View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.cpe;
19  
20  import java.io.Serializable;
21  import java.io.UnsupportedEncodingException;
22  import java.net.URLDecoder;
23  import java.nio.charset.StandardCharsets;
24  import javax.annotation.concurrent.ThreadSafe;
25  import org.apache.commons.lang3.StringUtils;
26  import org.apache.commons.lang3.builder.EqualsBuilder;
27  import org.apache.commons.lang3.builder.HashCodeBuilder;
28  
29  /**
30   * A CPE entry containing the name, vendor, product, and version.
31   *
32   * @author Jeremy Long
33   */
34  @ThreadSafe
35  public class IndexEntry implements Serializable {
36  
37      /**
38       * the serial version uid.
39       */
40      private static final long serialVersionUID = 8011924485946326934L;
41      /**
42       * The vendor name.
43       */
44      private String vendor;
45      /**
46       * The documentId.
47       */
48      private int documentId;
49      /**
50       * The product name.
51       */
52      private String product;
53      /**
54       * The search score.
55       */
56      private float searchScore;
57  
58      /**
59       * Get the value of documentId.
60       *
61       * @return the value of documentId
62       */
63      public int getDocumentId() {
64          return documentId;
65      }
66  
67      /**
68       * Set the value of documentId.
69       *
70       * @param documentId new value of documentId
71       */
72      public void setDocumentId(int documentId) {
73          this.documentId = documentId;
74      }
75  
76      /**
77       * Get the value of vendor.
78       *
79       * @return the value of vendor
80       */
81      public String getVendor() {
82          return vendor;
83      }
84  
85      /**
86       * Set the value of vendor.
87       *
88       * @param vendor new value of vendor
89       */
90      public void setVendor(String vendor) {
91          this.vendor = vendor;
92      }
93  
94      /**
95       * Get the value of product.
96       *
97       * @return the value of product
98       */
99      public String getProduct() {
100         return product;
101     }
102 
103     /**
104      * Set the value of product.
105      *
106      * @param product new value of product
107      */
108     public void setProduct(String product) {
109         this.product = product;
110     }
111 
112     /**
113      * Get the value of searchScore.
114      *
115      * @return the value of searchScore
116      */
117     public float getSearchScore() {
118         return searchScore;
119     }
120 
121     /**
122      * Set the value of searchScore.
123      *
124      * @param searchScore new value of searchScore
125      */
126     public void setSearchScore(float searchScore) {
127         this.searchScore = searchScore;
128     }
129 
130     /**
131      * <p>
132      * Parses a name attribute value, from the cpe.xml, into its corresponding
133      * parts: vendor, product.</p>
134      * <p>
135      * Example:</p>
136      * <code>nbsp;nbsp;nbsp;cpe:/a:apache:struts:1.1:rc2</code>
137      *
138      * <p>
139      * Results in:</p> <ul> <li>Vendor: apache</li> <li>Product: struts</li>
140      * </ul>
141      * <p>
142      * If it is necessary to parse the CPE into more parts (i.e. to include
143      * version and revision) then you should use the `cpe-parser`.
144      *
145      * @param cpeName the CPE name
146      * @throws UnsupportedEncodingException should never be thrown...
147      */
148     public void parseName(String cpeName) throws UnsupportedEncodingException {
149         if (cpeName != null && cpeName.length() > 7) {
150             final String cpeNameWithoutPrefix = cpeName.substring(7);
151             final String[] data = StringUtils.split(cpeNameWithoutPrefix, ':');
152             if (data.length >= 1) {
153                 vendor = URLDecoder.decode(data[0].replace("+", "%2B"), StandardCharsets.UTF_8.name());
154                 if (data.length >= 2) {
155                     product = URLDecoder.decode(data[1].replace("+", "%2B"), StandardCharsets.UTF_8.name());
156                 }
157             }
158         }
159     }
160 
161     @Override
162     public int hashCode() {
163         return new HashCodeBuilder(5, 27)
164                 .append(documentId)
165                 .append(vendor)
166                 .append(product)
167                 .append(searchScore)
168                 .build();
169     }
170 
171     @Override
172     public boolean equals(Object obj) {
173         if (obj == null || !(obj instanceof IndexEntry)) {
174             return false;
175         }
176         if (this == obj) {
177             return true;
178         }
179         final IndexEntry rhs = (IndexEntry) obj;
180         return new EqualsBuilder()
181                 .append(vendor, rhs.vendor)
182                 .append(product, rhs.product)
183                 .isEquals();
184     }
185 
186     /**
187      * Standard implementation of toString showing vendor and product.
188      *
189      * @return the string representation of the object
190      */
191     @Override
192     public String toString() {
193         return "IndexEntry{" + "vendor=" + vendor + ", product=" + product + "', score=" + searchScore + "}";
194     }
195 }