mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-04-29 19:58:15 +02:00
1198 lines
173 KiB
HTML
1198 lines
173 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
|
|
<title>Coverage Report</title>
|
|
<link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/>
|
|
<script type="text/javascript" src="js/popup.js"></script>
|
|
</head>
|
|
<body>
|
|
<h5>Coverage Report - org.owasp.dependencycheck.data.nvdcve.CveDB</h5>
|
|
<div class="separator"> </div>
|
|
<table class="report">
|
|
<thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead>
|
|
<tr><td><a href="org.owasp.dependencycheck.data.nvdcve.CveDB.html">CveDB</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">47%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:47px"><span class="text">200/419</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">57%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:57px"><span class="text">73/128</span></div></div></td></tr></table></td><td class="value"><span class="hidden">5.2727272727272725;</span>5.273</td></tr>
|
|
|
|
</table>
|
|
<div class="separator"> </div>
|
|
<table cellspacing="0" cellpadding="0" class="src">
|
|
<tr> <td class="numLine"> 1</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/*</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 2</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * This file is part of dependency-check-core.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 3</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 4</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Licensed under the Apache License, Version 2.0 (the "License");</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 5</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * you may not use this file except in compliance with the License.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 6</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * You may obtain a copy of the License at</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 7</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 8</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 9</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 10</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Unless required by applicable law or agreed to in writing, software</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 11</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * distributed under the License is distributed on an "AS IS" BASIS,</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 12</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 13</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * See the License for the specific language governing permissions and</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 14</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * limitations under the License.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 15</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 16</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Copyright (c) 2012 Jeremy Long. All Rights Reserved.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 17</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 18</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">package</span> org.owasp.dependencycheck.data.nvdcve;</pre></td></tr>
|
|
<tr> <td class="numLine"> 19</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 20</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.io.IOException;</pre></td></tr>
|
|
<tr> <td class="numLine"> 21</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.io.UnsupportedEncodingException;</pre></td></tr>
|
|
<tr> <td class="numLine"> 22</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.sql.CallableStatement;</pre></td></tr>
|
|
<tr> <td class="numLine"> 23</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.sql.Connection;</pre></td></tr>
|
|
<tr> <td class="numLine"> 24</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.sql.PreparedStatement;</pre></td></tr>
|
|
<tr> <td class="numLine"> 25</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.sql.ResultSet;</pre></td></tr>
|
|
<tr> <td class="numLine"> 26</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.sql.SQLException;</pre></td></tr>
|
|
<tr> <td class="numLine"> 27</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.sql.Statement;</pre></td></tr>
|
|
<tr> <td class="numLine"> 28</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.ArrayList;</pre></td></tr>
|
|
<tr> <td class="numLine"> 29</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.HashMap;</pre></td></tr>
|
|
<tr> <td class="numLine"> 30</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.HashSet;</pre></td></tr>
|
|
<tr> <td class="numLine"> 31</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.List;</pre></td></tr>
|
|
<tr> <td class="numLine"> 32</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.Locale;</pre></td></tr>
|
|
<tr> <td class="numLine"> 33</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.Map;</pre></td></tr>
|
|
<tr> <td class="numLine"> 34</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.Map.Entry;</pre></td></tr>
|
|
<tr> <td class="numLine"> 35</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.MissingResourceException;</pre></td></tr>
|
|
<tr> <td class="numLine"> 36</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.Properties;</pre></td></tr>
|
|
<tr> <td class="numLine"> 37</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.ResourceBundle;</pre></td></tr>
|
|
<tr> <td class="numLine"> 38</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.Set;</pre></td></tr>
|
|
<tr> <td class="numLine"> 39</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.data.cwe.CweDB;</pre></td></tr>
|
|
<tr> <td class="numLine"> 40</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.Reference;</pre></td></tr>
|
|
<tr> <td class="numLine"> 41</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.Vulnerability;</pre></td></tr>
|
|
<tr> <td class="numLine"> 42</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.VulnerableSoftware;</pre></td></tr>
|
|
<tr> <td class="numLine"> 43</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.DBUtils;</pre></td></tr>
|
|
<tr> <td class="numLine"> 44</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.DependencyVersion;</pre></td></tr>
|
|
<tr> <td class="numLine"> 45</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.DependencyVersionUtil;</pre></td></tr>
|
|
<tr> <td class="numLine"> 46</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.Pair;</pre></td></tr>
|
|
<tr> <td class="numLine"> 47</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.Settings;</pre></td></tr>
|
|
<tr> <td class="numLine"> 48</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.slf4j.Logger;</pre></td></tr>
|
|
<tr> <td class="numLine"> 49</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.slf4j.LoggerFactory;</pre></td></tr>
|
|
<tr> <td class="numLine"> 50</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 51</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 52</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * The database holding information about the NVD CVE data.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 53</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 54</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @author Jeremy Long</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 55</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 56</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">class</span> CveDB {</pre></td></tr>
|
|
<tr> <td class="numLine"> 57</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 58</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 59</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * The logger.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 60</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 61</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> Logger LOGGER = LoggerFactory.getLogger(CveDB.<span class="keyword">class</span>);</pre></td></tr>
|
|
<tr> <td class="numLine"> 62</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 63</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Database connection</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 64</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 65</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> Connection conn;</pre></td></tr>
|
|
<tr> <td class="numLine"> 66</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 67</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * The bundle of statements used when accessing the database.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 68</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 69</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">private</span> ResourceBundle statementBundle = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 70</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 71</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 72</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Creates a new CveDB object and opens the database connection. Note, the connection must be closed by the caller by calling</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 73</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * the close method.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 74</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 75</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws DatabaseException thrown if there is an exception opening the database.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 76</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 77</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> CveDB() <span class="keyword">throws</span> DatabaseException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 78</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">super</span>();</pre></td></tr>
|
|
<tr> <td class="numLine"> 79</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 80</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> open();</pre></td></tr>
|
|
<tr> <td class="numLine"> 81</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 82</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String databaseProductName = conn.getMetaData().getDatabaseProductName();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 83</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> LOGGER.debug(<span class="string">"Database dialect: {}"</span>, databaseProductName);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 84</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Locale dbDialect = <span class="keyword">new</span> Locale(databaseProductName);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 85</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> statementBundle = ResourceBundle.getBundle(<span class="string">"data/dbStatements"</span>, dbDialect);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 86</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException se) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 87</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"Problem loading database specific dialect!"</span>, se);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 88</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> statementBundle = ResourceBundle.getBundle(<span class="string">"data/dbStatements"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 89</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 90</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> databaseProperties = <span class="keyword">new</span> DatabaseProperties(<span class="keyword">this</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 91</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (DatabaseException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 92</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> ex;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 93</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 94</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 95</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 96</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 97</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns the database connection.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 98</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 99</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the database connection</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 100</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 101</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">protected</span> Connection getConnection() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 102</td> <td class="nbHitsCovered"> 37</td> <td class="src"><pre class="src"> <span class="keyword">return</span> conn;</pre></td></tr>
|
|
