/** * {@inheritDoc} * * @param engine a reference to the dependency-check engine * @throws InitializationException thrown if there is an exception during * initialization */ @Override protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException { File repoFile = null; try { repoFile = new File(getSettings().getDataDirectory(), "jsrepository.json"); } catch (FileNotFoundException ex) { this.setEnabled(false); throw new InitializationException(String.format("RetireJS repo does not exist locally (%s)", repoFile), ex); } catch (IOException ex) { this.setEnabled(false); throw new InitializationException("Failed to initialize the RetireJS repo - data directory could not be created", ex); } try (FileInputStream in = new FileInputStream(repoFile)) { this.jsRepository = new VulnerabilitiesRepositoryLoader().loadFromInputStream(in); } catch (IOException ex) { this.setEnabled(false); throw new InitializationException("Failed to initialize the RetireJS repo", ex); } }
public VulnerabilitiesRepository loadFromInputStream(InputStream in) throws IOException { JSONObject rootJson = new JSONObject(convertStreamToString(in)); String atOrAbove = vuln.has("atOrAbove") ? vuln.getString("atOrAbove") : null; //Optional field String below = vuln.getString("below"); List<String> info = objToStringList(vuln.get("info"), false); Map<String,List<String>> identifiers = vuln.has("identifiers") ? objToStringMapMultiValues(vuln.get("identifiers")) : new HashMap<String,List<String>>(); String severity = vuln.has("severity") ? vuln.getString("severity") : "medium"; lib.setFunctions(objToStringList(extractor.get("func"), false)); if (extractor.has("filename")) lib.setFilename(objToStringList(extractor.get("filename"), true)); if (extractor.has("filecontent")) lib.setFileContents(objToStringList(extractor.get("filecontent"), true)); if (extractor.has("hashes")) lib.setHashes(objToStringMap(extractor.get("hashes"))); if (extractor.has("uri")) lib.setUris(objToStringList(extractor.get("uri"), true));
private ScannerFacade() throws IOException { this.repo = new VulnerabilitiesRepositoryLoader().load(); }
dl.downloadUrlToFile(url, retireJsRepoFile); Log.info("Loading the latest Retire.js repository"); return loadFromInputStream(new FileInputStream(retireJsRepoFile)); return loadFromInputStream(inputStream); return loadFromInputStream(new FileInputStream(retireJsRepoFile)); return loadFromInputStream(inputStream);
public VulnerabilitiesRepository load() throws IOException { return load(REPO_URL); }
public Map<String, List<String>> objToStringMapMultiValues(Object obj) { Map<String, List<String>> finalMap = new HashMap<String, List<String>>(); JSONObject jsonObj = (JSONObject) obj; Iterator it = jsonObj.keySet().iterator(); while (it.hasNext()) { String key = (String) it.next(); JSONArray valuesArray = jsonObj.optJSONArray(key); if(valuesArray == null) { finalMap.put(key, Arrays.asList(jsonObj.getString(key))); } else { finalMap.put(key, objToStringList(valuesArray,false)); } } return finalMap; }
public VulnerabilitiesRepository load(String url) throws IOException { return load(url, new DefaultDownloader()); }
/** * {@inheritDoc} * * @param engine a reference to the dependency-check engine * @throws InitializationException thrown if there is an exception during * initialization */ @Override protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException { File repoFile = null; try { repoFile = new File(getSettings().getDataDirectory(), "jsrepository.json"); } catch (FileNotFoundException ex) { this.setEnabled(false); throw new InitializationException(String.format("RetireJS repo does not exist locally (%s)", repoFile), ex); } catch (IOException ex) { this.setEnabled(false); throw new InitializationException("Failed to initialize the RetireJS repo - data directory could not be created", ex); } try (FileInputStream in = new FileInputStream(repoFile)) { this.jsRepository = new VulnerabilitiesRepositoryLoader().loadFromInputStream(in); } catch (IOException ex) { this.setEnabled(false); throw new InitializationException("Failed to initialize the RetireJS repo", ex); } }