github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 16:23:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
gh-pages
DependencyCheck/dependency-check-utils/cobertura/org.owasp.dependencycheck.utils.ExpectedOjectInputStream.html
Jeremy Long 615f6e3750 documentation version 1.4.5
2017-01-22 17:22:46 -05:00

158 lines
16 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Coverage Report</title>
<link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/>
<script type="text/javascript" src="js/popup.js"></script>
</head>
<body>
<h5>Coverage Report - org.owasp.dependencycheck.utils.ExpectedOjectInputStream</h5>
<div class="separator">&nbsp;</div>
<table class="report">
<thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead>
<tr><td><a href="org.owasp.dependencycheck.utils.ExpectedOjectInputStream.html">ExpectedOjectInputStream</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">100%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:100px"><span class="text">7/7</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">100%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:100px"><span class="text">2/2</span></div></div></td></tr></table></td><td class="value"><span class="hidden">2.0;</span>2</td></tr>
</table>
<div class="separator">&nbsp;</div>
<table cellspacing="0" cellpadding="0" class="src">
<tr> <td class="numLine">&nbsp;1</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">/*</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;2</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * This file is part of dependency-check-core.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;3</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;4</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Licensed under the Apache License, Version 2.0 (the "License");</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;5</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * you may not use this file except in compliance with the License.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;6</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * You may obtain a copy of the License at</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;7</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;8</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;9</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;10</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Unless required by applicable law or agreed to in writing, software</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;11</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * distributed under the License is distributed on an "AS IS" BASIS,</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;12</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;13</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * See the License for the specific language governing permissions and</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;14</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * limitations under the License.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;15</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;16</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Copyright (c) 2016 Jeremy Long. All Rights Reserved.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;17</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;18</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">package</span> org.owasp.dependencycheck.utils;</pre></td></tr>
<tr> <td class="numLine">&nbsp;19</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;20</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.IOException;</pre></td></tr>
<tr> <td class="numLine">&nbsp;21</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.InputStream;</pre></td></tr>
<tr> <td class="numLine">&nbsp;22</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.InvalidClassException;</pre></td></tr>
<tr> <td class="numLine">&nbsp;23</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.ObjectInputStream;</pre></td></tr>
<tr> <td class="numLine">&nbsp;24</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.io.ObjectStreamClass;</pre></td></tr>
<tr> <td class="numLine">&nbsp;25</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.ArrayList;</pre></td></tr>
<tr> <td class="numLine">&nbsp;26</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.Arrays;</pre></td></tr>
<tr> <td class="numLine">&nbsp;27</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">import</span> java.util.List;</pre></td></tr>
<tr> <td class="numLine">&nbsp;28</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;29</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;30</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * An ObjectInputStream that will only deserialize expected classes.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;31</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;32</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @author Jeremy Long</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;33</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;34</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="keyword">public</span> <span class="keyword">class</span> ExpectedOjectInputStream <span class="keyword">extends</span> ObjectInputStream {</pre></td></tr>
<tr> <td class="numLine">&nbsp;35</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;36</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;37</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * The list of fully qualified class names that are able to be deserialized.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;38</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;39</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">private</span> List&lt;String&gt; expected = <span class="keyword">new</span> ArrayList&lt;String&gt;();</pre></td></tr>
<tr> <td class="numLine">&nbsp;40</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;41</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;42</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Constructs a new ExpectedOjectInputStream that can be used to securely deserialize an object by restricting the classes</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;43</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * that can deserialized to a known set of expected classes.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;44</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;45</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param inputStream the input stream that contains the object to deserialize</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;46</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param expected the fully qualified class names of the classes that can be deserialized</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;47</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @throws IOException thrown if there is an error reading from the stream</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;48</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;49</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">public</span> ExpectedOjectInputStream(InputStream inputStream, String... expected) <span class="keyword">throws</span> IOException {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;50</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">super</span>(inputStream);</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;51</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">this</span>.expected.addAll(Arrays.asList(expected));</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;52</td> <td class="nbHitsCovered">&nbsp;2</td> <td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;53</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;</pre></td></tr>
<tr> <td class="numLine">&nbsp;54</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="comment">/**</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;55</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * Only deserialize instances of expected classes by validating the class name prior to deserialization.</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;56</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> *</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;57</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @param desc the class from the object stream to validate</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;58</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @return the resolved class</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;59</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @throws java.io.IOException thrown if the class being read is not one of the expected classes or if there is an error</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;60</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * reading from the stream</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;61</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> * @throws java.lang.ClassNotFoundException thrown if there is an error finding the class to deserialize</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;62</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;<span class="comment"> */</span></pre></td></tr>
<tr> <td class="numLine">&nbsp;63</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; @Override</pre></td></tr>
<tr> <td class="numLine">&nbsp;64</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; <span class="keyword">protected</span> Class&lt;?&gt; resolveClass(ObjectStreamClass desc) <span class="keyword">throws</span> IOException, ClassNotFoundException {</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;65</td> <td class="nbHitsCovered"><a title="Line 65: Conditional coverage 100% (2/2).">&nbsp;7</a></td> <td class="src"><pre class="src">&nbsp;<a title="Line 65: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!<span class="keyword">this</span>.expected.contains(desc.getName())) {</a></pre></td></tr>
<tr> <td class="numLineCover">&nbsp;66</td> <td class="nbHitsCovered">&nbsp;1</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">throw</span> <span class="keyword">new</span> InvalidClassException(<span class="string">"Unexpected deserialization "</span>, desc.getName());</pre></td></tr>
<tr> <td class="numLine">&nbsp;67</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLineCover">&nbsp;68</td> <td class="nbHitsCovered">&nbsp;6</td> <td class="src"><pre class="src">&nbsp; <span class="keyword">return</span> <span class="keyword">super</span>.resolveClass(desc);</pre></td></tr>
<tr> <td class="numLine">&nbsp;69</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp; }</pre></td></tr>
<tr> <td class="numLine">&nbsp;70</td> <td class="nbHits">&nbsp;</td>
<td class="src"><pre class="src">&nbsp;}</pre></td></tr>
</table>
<div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 2.1.1 on 1/22/17 4:14 PM.</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink