Skip to content

Commit

Permalink
fixing an issue in parsing retirejs scan result
Browse files Browse the repository at this point in the history
  • Loading branch information
@shibme
shibme committed Jul 18, 2019
1 parent 948c513 commit 0d8327d
Show file tree
Hide file tree
Showing 4 changed files with 153 additions and 167 deletions.
142 changes: 142 additions & 0 deletions src/main/java/me/shib/bugaudit/scanner/js/retirejs/RetirejsData.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
package me.shib.bugaudit.scanner.js.retirejs;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.reflect.TypeToken;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.lang.reflect.Type;
import java.util.List;

final class RetirejsData {


private static final transient String currentPath = System.getProperty("user.dir") + "/";

private static final Gson gson = new GsonBuilder().create();
private String file;
private List<Result> results;

private static String replaceLast(String content, String toReplace, String replacement) {
int start = content.lastIndexOf(toReplace);
return content.substring(0, start) +
replacement +
content.substring(start + toReplace.length());
}

private static void cleanUpFilePath(RetirejsData data) {
data.setFile(data.getFile().replaceFirst(currentPath, ""));
if (data.getFile().endsWith(".min.js")) {
data.setFile(replaceLast(data.getFile(), ".min.js", ".js"));
}
}

static synchronized List<RetirejsData> getDataList(File jsonFile) throws IOException {
StringBuilder jsonContent = new StringBuilder();
BufferedReader br = new BufferedReader(new FileReader(jsonFile));
String line;
while ((line = br.readLine()) != null) {
jsonContent.append(line).append("\n");
}
br.close();
Type type = new TypeToken<List<RetirejsData>>() {
}.getType();
List<RetirejsData> dataList = gson.fromJson(jsonContent.toString(), type);
for (RetirejsData data : dataList) {
cleanUpFilePath(data);
}
return dataList;
}

String getFile() {
return file;
}

void setFile(String file) {
this.file = file;
}

List<Result> getResults() {
return results;
}

final class Result {
private String version;
private String component;
private String detection;
private List<Result.Vulnerability> vulnerabilities;

String getVersion() {
return version;
}

String getComponent() {
return component;
}

String getDetection() {
return detection;
}

List<Result.Vulnerability> getVulnerabilities() {
return vulnerabilities;
}

final class Vulnerability {

private List<String> info;
private String below;
private String atOrAbove;
private String severity;
private Result.Vulnerability.Identifiers identifiers;

List<String> getInfo() {
return info;
}

String getBelow() {
return below;
}

public String getAtOrAbove() {
return atOrAbove;
}

String getSeverity() {
return severity;
}

Result.Vulnerability.Identifiers getIdentifiers() {
return identifiers;
}

final class Identifiers {

private String issue;
private String bug;
private String summary;
private List<String> CVE;

String getIssue() {
return issue;
}

String getBug() {
return bug;
}

String getSummary() {
return summary;
}

List<String> getCVE() {
return CVE;
}
}
}
}

}
157 changes: 0 additions & 157 deletions src/main/java/me/shib/bugaudit/scanner/js/retirejs/RetirejsResult.java
View file

This file was deleted.

10 changes: 5 additions & 5 deletions src/main/java/me/shib/bugaudit/scanner/js/retirejs/RetirejsScanner.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,13 +65,13 @@ private void runRetireJS() throws BugAuditException, IOException, InterruptedExc
}

private void parseResultData(File file) throws IOException, BugAuditException {
RetirejsResult retirejsResult = RetirejsResult.getResult(file);
if (retirejsResult.getData() != null) {
for (RetirejsResult.Data data : retirejsResult.getData()) {
List<RetirejsData> dataList = RetirejsData.getDataList(file);
if (dataList != null) {
for (RetirejsData data : dataList) {
if (data.getResults() != null) {
for (RetirejsResult.Data.Result result : data.getResults()) {
for (RetirejsData.Result result : data.getResults()) {
if (result.getVulnerabilities() != null) {
for (RetirejsResult.Data.Result.Vulnerability vulnerability : result.getVulnerabilities()) {
for (RetirejsData.Result.Vulnerability vulnerability : result.getVulnerabilities()) {
StringBuilder title = new StringBuilder();
if (vulnerability.getBelow() != null) {
title.append("Vulnerability found in ").append(result.getComponent())
Expand Down
11 changes: 6 additions & 5 deletions src/test/java/me/shib/bugaudit/scanner/js/retirejs/Test.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,23 +2,24 @@

import java.io.File;
import java.io.IOException;
import java.util.List;

public final class Test {

private static final String currentPath = System.getProperty("user.dir") + "/";

private static void cleanUpFilePath(RetirejsResult.Data data) {
private static void cleanUpFilePath(RetirejsData data) {
data.setFile(data.getFile().replaceFirst(currentPath, ""));
}

public static void main(String[] args) throws IOException {
System.out.println(currentPath);
int count = 0;
RetirejsResult retirejsResult = RetirejsResult.getResult(new File("test.json"));
for (RetirejsResult.Data data : retirejsResult.getData()) {
List<RetirejsData> dataList = RetirejsData.getDataList(new File("bugaudit-retirejs-result.json"));
for (RetirejsData data : dataList) {
cleanUpFilePath(data);
for (RetirejsResult.Data.Result result : data.getResults()) {
for (RetirejsResult.Data.Result.Vulnerability vulnerability : result.getVulnerabilities()) {
for (RetirejsData.Result result : data.getResults()) {
for (RetirejsData.Result.Vulnerability vulnerability : result.getVulnerabilities()) {
if (vulnerability.getIdentifiers().getIssue() != null) {
System.out.print(vulnerability.getIdentifiers().getIssue() + ": ");
for (String info : vulnerability.getInfo()) {
Expand Down

0 comments on commit 0d8327d

Please sign in to comment.