<tr> <td class="numLine"> 103</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 104</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 105</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 106</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Opens the database connection. If the database does not exist, it will create a new one.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 107</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 108</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws DatabaseException thrown if there is an error opening the database connection</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 109</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 110</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">final</span> <span class="keyword">void</span> open() <span class="keyword">throws</span> DatabaseException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 111</td> <td class="nbHitsCovered"><a title="Line 111: Conditional coverage 100% (2/2)."> 12</a></td> <td class="src"><pre class="src"> <a title="Line 111: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!isOpen()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 112</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> conn = ConnectionFactory.getConnection();</pre></td></tr>
|
|
<tr> <td class="numLine"> 113</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 114</td> <td class="nbHitsCovered"> 12</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 115</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 116</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 117</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Closes the DB4O database. Close should be called on this object when it is done being used.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 118</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 119</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> close() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 120</td> <td class="nbHitsCovered"><a title="Line 120: Conditional coverage 100% (2/2)."> 8</a></td> <td class="src"><pre class="src"> <a title="Line 120: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (conn != <span class="keyword">null</span>) {</a></pre></td></tr>
|
|
<tr> <td class="numLine"> 121</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 122</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> conn.close();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 123</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 124</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"There was an error attempting to close the CveDB, see the log for more details."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 125</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 126</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (Throwable ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 127</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"There was an exception attempting to close the CveDB, see the log for more details."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 128</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 129</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 130</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> conn = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 131</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 132</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 133</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 134</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 135</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns whether the database connection is open or closed.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 136</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 137</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return whether the database connection is open or closed</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 138</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 139</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">boolean</span> isOpen() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 140</td> <td class="nbHitsCovered"><a title="Line 140: Conditional coverage 100% (2/2)."> 12</a></td> <td class="src"><pre class="src"> <a title="Line 140: Conditional coverage 100% (2/2)."> <span class="keyword">return</span> conn != <span class="keyword">null</span>;</a></pre></td></tr>
|
|
<tr> <td class="numLine"> 141</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 142</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 143</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 144</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Commits all completed transactions.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 145</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 146</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws SQLException thrown if a SQL Exception occurs</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 147</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 148</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> commit() <span class="keyword">throws</span> SQLException {</pre></td></tr>
|
|
<tr> <td class="numLine"> 149</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//temporary remove this as autocommit is on.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 150</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//if (conn != null) {</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 151</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">// conn.commit();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 152</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//}</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 153</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 154</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 155</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 156</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Cleans up the object and ensures that "close" has been called.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 157</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 158</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws Throwable thrown if there is a problem</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 159</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 160</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 161</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @SuppressWarnings(<span class="string">"FinalizeDeclaration"</span>)</pre></td></tr>
|
|
<tr> <td class="numLine"> 162</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">void</span> finalize() <span class="keyword">throws</span> Throwable {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 163</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> LOGGER.debug(<span class="string">"Entering finalize"</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 164</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> close();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 165</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">super</span>.finalize();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 166</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 167</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 168</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Database properties object containing the 'properties' from the database table.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 169</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 170</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> DatabaseProperties databaseProperties;</pre></td></tr>
|
|
<tr> <td class="numLine"> 171</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 172</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 173</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Get the value of databaseProperties.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 174</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 175</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the value of databaseProperties</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 176</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 177</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> DatabaseProperties getDatabaseProperties() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 178</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> databaseProperties;</pre></td></tr>
|
|
<tr> <td class="numLine"> 179</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 180</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 181</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 182</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Searches the CPE entries in the database and retrieves all entries for a given vendor and product combination. The returned</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 183</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * list will include all versions of the product that are registered in the NVD CVE data.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 184</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 185</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param vendor the identified vendor name of the dependency being analyzed</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 186</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param product the identified name of the product of the dependency being analyzed</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 187</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a set of vulnerable software</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 188</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 189</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> Set<VulnerableSoftware> getCPEs(String vendor, String product) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 190</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Set<VulnerableSoftware> cpe = <span class="keyword">new</span> HashSet<VulnerableSoftware>();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 191</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ResultSet rs = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 192</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> PreparedStatement ps = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 193</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 194</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ps = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_CPE_ENTRIES"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 195</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ps.setString(1, vendor);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 196</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ps.setString(2, product);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 197</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> rs = ps.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLine"> 198</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 199</td> <td class="nbHitsCovered"><a title="Line 199: Conditional coverage 100% (2/2)."> 112</a></td> <td class="src"><pre class="src"> <a title="Line 199: Conditional coverage 100% (2/2)."> <span class="keyword">while</span> (rs.next()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 200</td> <td class="nbHitsCovered"> 109</td> <td class="src"><pre class="src"> <span class="keyword">final</span> VulnerableSoftware vs = <span class="keyword">new</span> VulnerableSoftware();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 201</td> <td class="nbHitsCovered"> 109</td> <td class="src"><pre class="src"> vs.setCpe(rs.getString(1));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 202</td> <td class="nbHitsCovered"> 109</td> <td class="src"><pre class="src"> cpe.add(vs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 203</td> <td class="nbHitsCovered"> 109</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 204</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 205</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"An unexpected SQL Exception occurred; please see the verbose log for more details."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 206</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 207</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 208</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 209</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> DBUtils.closeStatement(ps);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 210</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 211</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> cpe;</pre></td></tr>
|
|
