• Home
• org.owasp
• dependency-check-core
• 10.0.1
• source code
• CveApiJson20CveItemSource.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.owasp.dependencycheck.data.update.nvd.api.CveApiJson20CveItemSource Maven / Gradle / Ivy

/*
 * This file is part of dependency-check-core.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
 */
package org.owasp.dependencycheck.data.update.nvd.api;

import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonToken;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
import org.apache.commons.io.IOUtils;

import java.io.IOException;
import java.io.InputStream;

public class CveApiJson20CveItemSource implements CveItemSource {

    private final ObjectMapper mapper;
    private final InputStream inputStream;
    private final JsonParser jsonParser;
    private DefCveItem currentItem;
    private DefCveItem nextItem;

    public CveApiJson20CveItemSource(InputStream inputStream) throws IOException {
        mapper = new ObjectMapper();
        mapper.registerModule(new JavaTimeModule());
        this.inputStream = inputStream;
        jsonParser = mapper.getFactory().createParser(inputStream);

        JsonToken token = null;
        do {
            token = jsonParser.nextToken();
            if (token == JsonToken.FIELD_NAME) {
                String fieldName = jsonParser.getCurrentName();
                if (fieldName.equals("vulnerabilities") && (jsonParser.nextToken() == JsonToken.START_ARRAY)) {
                    nextItem = readItem(jsonParser);
                }
            }
        } while (token != null && nextItem == null);
    }

    @Override
    public void close() throws Exception {
        IOUtils.closeQuietly(jsonParser, inputStream);
    }

    @Override
    public boolean hasNext() {
        return nextItem != null;
    }

    @Override
    public DefCveItem next() throws IOException {
        currentItem = nextItem;
        nextItem = readItem(jsonParser);
        return currentItem;
    }

    private DefCveItem readItem(JsonParser jsonParser) throws IOException {
        if (jsonParser.nextToken() == JsonToken.START_OBJECT) {
            return mapper.readValue(jsonParser, DefCveItem.class);
        }
        return null;
    }
}