xml file '%s'", file.getPath());
 130  0 
                     Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.WARNING, msg);
 131  0 
                     Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.WARNING, ex.getMessage());
 132  0 
                     Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.FINE, null, ex);
 133  0 
                     throw ex;
 134  8 
                 }
 135   
             }
 136  0 
         } catch (DownloadFailedException ex) {
 137  0 
             Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.WARNING,
 138   
                     "Unable to fetch the configured suppression file");
 139  0 
             Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.FINE, "", ex);
 140  0 
             throw new SuppressionParseException("Unable to fetch the configured suppression file", ex);
 141  0 
         } catch (MalformedURLException ex) {
 142  0 
             Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.WARNING,
 143   
                     "Configured suppression file has an invalid URL");
 144  0 
             Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.FINE, "", ex);
 145  0 
             throw new SuppressionParseException("Configured suppression file has an invalid URL", ex);
 146  0 
         } catch (IOException ex) {
 147  0 
             Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.WARNING,
 148   
                     "Unable to create temp file for suppressions");
 149  0 
             Logger.getLogger(AbstractSuppressionAnalyzer.class.getName()).log(Level.FINE, "", ex);
 150  0 
             throw new SuppressionParseException("Unable to create temp file for suppressions", ex);
 151   
         } finally {
 152  8 
             if (deleteTempFile && file != null) {
 153  8 
                 FileUtils.delete(file);
 154   
             }
 155   
         }
 156  8 
     }
 157   
 }
Report generated by Cobertura 2.0.3 on 3/10/14 3:37 PM.