View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2018 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.dependency;
19  
20  import us.springett.parsers.cpe.Cpe;
21  import us.springett.parsers.cpe.CpeBuilder;
22  import us.springett.parsers.cpe.exceptions.CpeParsingException;
23  import us.springett.parsers.cpe.exceptions.CpeValidationException;
24  import us.springett.parsers.cpe.values.LogicalValue;
25  import us.springett.parsers.cpe.values.Part;
26  
27  /**
28   * A builder for VulnerableSoftware objects.
29   *
30   * @author Jeremy Long
31   */
32  public class VulnerableSoftwareBuilder extends CpeBuilder {
33  
34      /**
35       * The ending range, excluding the specified version, for matching
36       * vulnerable software
37       */
38      private String versionEndExcluding = null;
39      /**
40       * The ending range, including the specified version, for matching
41       * vulnerable software
42       */
43      private String versionEndIncluding = null;
44      /**
45       * The starting range, excluding the specified version, for matching
46       * vulnerable software
47       */
48      private String versionStartExcluding = null;
49      /**
50       * the starting range, including the specified version, for matching
51       * vulnerable software
52       */
53      private String versionStartIncluding = null;
54      /**
55       * A flag indicating whether this represents a vulnerable software object.
56       */
57      private boolean vulnerable = true;
58  
59      /**
60       * Builds the CPE Object.
61       *
62       * @return the CPE Object
63       * @throws CpeValidationException thrown if one of the CPE components is
64       * invalid
65       */
66      @Override
67      public VulnerableSoftware build() throws CpeValidationException {
68          final VulnerableSoftware vs = new VulnerableSoftware(getPart(), getVendor(), getProduct(),
69                  getVersion(), getUpdate(), getEdition(),
70                  getLanguage(), getSwEdition(), getTargetSw(), getTargetHw(), getOther(),
71                  versionEndExcluding, versionEndIncluding, versionStartExcluding,
72                  versionStartIncluding, vulnerable);
73          reset();
74          return vs;
75      }
76  
77      /**
78       * Resets the Vulnerable Software Builder to a clean state.
79       */
80      @Override
81      protected void reset() {
82          super.reset();
83          versionEndExcluding = null;
84          versionEndIncluding = null;
85          versionStartExcluding = null;
86          versionStartIncluding = null;
87          vulnerable = true;
88      }
89  
90      /**
91       * Adds a base CPE object to build a vulnerable software object from.
92       *
93       * @param cpe the base CPE
94       * @return a reference to the builder
95       */
96      public VulnerableSoftwareBuilder cpe(Cpe cpe) {
97          this.part(cpe.getPart()).wfVendor(cpe.getWellFormedVendor()).wfProduct(cpe.getWellFormedProduct())
98                  .wfVersion(cpe.getWellFormedVersion()).wfUpdate(cpe.getWellFormedUpdate())
99                  .wfEdition(cpe.getWellFormedEdition()).wfLanguage(cpe.getWellFormedLanguage())
100                 .wfSwEdition(cpe.getWellFormedSwEdition()).wfTargetSw(cpe.getWellFormedTargetSw())
101                 .wfTargetHw(cpe.getWellFormedTargetHw()).wfOther(cpe.getWellFormedOther());
102         return this;
103     }
104 
105     /**
106      * The ending range, excluding the specified version, for matching
107      * vulnerable software.
108      *
109      * @param versionEndExcluding the version range
110      * @return a reference to the builder
111      */
112     public VulnerableSoftwareBuilder versionEndExcluding(String versionEndExcluding) {
113         this.versionEndExcluding = versionEndExcluding;
114         return this;
115     }
116 
117     /**
118      * The ending range, including the specified version, for matching
119      * vulnerable software.
120      *
121      * @param versionEndIncluding the version range
122      * @return a reference to the builder
123      */
124     public VulnerableSoftwareBuilder versionEndIncluding(String versionEndIncluding) {
125         this.versionEndIncluding = versionEndIncluding;
126         return this;
127     }
128 
129     /**
130      * The starting range, excluding the specified version, for matching
131      * vulnerable software.
