Coverage Report

Coverage Report - org.owasp.dependencycheck.xml.hints.HintParser

Classes in this File

Line Coverage

Branch Coverage

Complexity

HintParser

52%

25/48

33%

2/6

 /*
  * This file is part of dependency-check-core.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2016 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.xml.hints;
 
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParser;
 import org.owasp.dependencycheck.utils.XmlUtils;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 import org.xml.sax.XMLReader;
 
 /**
  * A simple validating parser for XML Hint Rules.
  *
  * @author Jeremy Long
  */
 public class HintParser {
 
     /**
      * The logger.
      */
     private static final Logger LOGGER = LoggerFactory.getLogger(HintParser.class);
     /**
      * JAXP Schema Language. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
     /**
      * W3C XML Schema. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
     /**
      * JAXP Schema Source. Source:
      * http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
      */
     public static final String JAXP_SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";
 
     /**
      * The schema for the hint XML files.
      */
     private static final String HINT_SCHEMA = "schema/dependency-hint.1.1.xsd";
 
     /**
      * Parses the given XML file and returns a list of the hints contained.
      *
      * @param file an XML file containing hints
      * @return a list of hint rules
      * @throws HintParseException thrown if the XML file cannot be parsed
      */
     public Hints parseHints(File file) throws HintParseException {
         FileInputStream fis = null;
         try {
             fis = new FileInputStream(file);
             return parseHints(fis);
         } catch (IOException ex) {
             LOGGER.debug("", ex);
             throw new HintParseException(ex);
         } catch (SAXException ex) {
             throw new HintParseException(ex);
         } finally {
             if (fis != null) {
                 try {
                     fis.close();
                 } catch (IOException ex) {
                     LOGGER.debug("Unable to close stream", ex);
                 }
             }
         }
     }
 
     /**
      * Parses the given XML stream and returns a list of the hint rules
      * contained.
      *
      * @param inputStream an InputStream containing hint rules
      * @return a list of hint rules
      * @throws HintParseException thrown if the XML cannot be parsed
      * @throws SAXException thrown if the XML cannot be parsed
      */
     public Hints parseHints(InputStream inputStream) throws HintParseException, SAXException {
         InputStream schemaStream = null;
         try {
             schemaStream = this.getClass().getClassLoader().getResourceAsStream(HINT_SCHEMA);
             final HintHandler handler = new HintHandler();
             final SAXParser saxParser = XmlUtils.buildSecureSaxParser(schemaStream);
             final XMLReader xmlReader = saxParser.getXMLReader();
             xmlReader.setErrorHandler(new HintErrorHandler());
             xmlReader.setContentHandler(handler);
 
             final Reader reader = new InputStreamReader(inputStream, "UTF-8");
             final InputSource in = new InputSource(reader);
 
