@ThreadSafe public class CPEAnalyzer extends AbstractAnalyzer
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
NVD_SEARCH_BROAD_URL
The URL to search the NVD CVE data at NIST.
|
static java.lang.String |
NVD_SEARCH_URL
The URL to search the NVD CVE data at NIST.
|
Constructor and Description |
---|
CPEAnalyzer() |
Modifier and Type | Method and Description |
---|---|
protected void |
analyzeDependency(Dependency dependency,
Engine engine)
Analyzes a dependency and attempts to determine if there are any CPE
identifiers for this dependency.
|
protected java.lang.String |
buildSearch(java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> vendor,
java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> product,
java.util.Set<java.lang.String> vendorWeighting,
java.util.Set<java.lang.String> productWeightings)
Builds a Lucene search string by properly escaping data and constructing
a valid search query.
|
void |
closeAnalyzer()
Closes the data sources.
|
protected void |
collectTerms(java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> terms,
java.lang.Iterable<Evidence> evidence)
Returns the text created by concatenating the text and the values from
the EvidenceCollection (filtered for a specific confidence).
|
protected void |
determineCPE(Dependency dependency)
Searches the data store of CPE entries, trying to identify the CPE for
the given dependency based on the evidence contained within.
|
protected boolean |
determineIdentifiers(Dependency dependency,
java.lang.String vendor,
java.lang.String product,
Confidence currentConfidence)
Retrieves a list of CPE values from the CveDB based on the vendor and
product passed in.
|
AnalysisPhase |
getAnalysisPhase()
Returns the analysis phase that this analyzer should run in.
|
protected java.lang.String |
getAnalyzerEnabledSettingKey()
Returns the setting key to determine if the analyzer is enabled.
|
protected CveDB |
getCveDB()
returns a reference to the CveDB.
|
protected MemoryIndex |
getMemoryIndex()
Returns the memory index.
|
java.lang.String |
getName()
Returns the name of this analyzer.
|
static void |
main(java.lang.String[] args)
Command line tool for querying the Lucene CPE Index.
|
void |
open(CveDB cve)
Opens the data source.
|
void |
prepareAnalyzer(Engine engine)
Creates the CPE Lucene Index.
|
protected java.util.List<IndexEntry> |
searchCPE(java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> vendor,
java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> product,
java.util.Set<java.lang.String> vendorWeightings,
java.util.Set<java.lang.String> productWeightings,
java.lang.String ecosystem)
Searches the Lucene CPE index to identify possible CPE entries associated
with the supplied vendor, product, and version.
|
protected void |
setCpeSuppressionAnalyzer(CpeSuppressionAnalyzer suppression)
Sets the CPE Suppression Analyzer.
|
protected void |
setCveDB(CveDB cveDb)
Sets the reference to the CveDB.
|
protected void |
setMemoryIndex(MemoryIndex idx)
Sets the MemoryIndex.
|
analyze, close, getSettings, initialize, isEnabled, prepare, setEnabled, supportsParallelProcessing
public static final java.lang.String NVD_SEARCH_URL
String.format(NVD_SEARCH_URL, vendor, product, version);
public static final java.lang.String NVD_SEARCH_BROAD_URL
String.format(NVD_SEARCH_URL, vendor, product);
public java.lang.String getName()
public AnalysisPhase getAnalysisPhase()
public void prepareAnalyzer(Engine engine) throws InitializationException
prepareAnalyzer
in class AbstractAnalyzer
engine
- a reference to the dependency-check engineInitializationException
- is thrown if there is an issue opening
the index.public void open(CveDB cve) throws java.io.IOException, DatabaseException
cve
- a reference to the NVD CVE databasejava.io.IOException
- when the Lucene directory to be queried does not
exist or is corrupt.DatabaseException
- when the database throws an exception. This
usually occurs when the database is in use by another process.public void closeAnalyzer()
closeAnalyzer
in class AbstractAnalyzer
protected void determineCPE(Dependency dependency) throws org.apache.lucene.index.CorruptIndexException, java.io.IOException, org.apache.lucene.queryparser.classic.ParseException, AnalysisException
dependency
- the dependency to search for CPE entries onorg.apache.lucene.index.CorruptIndexException
- is thrown when the Lucene index is corruptjava.io.IOException
- is thrown when an IOException occursorg.apache.lucene.queryparser.classic.ParseException
- is thrown when the Lucene query cannot be parsedAnalysisException
- thrown if the suppression rules failedprotected void collectTerms(java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> terms, java.lang.Iterable<Evidence> evidence)
Returns the text created by concatenating the text and the values from the EvidenceCollection (filtered for a specific confidence). This attempts to prevent duplicate terms from being added.
Note, if the evidence is longer then 1000 characters it will be truncated.
terms
- the collection of termsevidence
- an iterable set of evidence to concatenateprotected java.util.List<IndexEntry> searchCPE(java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> vendor, java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> product, java.util.Set<java.lang.String> vendorWeightings, java.util.Set<java.lang.String> productWeightings, java.lang.String ecosystem)
Searches the Lucene CPE index to identify possible CPE entries associated with the supplied vendor, product, and version.
If either the vendorWeightings or productWeightings lists have been populated this data is used to add weighting factors to the search.
vendor
- the text used to search the vendor fieldproduct
- the text used to search the product fieldvendorWeightings
- a list of strings to use to add weighting factors
to the vendor fieldproductWeightings
- Adds a list of strings that will be used to add
weighting factors to the product searchecosystem
- the dependency's ecosystemprotected java.lang.String buildSearch(java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> vendor, java.util.Map<java.lang.String,org.apache.commons.lang3.mutable.MutableInt> product, java.util.Set<java.lang.String> vendorWeighting, java.util.Set<java.lang.String> productWeightings)
Builds a Lucene search string by properly escaping data and constructing a valid search query.
If either the possibleVendor or possibleProducts lists have been populated this data is used to add weighting factors to the search string generated.
vendor
- text to search the vendor fieldproduct
- text to search the product fieldvendorWeighting
- a list of strings to apply to the vendor to boost
the terms weightproductWeightings
- a list of strings to apply to the product to
boost the terms weightprotected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException
analyzeDependency
in class AbstractAnalyzer
dependency
- The Dependency to analyze.engine
- The analysis engineAnalysisException
- is thrown if there is an issue analyzing the
dependency.protected boolean determineIdentifiers(Dependency dependency, java.lang.String vendor, java.lang.String product, Confidence currentConfidence) throws java.io.UnsupportedEncodingException, AnalysisException
dependency
- the Dependency being analyzedvendor
- the vendor for the CPE being analyzedproduct
- the product for the CPE being analyzedcurrentConfidence
- the current confidence being used during
analysistrue
if an identifier was added to the dependency;
otherwise false
java.io.UnsupportedEncodingException
- is thrown if UTF-8 is not supportedAnalysisException
- thrown if the suppression rules failedprotected java.lang.String getAnalyzerEnabledSettingKey()
Returns the setting key to determine if the analyzer is enabled.
getAnalyzerEnabledSettingKey
in class AbstractAnalyzer
public static void main(java.lang.String[] args)
args
- not usedprotected void setCveDB(CveDB cveDb)
cveDb
- the CveDBprotected CveDB getCveDB()
protected void setMemoryIndex(MemoryIndex idx)
idx
- the memory indexprotected MemoryIndex getMemoryIndex()
protected void setCpeSuppressionAnalyzer(CpeSuppressionAnalyzer suppression)
suppression
- the CPE Suppression AnalyzerCopyright© 2012-21 Jeremy Long. All Rights Reserved.