132      *
133      * @param versionStartExcluding the version range
134      * @return a reference to the builder
135      */
136     public VulnerableSoftwareBuilder versionStartExcluding(String versionStartExcluding) {
137         this.versionStartExcluding = versionStartExcluding;
138         return this;
139     }
140 
141     /**
142      * The starting range, including the specified version, for matching
143      * vulnerable software.
144      *
145      * @param versionStartIncluding the version range
146      * @return a reference to the builder
147      */
148     public VulnerableSoftwareBuilder versionStartIncluding(String versionStartIncluding) {
149         this.versionStartIncluding = versionStartIncluding;
150         return this;
151     }
152 
153     /**
154      * A flag indicating whether this represents a vulnerable software object.
155      *
156      * @param vulnerable whether or not this VulnerableSoftware object
157      * represents an actually vulnerable package
158      * @return a reference to the builder
159      */
160     public VulnerableSoftwareBuilder vulnerable(boolean vulnerable) {
161         this.vulnerable = vulnerable;
162         return this;
163     }
164 
165     //<editor-fold defaultstate="collapsed" desc="Overrides for builder functions from parent so that the correct type can be returned">
166     @Override
167     public VulnerableSoftwareBuilder wfOther(String other) {
168         return (VulnerableSoftwareBuilder) super.wfOther(other); //To change body of generated methods, choose Tools | Templates.
169     }
170 
171     @Override
172     public VulnerableSoftwareBuilder wfTargetHw(String targetHw) {
173         return (VulnerableSoftwareBuilder) super.wfTargetHw(targetHw); //To change body of generated methods, choose Tools | Templates.
174     }
175 
176     @Override
177     public VulnerableSoftwareBuilder wfTargetSw(String targetSw) {
178         return (VulnerableSoftwareBuilder) super.wfTargetSw(targetSw); //To change body of generated methods, choose Tools | Templates.
179     }
180 
181     @Override
182     public VulnerableSoftwareBuilder wfSwEdition(String swEdition) {
183         return (VulnerableSoftwareBuilder) super.wfSwEdition(swEdition); //To change body of generated methods, choose Tools | Templates.
184     }
185 
186     @Override
187     public VulnerableSoftwareBuilder wfLanguage(String language) {
188         return (VulnerableSoftwareBuilder) super.wfLanguage(language); //To change body of generated methods, choose Tools | Templates.
189     }
190 
191     @Override
192     public VulnerableSoftwareBuilder wfEdition(String edition) {
193         return (VulnerableSoftwareBuilder) super.wfEdition(edition); //To change body of generated methods, choose Tools | Templates.
194     }
195 
196     @Override
197     public VulnerableSoftwareBuilder wfUpdate(String update) {
198         return (VulnerableSoftwareBuilder) super.wfUpdate(update); //To change body of generated methods, choose Tools | Templates.
199     }
200 
201     @Override
202     public VulnerableSoftwareBuilder wfVersion(String version) {
203         return (VulnerableSoftwareBuilder) super.wfVersion(version); //To change body of generated methods, choose Tools | Templates.
204     }
205 
206     @Override
207     public VulnerableSoftwareBuilder wfProduct(String product) {
208         return (VulnerableSoftwareBuilder) super.wfProduct(product); //To change body of generated methods, choose Tools | Templates.
209     }
210 
211     @Override
212     public VulnerableSoftwareBuilder wfVendor(String vendor) {
213         return (VulnerableSoftwareBuilder) super.wfVendor(vendor); //To change body of generated methods, choose Tools | Templates.
214     }
215 
216     @Override
217     public VulnerableSoftwareBuilder other(LogicalValue other) {
218         return (VulnerableSoftwareBuilder) super.other(other); //To change body of generated methods, choose Tools | Templates.
219     }
220 
221     @Override
222     public VulnerableSoftwareBuilder targetHw(LogicalValue targetHw) {
223         return (VulnerableSoftwareBuilder) super.targetHw(targetHw); //To change body of generated methods, choose Tools | Templates.
224     }
225 
226     @Override
227     public VulnerableSoftwareBuilder targetSw(LogicalValue targetSw) {
228         return (VulnerableSoftwareBuilder) super.targetSw(targetSw); //To change body of generated methods, choose Tools | Templates.