             xmlReader.parse(in);
             final Hints hints = new Hints();
             hints.setHintRules(handler.getHintRules());
             hints.setVendorDuplicatingHintRules(handler.getVendorDuplicatingHintRules());
             return hints;
         } catch (ParserConfigurationException ex) {
             LOGGER.debug("", ex);
             throw new HintParseException(ex);
         } catch (SAXException ex) {
             if (ex.getMessage().contains("Cannot find the declaration of element 'hints'.")) {
                 throw ex;
             } else {
                 LOGGER.debug("", ex);
                 throw new HintParseException(ex);
             }
         } catch (FileNotFoundException ex) {
             LOGGER.debug("", ex);
             throw new HintParseException(ex);
         } catch (IOException ex) {
             LOGGER.debug("", ex);
             throw new HintParseException(ex);
         } finally {
             if (schemaStream != null) {
                 try {
                     schemaStream.close();
                 } catch (IOException ex) {
                     LOGGER.debug("Error closing hint file stream", ex);
                 }
             }
         }
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2016 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.xml.hints;
19
20		import java.io.File;
21		import java.io.FileInputStream;
22		import java.io.FileNotFoundException;
23		import java.io.IOException;
24		import java.io.InputStream;
25		import java.io.InputStreamReader;
26		import java.io.Reader;
27		import javax.xml.parsers.ParserConfigurationException;
28		import javax.xml.parsers.SAXParser;
29		import org.owasp.dependencycheck.utils.XmlUtils;
30
31		import org.slf4j.Logger;
32		import org.slf4j.LoggerFactory;
33		import org.xml.sax.InputSource;
34		import org.xml.sax.SAXException;
35		import org.xml.sax.XMLReader;
36
37		/**
38		* A simple validating parser for XML Hint Rules.
39		*
40		* @author Jeremy Long
41		*/
42	4	public class HintParser {
43
44		/**
45		* The logger.
46		*/
47	1	private static final Logger LOGGER = LoggerFactory.getLogger(HintParser.class);
48		/**
49		* JAXP Schema Language. Source:
50		* http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
51		*/
52		public static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
53		/**
54		* W3C XML Schema. Source:
55		* http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
56		*/
57		public static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
58		/**
59		* JAXP Schema Source. Source:
60		* http://docs.oracle.com/javase/tutorial/jaxp/sax/validation.html
61		*/
62		public static final String JAXP_SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";
63
64		/**
65		* The schema for the hint XML files.
66		*/
67		private static final String HINT_SCHEMA = "schema/dependency-hint.1.1.xsd";
68
69		/**
70		* Parses the given XML file and returns a list of the hints contained.
71		*
72		* @param file an XML file containing hints
73		* @return a list of hint rules
74		* @throws HintParseException thrown if the XML file cannot be parsed
75		*/
76		public Hints parseHints(File file) throws HintParseException {
77	1	FileInputStream fis = null;
78		try {
79	1	fis = new FileInputStream(file);
80	2	return parseHints(fis);
81	0	} catch (IOException ex) {
82	0	LOGGER.debug("", ex);
83	0	throw new HintParseException(ex);
84	0	} catch (SAXException ex) {
85	0	throw new HintParseException(ex);
86		} finally {
87	1	if (fis != null) {
88		try {
89	1	fis.close();
90	0	} catch (IOException ex) {
91	0	LOGGER.debug("Unable to close stream", ex);
92	1	}
93		}
94		}
95		}
96
97		/**
98		* Parses the given XML stream and returns a list of the hint rules
99		* contained.
100		*
101		* @param inputStream an InputStream containing hint rules
102		* @return a list of hint rules
103		* @throws HintParseException thrown if the XML cannot be parsed
104		* @throws SAXException thrown if the XML cannot be parsed
105		*/
106		public Hints parseHints(InputStream inputStream) throws HintParseException, SAXException {
107	4	InputStream schemaStream = null;
108		try {
109	4	schemaStream = this.getClass().getClassLoader().getResourceAsStream(HINT_SCHEMA);
110	4	final HintHandler handler = new HintHandler();
111	4	final SAXParser saxParser = XmlUtils.buildSecureSaxParser(schemaStream);
112	4	final XMLReader xmlReader = saxParser.getXMLReader();
113	4	xmlReader.setErrorHandler(new HintErrorHandler());
114	4	xmlReader.setContentHandler(handler);
115
116	4	final Reader reader = new InputStreamReader(inputStream, "UTF-8");
117	4	final InputSource in = new InputSource(reader);
118
119	4	xmlReader.parse(in);
120	4	final Hints hints = new Hints();
121	4	hints.setHintRules(handler.getHintRules());
122	4	hints.setVendorDuplicatingHintRules(handler.getVendorDuplicatingHintRules());
123	8	return hints;
124	0	} catch (ParserConfigurationException ex) {
125	0	LOGGER.debug("", ex);
126	0	throw new HintParseException(ex);
127	0	} catch (SAXException ex) {
128	0	if (ex.getMessage().contains("Cannot find the declaration of element 'hints'.")) {
129	0	throw ex;
130		} else {
131	0	LOGGER.debug("", ex);
132	0	throw new HintParseException(ex);
133		}
134	0	} catch (FileNotFoundException ex) {
135	0	LOGGER.debug("", ex);
136	0	throw new HintParseException(ex);
137	0	} catch (IOException ex) {
138	0	LOGGER.debug("", ex);
139	0	throw new HintParseException(ex);
140		} finally {
141	4	if (schemaStream != null) {
142		try {
143	4	schemaStream.close();
144	0	} catch (IOException ex) {
145	0	LOGGER.debug("Error closing hint file stream", ex);
146	4	}
147		}
148		}
149		}
150		}