<tr> <td class="numLine"> 212</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 213</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 214</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 215</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns the entire list of vendor/product combinations.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 216</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 217</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the entire list of vendor/product combinations</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 218</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws DatabaseException thrown when there is an error retrieving the data from the DB</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 219</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 220</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> Set<Pair<String, String>> getVendorProductList() <span class="keyword">throws</span> DatabaseException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 221</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Set<Pair<String, String>> data = <span class="keyword">new</span> HashSet<Pair<String, String>>();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 222</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> ResultSet rs = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 223</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> PreparedStatement ps = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 224</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 225</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> ps = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_VENDOR_PRODUCT_LIST"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 226</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> rs = ps.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 227</td> <td class="nbHitsCovered"><a title="Line 227: Conditional coverage 100% (2/2)."> 25471</a></td> <td class="src"><pre class="src"> <a title="Line 227: Conditional coverage 100% (2/2)."> <span class="keyword">while</span> (rs.next()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 228</td> <td class="nbHitsCovered"> 25470</td> <td class="src"><pre class="src"> data.add(<span class="keyword">new</span> Pair<String, String>(rs.getString(1), rs.getString(2)));</pre></td></tr>
|
|
<tr> <td class="numLine"> 229</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 230</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 231</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String msg = <span class="string">"An unexpected SQL Exception occurred; please see the verbose log for more details."</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 232</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(msg, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 233</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 234</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 235</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> DBUtils.closeStatement(ps);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 236</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 237</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">return</span> data;</pre></td></tr>
|
|
<tr> <td class="numLine"> 238</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 239</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 240</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 241</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns a set of properties.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 242</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 243</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the properties from the database</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 244</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 245</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> Properties getProperties() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 246</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Properties prop = <span class="keyword">new</span> Properties();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 247</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> PreparedStatement ps = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 248</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> ResultSet rs = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 249</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 250</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> ps = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_PROPERTIES"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 251</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> rs = ps.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 252</td> <td class="nbHitsCovered"><a title="Line 252: Conditional coverage 100% (2/2)."> 120</a></td> <td class="src"><pre class="src"> <a title="Line 252: Conditional coverage 100% (2/2)."> <span class="keyword">while</span> (rs.next()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 253</td> <td class="nbHitsCovered"> 114</td> <td class="src"><pre class="src"> prop.setProperty(rs.getString(1), rs.getString(2));</pre></td></tr>
|
|
<tr> <td class="numLine"> 254</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 255</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 256</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"An unexpected SQL Exception occurred; please see the verbose log for more details."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 257</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 258</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 259</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> DBUtils.closeStatement(ps);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 260</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 261</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 262</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">return</span> prop;</pre></td></tr>
|
|
<tr> <td class="numLine"> 263</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 264</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 265</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 266</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Saves a property to the database.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 267</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 268</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param key the property key</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 269</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param value the property value</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 270</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 271</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">void</span> saveProperty(String key, String value) {</pre></td></tr>
|
|
<tr> <td class="numLine"> 272</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLine"> 273</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 274</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> PreparedStatement mergeProperty = getConnection().prepareStatement(statementBundle.getString(<span class="string">"MERGE_PROPERTY"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 275</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 276</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> mergeProperty.setString(1, key);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 277</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> mergeProperty.setString(2, value);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 278</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> mergeProperty.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 279</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 280</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(mergeProperty);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 281</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 282</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (MissingResourceException mre) {</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 283</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">// No Merge statement, so doing an Update/Insert...</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 284</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement updateProperty = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 285</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement insertProperty = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 286</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 287</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateProperty = getConnection().prepareStatement(statementBundle.getString(<span class="string">"UPDATE_PROPERTY"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 288</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateProperty.setString(1, value);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 289</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateProperty.setString(2, key);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 290</td> <td class="nbHitsUncovered"><a title="Line 290: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 290: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (updateProperty.executeUpdate() == 0) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 291</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertProperty = getConnection().prepareStatement(statementBundle.getString(<span class="string">"INSERT_PROPERTY"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 292</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertProperty.setString(1, key);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 293</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertProperty.setString(2, value);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 294</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertProperty.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 295</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 296</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 297</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(updateProperty);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 298</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(insertProperty);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 299</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 300</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 301</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 302</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"Unable to save property '{}' with a value of '{}' to the database"</span>, key, value);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 303</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 304</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 305</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 306</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 307</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 308</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Retrieves the vulnerabilities associated with the specified CPE.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 309</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 310</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param cpeStr the CPE name</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 311</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a list of Vulnerabilities</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 312</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws DatabaseException thrown if there is an exception retrieving data</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 313</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 314</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> List<Vulnerability> getVulnerabilities(String cpeStr) <span class="keyword">throws</span> DatabaseException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 315</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">final</span> VulnerableSoftware cpe = <span class="keyword">new</span> VulnerableSoftware();</pre></td></tr>
|
|
<tr> <td class="numLine"> 316</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 317</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> cpe.parseName(cpeStr);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 318</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (UnsupportedEncodingException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 319</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.trace(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 320</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 321</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">final</span> DependencyVersion detectedVersion = parseDependencyVersion(cpe);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 322</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">final</span> List<Vulnerability> vulnerabilities = <span class="keyword">new</span> ArrayList<Vulnerability>();</pre></td></tr>
|
|
<tr> <td class="numLine"> 323</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 324</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> PreparedStatement ps = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 325</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ResultSet rs = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 326</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 327</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ps = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_CVE_FROM_SOFTWARE"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 328</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ps.setString(1, cpe.getVendor());</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 329</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> ps.setString(2, cpe.getProduct());</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 330</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> rs = ps.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 331</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> String currentCVE = <span class="string">""</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 332</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 333</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Map<String, Boolean> vulnSoftware = <span class="keyword">new</span> HashMap<String, Boolean>();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 334</td> <td class="nbHitsCovered"><a title="Line 334: Conditional coverage 100% (2/2)."> 282</a></td> <td class="src"><pre class="src"> <a title="Line 334: Conditional coverage 100% (2/2)."> <span class="keyword">while</span> (rs.next()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 335</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String cveId = rs.getString(1);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 336</td> <td class="nbHitsCovered"><a title="Line 336: Conditional coverage 100% (2/2)."> 279</a></td> <td class="src"><pre class="src"> <a title="Line 336: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!currentCVE.equals(cveId)) { <span class="comment">//check for match and add</span></a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 337</td> <td class="nbHitsCovered"> 10</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Entry<String, Boolean> matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 338</td> <td class="nbHitsCovered"><a title="Line 338: Conditional coverage 100% (2/2)."> 10</a></td> <td class="src"><pre class="src"> <a title="Line 338: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (matchedCPE != <span class="keyword">null</span>) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 339</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Vulnerability v = getVulnerability(currentCVE);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 340</td> <td class="nbHitsUncovered"><a title="Line 340: Conditional coverage 50% (1/2)."> 6</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 340: Conditional coverage 50% (1/2)."> v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? <span class="string">"Y"</span> : <span class="keyword">null</span>);</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 341</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> vulnerabilities.add(v);</pre></td></tr>
|
|
<tr> <td class="numLine"> 342</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 343</td> <td class="nbHitsCovered"> 10</td> <td class="src"><pre class="src"> vulnSoftware.clear();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 344</td> <td class="nbHitsCovered"> 10</td> <td class="src"><pre class="src"> currentCVE = cveId;</pre></td></tr>
|
|
<tr> <td class="numLine"> 345</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 346</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 347</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String cpeId = rs.getString(2);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 348</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String previous = rs.getString(3);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 349</td> <td class="nbHitsUncovered"><a title="Line 349: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> 279</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 349: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> <span class="keyword">final</span> Boolean p = previous != <span class="keyword">null</span> && !previous.isEmpty();</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 350</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> vulnSoftware.put(cpeId, p);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 351</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 352</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//remember to process the last set of CVE/CPE entries</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 353</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Entry<String, Boolean> matchedCPE = getMatchingSoftware(vulnSoftware, cpe.getVendor(), cpe.getProduct(), detectedVersion);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 354</td> <td class="nbHitsCovered"><a title="Line 354: Conditional coverage 100% (2/2)."> 3</a></td> <td class="src"><pre class="src"> <a title="Line 354: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (matchedCPE != <span class="keyword">null</span>) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 355</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Vulnerability v = getVulnerability(currentCVE);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 356</td> <td class="nbHitsUncovered"><a title="Line 356: Conditional coverage 50% (1/2)."> 2</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 356: Conditional coverage 50% (1/2)."> v.setMatchedCPE(matchedCPE.getKey(), matchedCPE.getValue() ? <span class="string">"Y"</span> : <span class="keyword">null</span>);</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 357</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> vulnerabilities.add(v);</pre></td></tr>
|
|
<tr> <td class="numLine"> 358</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 359</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 360</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(<span class="string">"Exception retrieving vulnerability for "</span> + cpeStr, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 361</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 362</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 363</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> DBUtils.closeStatement(ps);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 364</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 365</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> vulnerabilities;</pre></td></tr>
|
|
<tr> <td class="numLine"> 366</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 367</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 368</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 369</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Gets a vulnerability for the provided CVE.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 370</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 371</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param cve the CVE to lookup</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 372</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a vulnerability object</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 373</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws DatabaseException if an exception occurs</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 374</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 375</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> Vulnerability getVulnerability(String cve) <span class="keyword">throws</span> DatabaseException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 376</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> PreparedStatement psV = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 377</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> PreparedStatement psR = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 378</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> PreparedStatement psS = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 379</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> ResultSet rsV = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 380</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> ResultSet rsR = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 381</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> ResultSet rsS = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 382</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> Vulnerability vuln = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 383</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 384</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> psV = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_VULNERABILITY"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 385</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> psV.setString(1, cve);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 386</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> rsV = psV.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 387</td> <td class="nbHitsUncovered"><a title="Line 387: Conditional coverage 50% (1/2)."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 387: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (rsV.next()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 388</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln = <span class="keyword">new</span> Vulnerability();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 389</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setName(cve);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 390</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setDescription(rsV.getString(2));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 391</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> String cwe = rsV.getString(3);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 392</td> <td class="nbHitsUncovered"><a title="Line 392: Conditional coverage 50% (1/2)."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 392: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (cwe != <span class="keyword">null</span>) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 393</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String name = CweDB.getCweName(cwe);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 394</td> <td class="nbHitsCovered"><a title="Line 394: Conditional coverage 100% (2/2)."> 8</a></td> <td class="src"><pre class="src"> <a title="Line 394: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (name != <span class="keyword">null</span>) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 395</td> <td class="nbHitsCovered"> 7</td> <td class="src"><pre class="src"> cwe += <span class="string">' '</span> + name;</pre></td></tr>
|
|
<tr> <td class="numLine"> 396</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 397</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 398</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">final</span> <span class="keyword">int</span> cveId = rsV.getInt(1);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 399</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCwe(cwe);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 400</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssScore(rsV.getFloat(4));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 401</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssAccessVector(rsV.getString(5));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 402</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssAccessComplexity(rsV.getString(6));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 403</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssAuthentication(rsV.getString(7));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 404</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssConfidentialityImpact(rsV.getString(8));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 405</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssIntegrityImpact(rsV.getString(9));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 406</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.setCvssAvailabilityImpact(rsV.getString(10));</pre></td></tr>
|
|
<tr> <td class="numLine"> 407</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 408</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> psR = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_REFERENCES"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 409</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> psR.setInt(1, cveId);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 410</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> rsR = psR.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 411</td> <td class="nbHitsCovered"><a title="Line 411: Conditional coverage 100% (2/2)."> 76</a></td> <td class="src"><pre class="src"> <a title="Line 411: Conditional coverage 100% (2/2)."> <span class="keyword">while</span> (rsR.next()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 412</td> <td class="nbHitsCovered"> 68</td> <td class="src"><pre class="src"> vuln.addReference(rsR.getString(1), rsR.getString(2), rsR.getString(3));</pre></td></tr>
|
|
<tr> <td class="numLine"> 413</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 414</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> psS = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_SOFTWARE"</span>));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 415</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> psS.setInt(1, cveId);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 416</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> rsS = psS.executeQuery();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 417</td> <td class="nbHitsCovered"><a title="Line 417: Conditional coverage 100% (2/2)."> 244</a></td> <td class="src"><pre class="src"> <a title="Line 417: Conditional coverage 100% (2/2)."> <span class="keyword">while</span> (rsS.next()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 418</td> <td class="nbHitsCovered"> 236</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String cpe = rsS.getString(1);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 419</td> <td class="nbHitsCovered"> 236</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String prevVersion = rsS.getString(2);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 420</td> <td class="nbHitsCovered"><a title="Line 420: Conditional coverage 100% (2/2)."> 236</a></td> <td class="src"><pre class="src"> <a title="Line 420: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (prevVersion == <span class="keyword">null</span>) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 421</td> <td class="nbHitsCovered"> 228</td> <td class="src"><pre class="src"> vuln.addVulnerableSoftware(cpe);</pre></td></tr>
|
|
<tr> <td class="numLine"> 422</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 423</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> vuln.addVulnerableSoftware(cpe, prevVersion);</pre></td></tr>
|
|
<tr> <td class="numLine"> 424</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 425</td> <td class="nbHitsCovered"> 236</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 426</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 427</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 428</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(<span class="string">"Error retrieving "</span> + cve, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 429</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 430</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rsV);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 431</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rsR);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 432</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rsS);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 433</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> DBUtils.closeStatement(psV);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 434</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> DBUtils.closeStatement(psR);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 435</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> DBUtils.closeStatement(psS);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 436</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 437</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">return</span> vuln;</pre></td></tr>
|
|
<tr> <td class="numLine"> 438</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 439</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 440</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 441</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Updates the vulnerability within the database. If the vulnerability does not exist it will be added.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 442</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 443</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param vuln the vulnerability to add to the database</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 444</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws DatabaseException is thrown if the database</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 445</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 446</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> updateVulnerability(Vulnerability vuln) <span class="keyword">throws</span> DatabaseException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 447</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement selectVulnerabilityId = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 448</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement deleteVulnerability = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 449</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement deleteReferences = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 450</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement deleteSoftware = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 451</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement updateVulnerability = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 452</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement insertVulnerability = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 453</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement insertReference = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 454</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement selectCpeId = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 455</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement insertCpe = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 456</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement insertSoftware = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 457</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 458</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 459</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> selectVulnerabilityId = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_VULNERABILITY_ID"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 460</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteVulnerability = getConnection().prepareStatement(statementBundle.getString(<span class="string">"DELETE_VULNERABILITY"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 461</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteReferences = getConnection().prepareStatement(statementBundle.getString(<span class="string">"DELETE_REFERENCE"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 462</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteSoftware = getConnection().prepareStatement(statementBundle.getString(<span class="string">"DELETE_SOFTWARE"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 463</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability = getConnection().prepareStatement(statementBundle.getString(<span class="string">"UPDATE_VULNERABILITY"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 464</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String[] ids = {<span class="string">"id"</span>};</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 465</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability = getConnection().prepareStatement(statementBundle.getString(<span class="string">"INSERT_VULNERABILITY"</span>),</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 466</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//Statement.RETURN_GENERATED_KEYS);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 467</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> ids);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 468</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertReference = getConnection().prepareStatement(statementBundle.getString(<span class="string">"INSERT_REFERENCE"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 469</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> selectCpeId = getConnection().prepareStatement(statementBundle.getString(<span class="string">"SELECT_CPE_ID"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 470</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertCpe = getConnection().prepareStatement(statementBundle.getString(<span class="string">"INSERT_CPE"</span>),</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 471</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//Statement.RETURN_GENERATED_KEYS);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 472</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> ids);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 473</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertSoftware = getConnection().prepareStatement(statementBundle.getString(<span class="string">"INSERT_SOFTWARE"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 474</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">int</span> vulnerabilityId = 0;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 475</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> selectVulnerabilityId.setString(1, vuln.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 476</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ResultSet rs = selectVulnerabilityId.executeQuery();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 477</td> <td class="nbHitsUncovered"><a title="Line 477: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 477: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (rs.next()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 478</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerabilityId = rs.getInt(1);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 479</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">// first delete any existing vulnerability info. We don't know what was updated. yes, slower but atm easier.</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 480</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteReferences.setInt(1, vulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 481</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteReferences.execute();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 482</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteSoftware.setInt(1, vulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 483</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteSoftware.execute();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 484</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 485</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeResultSet(rs);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 486</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rs = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 487</td> <td class="nbHitsUncovered"><a title="Line 487: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 487: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (vulnerabilityId != 0) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 488</td> <td class="nbHitsUncovered"><a title="Line 488: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 488: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (vuln.getDescription().contains(<span class="string">"** REJECT **"</span>)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 489</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteVulnerability.setInt(1, vulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 490</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> deleteVulnerability.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 491</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 492</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(1, vuln.getDescription());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 493</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(2, vuln.getCwe());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 494</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setFloat(3, vuln.getCvssScore());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 495</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(4, vuln.getCvssAccessVector());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 496</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(5, vuln.getCvssAccessComplexity());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 497</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(6, vuln.getCvssAuthentication());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 498</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(7, vuln.getCvssConfidentialityImpact());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 499</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(8, vuln.getCvssIntegrityImpact());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 500</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setString(9, vuln.getCvssAvailabilityImpact());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 501</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.setInt(10, vulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 502</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> updateVulnerability.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 503</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 504</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 505</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(1, vuln.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 506</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(2, vuln.getDescription());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 507</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(3, vuln.getCwe());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 508</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setFloat(4, vuln.getCvssScore());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 509</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(5, vuln.getCvssAccessVector());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 510</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(6, vuln.getCvssAccessComplexity());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 511</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(7, vuln.getCvssAuthentication());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 512</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(8, vuln.getCvssConfidentialityImpact());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 513</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(9, vuln.getCvssIntegrityImpact());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 514</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.setString(10, vuln.getCvssAvailabilityImpact());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 515</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertVulnerability.execute();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 516</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 517</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rs = insertVulnerability.getGeneratedKeys();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 518</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rs.next();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 519</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerabilityId = rs.getInt(1);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 520</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 521</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String msg = String.format(<span class="string">"Unable to retrieve id for new vulnerability for '%s'"</span>, vuln.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 522</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(msg, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 523</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 524</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeResultSet(rs);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 525</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rs = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 526</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 527</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 528</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertReference.setInt(1, vulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 529</td> <td class="nbHitsUncovered"><a title="Line 529: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 529: Conditional coverage 0% (0/2)."> <span class="keyword">for</span> (Reference r : vuln.getReferences()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 530</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertReference.setString(2, r.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 531</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertReference.setString(3, r.getUrl());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 532</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertReference.setString(4, r.getSource());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 533</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertReference.execute();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 534</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 535</td> <td class="nbHitsUncovered"><a title="Line 535: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 535: Conditional coverage 0% (0/2)."> <span class="keyword">for</span> (VulnerableSoftware s : vuln.getVulnerableSoftware()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 536</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">int</span> cpeProductId = 0;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 537</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> selectCpeId.setString(1, s.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 538</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 539</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rs = selectCpeId.executeQuery();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 540</td> <td class="nbHitsUncovered"><a title="Line 540: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 540: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (rs.next()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 541</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> cpeProductId = rs.getInt(1);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 542</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 543</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 544</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(<span class="string">"Unable to get primary key for new cpe: "</span> + s.getName(), ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 545</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 546</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeResultSet(rs);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 547</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rs = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 548</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 549</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 550</td> <td class="nbHitsUncovered"><a title="Line 550: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 550: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (cpeProductId == 0) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 551</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertCpe.setString(1, s.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 552</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertCpe.setString(2, s.getVendor());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 553</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertCpe.setString(3, s.getProduct());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 554</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertCpe.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 555</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> cpeProductId = DBUtils.getGeneratedKey(insertCpe);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 556</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 557</td> <td class="nbHitsUncovered"><a title="Line 557: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 557: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (cpeProductId == 0) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 558</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(<span class="string">"Unable to retrieve cpeProductId - no data returned"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 559</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 560</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 561</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertSoftware.setInt(1, vulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 562</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertSoftware.setInt(2, cpeProductId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 563</td> <td class="nbHitsUncovered"><a title="Line 563: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 563: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (s.getPreviousVersion() == <span class="keyword">null</span>) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 564</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertSoftware.setNull(3, java.sql.Types.VARCHAR);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 565</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 566</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertSoftware.setString(3, s.getPreviousVersion());</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 567</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 568</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> insertSoftware.execute();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 569</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 570</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 571</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 572</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String msg = String.format(<span class="string">"Error updating '%s'"</span>, vuln.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 573</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 574</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> DatabaseException(msg, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 575</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 576</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(selectVulnerabilityId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 577</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(deleteReferences);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 578</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(deleteSoftware);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 579</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(updateVulnerability);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 580</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(deleteVulnerability);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 581</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(insertVulnerability);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 582</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(insertReference);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 583</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(selectCpeId);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 584</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(insertCpe);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 585</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(insertSoftware);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 586</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 587</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 588</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 589</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 590</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Checks to see if data exists so that analysis can be performed.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 591</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 592</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return <code>true</code> if data exists; otherwise <code>false</code></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 593</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 594</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">boolean</span> dataExists() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 595</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> Statement cs = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 596</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> ResultSet rs = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 597</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 598</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> cs = conn.createStatement();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 599</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> rs = cs.executeQuery(<span class="string">"SELECT COUNT(*) records FROM cpeEntry"</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 600</td> <td class="nbHitsUncovered"><a title="Line 600: Conditional coverage 50% (1/2)."> 1</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 600: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (rs.next()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 601</td> <td class="nbHitsUncovered"><a title="Line 601: Conditional coverage 50% (1/2)."> 1</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 601: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (rs.getInt(1) > 0) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 602</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">true</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 603</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 604</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 605</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 606</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> String dd;</pre></td></tr>
|
|
<tr> <td class="numLine"> 607</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 608</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dd = Settings.getDataDirectory().getAbsolutePath();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 609</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (IOException ex1) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 610</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dd = Settings.getString(Settings.KEYS.DATA_DIRECTORY);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 611</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 612</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"Unable to access the local database.\n\nEnsure that '{}' is a writable directory. "</span></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 613</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> + <span class="string">"If the problem persist try deleting the files in '{}' and running {} again. If the problem continues, please "</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 614</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> + <span class="string">"create a log file (see documentation at http://jeremylong.github.io/DependencyCheck/) and open a ticket at "</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 615</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> + <span class="string">"https://github.com/jeremylong/DependencyCheck/issues and include the log file.\n\n"</span>,</pre></td></tr>
|
|
<tr> <td class="numLine"> 616</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> dd, dd, Settings.getString(Settings.KEYS.APPLICATION_VAME));</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 617</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 618</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 619</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> DBUtils.closeResultSet(rs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 620</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> DBUtils.closeStatement(cs);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 621</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 622</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">false</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 623</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 624</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 625</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 626</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * It is possible that orphaned rows may be generated during database updates. This should be called after all updates have</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 627</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * been completed to ensure orphan entries are removed.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 628</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 629</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> cleanupDatabase() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 630</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement ps = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 631</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 632</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps = getConnection().prepareStatement(statementBundle.getString(<span class="string">"CLEANUP_ORPHANS"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 633</td> <td class="nbHitsUncovered"><a title="Line 633: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 633: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (ps != <span class="keyword">null</span>) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 634</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 635</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 636</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 637</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"An unexpected SQL Exception occurred; please see the verbose log for more details."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 638</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 639</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 640</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(ps);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 641</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 642</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 643</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 644</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 645</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Determines if the given identifiedVersion is affected by the given cpeId and previous version flag. A non-null, non-empty</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 646</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * string passed to the previous version argument indicates that all previous versions are affected.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 647</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 648</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param vendor the vendor of the dependency being analyzed</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 649</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param product the product name of the dependency being analyzed</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 650</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param vulnerableSoftware a map of the vulnerable software with a boolean indicating if all previous versions are affected</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 651</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param identifiedVersion the identified version of the dependency being analyzed</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 652</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return true if the identified version is affected, otherwise false</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 653</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 654</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> Entry<String, Boolean> getMatchingSoftware(Map<String, Boolean> vulnerableSoftware, String vendor, String product,</pre></td></tr>
|
|
<tr> <td class="numLine"> 655</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> DependencyVersion identifiedVersion) {</pre></td></tr>
|
|
<tr> <td class="numLine"> 656</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 657</td> <td class="nbHitsUncovered"><a title="Line 657: Conditional coverage 25% (1/4) [each condition: 50%, 0%]."> 13</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 657: Conditional coverage 25% (1/4) [each condition: 50%, 0%]."> <span class="keyword">final</span> <span class="keyword">boolean</span> isVersionTwoADifferentProduct = <span class="string">"apache"</span>.equals(vendor) && <span class="string">"struts"</span>.equals(product);</a></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 658</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 659</td> <td class="nbHitsCovered"> 13</td> <td class="src"><pre class="src"> <span class="keyword">final</span> Set<String> majorVersionsAffectingAllPrevious = <span class="keyword">new</span> HashSet<String>();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 660</td> <td class="nbHitsUncovered"><a title="Line 660: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> 13</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 660: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> <span class="keyword">final</span> <span class="keyword">boolean</span> matchesAnyPrevious = identifiedVersion == <span class="keyword">null</span> || <span class="string">"-"</span>.equals(identifiedVersion.toString());</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 661</td> <td class="nbHitsCovered"> 13</td> <td class="src"><pre class="src"> String majorVersionMatch = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 662</td> <td class="nbHitsCovered"><a title="Line 662: Conditional coverage 100% (2/2)."> 13</a></td> <td class="src"><pre class="src"> <a title="Line 662: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (Entry<String, Boolean> entry : vulnerableSoftware.entrySet()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 663</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> <span class="keyword">final</span> DependencyVersion v = parseDependencyVersion(entry.getKey());</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 664</td> <td class="nbHitsUncovered"><a title="Line 664: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> 279</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 664: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> <span class="keyword">if</span> (v == <span class="keyword">null</span> || <span class="string">"-"</span>.equals(v.toString())) { <span class="comment">//all versions</span></a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 665</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> entry;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 666</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 667</td> <td class="nbHitsCovered"><a title="Line 667: Conditional coverage 100% (2/2)."> 279</a></td> <td class="src"><pre class="src"> <a title="Line 667: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (entry.getValue()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 668</td> <td class="nbHitsUncovered"><a title="Line 668: Conditional coverage 50% (1/2)."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 668: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (matchesAnyPrevious) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 669</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> entry;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 670</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 671</td> <td class="nbHitsUncovered"><a title="Line 671: Conditional coverage 75% (3/4) [each condition: 50%, 100%]."> 8</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 671: Conditional coverage 75% (3/4) [each condition: 50%, 100%]."> <span class="keyword">if</span> (identifiedVersion != <span class="keyword">null</span> && identifiedVersion.getVersionParts().get(0).equals(v.getVersionParts().get(0))) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 672</td> <td class="nbHitsCovered"> 6</td> <td class="src"><pre class="src"> majorVersionMatch = v.getVersionParts().get(0);</pre></td></tr>
|
|
<tr> <td class="numLine"> 673</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 674</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> majorVersionsAffectingAllPrevious.add(v.getVersionParts().get(0));</pre></td></tr>
|
|
<tr> <td class="numLine"> 675</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 676</td> <td class="nbHitsCovered"> 279</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 677</td> <td class="nbHitsUncovered"><a title="Line 677: Conditional coverage 50% (1/2)."> 13</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 677: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (matchesAnyPrevious) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 678</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 679</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 680</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 681</td> <td class="nbHitsCovered"><a title="Line 681: Conditional coverage 100% (4/4) [each condition: 100%, 100%]."> 13</a></td> <td class="src"><pre class="src"> <a title="Line 681: Conditional coverage 100% (4/4) [each condition: 100%, 100%]."> <span class="keyword">final</span> <span class="keyword">boolean</span> canSkipVersions = majorVersionMatch != <span class="keyword">null</span> && majorVersionsAffectingAllPrevious.size() > 1;</a></pre></td></tr>
|
|
<tr> <td class="numLine"> 682</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//yes, we are iterating over this twice. The first time we are skipping versions those that affect all versions</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 683</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//then later we process those that affect all versions. This could be done with sorting...</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 684</td> <td class="nbHitsCovered"><a title="Line 684: Conditional coverage 100% (2/2)."> 13</a></td> <td class="src"><pre class="src"> <a title="Line 684: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (Entry<String, Boolean> entry : vulnerableSoftware.entrySet()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 685</td> <td class="nbHitsCovered"><a title="Line 685: Conditional coverage 100% (2/2)."> 232</a></td> <td class="src"><pre class="src"> <a title="Line 685: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (!entry.getValue()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 686</td> <td class="nbHitsCovered"> 225</td> <td class="src"><pre class="src"> <span class="keyword">final</span> DependencyVersion v = parseDependencyVersion(entry.getKey());</pre></td></tr>
|
|
<tr> <td class="numLine"> 687</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//this can't dereference a null 'majorVersionMatch' as canSkipVersions accounts for this.</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 688</td> <td class="nbHitsCovered"><a title="Line 688: Conditional coverage 100% (4/4) [each condition: 100%, 100%]."> 225</a></td> <td class="src"><pre class="src"> <a title="Line 688: Conditional coverage 100% (4/4) [each condition: 100%, 100%]."> <span class="keyword">if</span> (canSkipVersions && !majorVersionMatch.equals(v.getVersionParts().get(0))) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 689</td> <td class="nbHitsCovered"> 10</td> <td class="src"><pre class="src"> <span class="keyword">continue</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 690</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 691</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//this can't dereference a null 'identifiedVersion' because if it was null we would have exited</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 692</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//in the above loop or just after loop (if matchesAnyPrevious return null).</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 693</td> <td class="nbHitsCovered"><a title="Line 693: Conditional coverage 100% (2/2)."> 215</a></td> <td class="src"><pre class="src"> <a title="Line 693: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (identifiedVersion.equals(v)) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 694</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">return</span> entry;</pre></td></tr>
|
|
<tr> <td class="numLine"> 695</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 696</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 697</td> <td class="nbHitsCovered"> 214</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 698</td> <td class="nbHitsCovered"><a title="Line 698: Conditional coverage 100% (2/2)."> 5</a></td> <td class="src"><pre class="src"> <a title="Line 698: Conditional coverage 100% (2/2)."> <span class="keyword">for</span> (Entry<String, Boolean> entry : vulnerableSoftware.entrySet()) {</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 699</td> <td class="nbHitsUncovered"><a title="Line 699: Conditional coverage 50% (1/2)."> 56</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 699: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (entry.getValue()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 700</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> DependencyVersion v = parseDependencyVersion(entry.getKey());</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 701</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//this can't dereference a null 'majorVersionMatch' as canSkipVersions accounts for this.</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 702</td> <td class="nbHitsUncovered"><a title="Line 702: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 702: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> <span class="keyword">if</span> (canSkipVersions && !majorVersionMatch.equals(v.getVersionParts().get(0))) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 703</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">continue</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 704</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 705</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//this can't dereference a null 'identifiedVersion' because if it was null we would have exited</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 706</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//in the above loop or just after loop (if matchesAnyPrevious return null).</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 707</td> <td class="nbHitsUncovered"><a title="Line 707: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 707: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> <span class="keyword">if</span> (entry.getValue() && identifiedVersion.compareTo(v) <= 0) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 708</td> <td class="nbHitsUncovered"><a title="Line 708: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 708: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> <span class="keyword">if</span> (!(isVersionTwoADifferentProduct && !identifiedVersion.getVersionParts().get(0).equals(v.getVersionParts().get(0)))) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 709</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> entry;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 710</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 711</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 712</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 713</td> <td class="nbHitsCovered"> 56</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 714</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 715</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 716</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 717</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 718</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Parses the version (including revision) from a CPE identifier. If no version is identified then a '-' is returned.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 719</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 720</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param cpeStr a cpe identifier</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 721</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a dependency version</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 722</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 723</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> DependencyVersion parseDependencyVersion(String cpeStr) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 724</td> <td class="nbHitsCovered"> 504</td> <td class="src"><pre class="src"> <span class="keyword">final</span> VulnerableSoftware cpe = <span class="keyword">new</span> VulnerableSoftware();</pre></td></tr>
|
|
<tr> <td class="numLine"> 725</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 726</td> <td class="nbHitsCovered"> 504</td> <td class="src"><pre class="src"> cpe.parseName(cpeStr);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 727</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (UnsupportedEncodingException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 728</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">//never going to happen.</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 729</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.trace(<span class="string">""</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 730</td> <td class="nbHitsCovered"> 504</td> <td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 731</td> <td class="nbHitsCovered"> 504</td> <td class="src"><pre class="src"> <span class="keyword">return</span> parseDependencyVersion(cpe);</pre></td></tr>
|
|
<tr> <td class="numLine"> 732</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 733</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 734</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 735</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Takes a CPE and parses out the version number. If no version is identified then a '-' is returned.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 736</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 737</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param cpe a cpe object</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 738</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a dependency version</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 739</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 740</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> DependencyVersion parseDependencyVersion(VulnerableSoftware cpe) {</pre></td></tr>
|
|
<tr> <td class="numLine"> 741</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">final</span> DependencyVersion cpeVersion;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 742</td> <td class="nbHitsUncovered"><a title="Line 742: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> 507</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 742: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> <span class="keyword">if</span> (cpe.getVersion() != <span class="keyword">null</span> && !cpe.getVersion().isEmpty()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 743</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">final</span> String versionText;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 744</td> <td class="nbHitsUncovered"><a title="Line 744: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> 507</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 744: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> <span class="keyword">if</span> (cpe.getUpdate() != <span class="keyword">null</span> && !cpe.getUpdate().isEmpty()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 745</td> <td class="nbHitsCovered"> 130</td> <td class="src"><pre class="src"> versionText = String.format(<span class="string">"%s.%s"</span>, cpe.getVersion(), cpe.getUpdate());</pre></td></tr>
|
|
<tr> <td class="numLine"> 746</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 747</td> <td class="nbHitsCovered"> 377</td> <td class="src"><pre class="src"> versionText = cpe.getVersion();</pre></td></tr>
|
|
<tr> <td class="numLine"> 748</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 749</td> <td class="nbHitsCovered"> 507</td> <td class="src"><pre class="src"> cpeVersion = DependencyVersionUtil.parseVersion(versionText);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 750</td> <td class="nbHitsCovered"> 507</td> <td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 751</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> cpeVersion = <span class="keyword">new</span> DependencyVersion(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 752</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 753</td> <td class="nbHitsCovered"> 507</td> <td class="src"><pre class="src"> <span class="keyword">return</span> cpeVersion;</pre></td></tr>
|
|
<tr> <td class="numLine"> 754</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 755</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 756</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 757</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * This method is only referenced in unused code.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 758</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 759</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Deletes unused dictionary entries from the database.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 760</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 761</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> deleteUnusedCpe() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 762</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> CallableStatement cs = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 763</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 764</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> cs = getConnection().prepareCall(statementBundle.getString(<span class="string">"DELETE_UNUSED_DICT_CPE"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 765</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> cs.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 766</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 767</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"Unable to delete CPE dictionary entries"</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 768</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 769</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(cs);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 770</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 771</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 772</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 773</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 774</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * This method is only referenced in unused code and will likely break on MySQL if ever used due to the MERGE statement.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 775</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 776</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Merges CPE entries into the database.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 777</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 778</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param cpe the CPE identifier</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 779</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param vendor the CPE vendor</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 780</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @param product the CPE product</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 781</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 782</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> addCpe(String cpe, String vendor, String product) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 783</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> PreparedStatement ps = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 784</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 785</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps = getConnection().prepareCall(statementBundle.getString(<span class="string">"ADD_DICT_CPE"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 786</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps.setString(1, cpe);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 787</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps.setString(2, vendor);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 788</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps.setString(3, product);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 789</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ps.executeUpdate();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 790</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (SQLException ex) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 791</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.error(<span class="string">"Unable to add CPE dictionary entry"</span>, ex);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 792</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 793</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> DBUtils.closeStatement(ps);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 794</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 795</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 796</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
</table>
|
|
|
|
<div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 2.1.1 on 12/10/15 7:51 PM.</div>
|
|
</body>
|
|
</html>
|