229     }
230 
231     @Override
232     public VulnerableSoftwareBuilder swEdition(LogicalValue swEdition) {
233         return (VulnerableSoftwareBuilder) super.swEdition(swEdition); //To change body of generated methods, choose Tools | Templates.
234     }
235 
236     @Override
237     public VulnerableSoftwareBuilder language(LogicalValue language) {
238         return (VulnerableSoftwareBuilder) super.language(language); //To change body of generated methods, choose Tools | Templates.
239     }
240 
241     @Override
242     public VulnerableSoftwareBuilder update(LogicalValue update) {
243         return (VulnerableSoftwareBuilder) super.update(update); //To change body of generated methods, choose Tools | Templates.
244     }
245 
246     @Override
247     public VulnerableSoftwareBuilder version(LogicalValue version) {
248         return (VulnerableSoftwareBuilder) super.version(version); //To change body of generated methods, choose Tools | Templates.
249     }
250 
251     @Override
252     public VulnerableSoftwareBuilder product(LogicalValue product) {
253         return (VulnerableSoftwareBuilder) super.product(product); //To change body of generated methods, choose Tools | Templates.
254     }
255 
256     @Override
257     public VulnerableSoftwareBuilder vendor(LogicalValue vendor) {
258         return (VulnerableSoftwareBuilder) super.vendor(vendor); //To change body of generated methods, choose Tools | Templates.
259     }
260 
261     @Override
262     public VulnerableSoftwareBuilder other(String other) {
263         return (VulnerableSoftwareBuilder) super.other(other); //To change body of generated methods, choose Tools | Templates.
264     }
265 
266     @Override
267     public VulnerableSoftwareBuilder targetHw(String targetHw) {
268         return (VulnerableSoftwareBuilder) super.targetHw(targetHw); //To change body of generated methods, choose Tools | Templates.
269     }
270 
271     @Override
272     public VulnerableSoftwareBuilder targetSw(String targetSw) {
273         return (VulnerableSoftwareBuilder) super.targetSw(targetSw); //To change body of generated methods, choose Tools | Templates.
274     }
275 
276     @Override
277     public VulnerableSoftwareBuilder swEdition(String swEdition) {
278         return (VulnerableSoftwareBuilder) super.swEdition(swEdition); //To change body of generated methods, choose Tools | Templates.
279     }
280 
281     @Override
282     public VulnerableSoftwareBuilder language(String language) {
283         return (VulnerableSoftwareBuilder) super.language(language); //To change body of generated methods, choose Tools | Templates.
284     }
285 
286     @Override
287     public VulnerableSoftwareBuilder update(String update) {
288         return (VulnerableSoftwareBuilder) super.update(update); //To change body of generated methods, choose Tools | Templates.
289     }
290 
291     @Override
292     public VulnerableSoftwareBuilder version(String version) {
293         return (VulnerableSoftwareBuilder) super.version(version); //To change body of generated methods, choose Tools | Templates.
294     }
295 
296     @Override
297     public VulnerableSoftwareBuilder product(String product) {
298         return (VulnerableSoftwareBuilder) super.product(product); //To change body of generated methods, choose Tools | Templates.
299     }
300 
301     @Override
302     public VulnerableSoftwareBuilder vendor(String vendor) {
303         return (VulnerableSoftwareBuilder) super.vendor(vendor); //To change body of generated methods, choose Tools | Templates.
304     }
305 
306     @Override
307     public VulnerableSoftwareBuilder part(String part) throws CpeParsingException {
308         return (VulnerableSoftwareBuilder) super.part(part); //To change body of generated methods, choose Tools | Templates.
309     }
310 
311     @Override
312     public VulnerableSoftwareBuilder part(Part part) {
313         return (VulnerableSoftwareBuilder) super.part(part); //To change body of generated methods, choose Tools | Templates.
314     }
315 
316     @Override
317     public VulnerableSoftwareBuilder edition(LogicalValue edition) {
318         return (VulnerableSoftwareBuilder) super.edition(edition); //To change body of generated methods, choose Tools | Templates.
319     }
320 
321     @Override
322     public VulnerableSoftwareBuilder edition(String edition) {
323         return (VulnerableSoftwareBuilder) super.edition(edition); //To change body of generated methods, choose Tools | Templates.
324     }
325 //</editor-fold>
326 
327 }