From 4c17896dad2e3e7d2fcc49c8754d1b7496b28759 Mon Sep 17 00:00:00 2001
From: davewichers <dave.wichers@owasp.org>
Date: Wed, 31 Jul 2024 18:42:52 -0400
Subject: [PATCH] Fix MenuUpdaterTest to not break on Windows. Move Categories
 static initializer into that class. Tweak expected results parser to allow
 for white space between entries in CSV file.

---
 .mvn/jvm.config                                  |  2 ++
 .../owasp/benchmarkutils/helpers/Categories.java | 14 ++++++++++++++
 .../benchmarkutils/score/BenchmarkScore.java     | 13 -------------
 .../score/service/ExpectedResultsProvider.java   | 16 ++++++++--------
 .../score/report/html/MenuUpdaterTest.java       |  4 ++--
 5 files changed, 26 insertions(+), 23 deletions(-)
 create mode 100644 .mvn/jvm.config

diff --git a/.mvn/jvm.config b/.mvn/jvm.config
new file mode 100644
index 00000000..630d3320
--- /dev/null
+++ b/.mvn/jvm.config
@@ -0,0 +1,2 @@
+--add-exports=jdk.compiler/com.sun.tools.javac.tree=ALL-UNNAMED
+
diff --git a/library/src/main/java/org/owasp/benchmarkutils/helpers/Categories.java b/library/src/main/java/org/owasp/benchmarkutils/helpers/Categories.java
index 5cfcb1b5..f5a65e58 100644
--- a/library/src/main/java/org/owasp/benchmarkutils/helpers/Categories.java
+++ b/library/src/main/java/org/owasp/benchmarkutils/helpers/Categories.java
@@ -46,6 +46,20 @@ public class Categories {
 
     private static Categories _instance; // The Singleton instance of this class
 
+    // Statically load the categories definitions from the config file to instantiate the Category
+    // singleton
+    static {
+        try {
+            InputStream categoriesFileStream =
+                    Categories.class.getClassLoader().getResourceAsStream(Categories.FILENAME);
+            new Categories(categoriesFileStream);
+        } catch (ParserConfigurationException | SAXException | IOException e1) {
+            System.out.println("ERROR: couldn't load categories from categories config file.");
+            e1.printStackTrace();
+            System.exit(-1);
+        }
+    }
+
     /**
      * Initialize all the categories from the InputStream connected to the target XML file.
      *
diff --git a/plugin/src/main/java/org/owasp/benchmarkutils/score/BenchmarkScore.java b/plugin/src/main/java/org/owasp/benchmarkutils/score/BenchmarkScore.java
index f6c21b6a..1e8e0630 100644
--- a/plugin/src/main/java/org/owasp/benchmarkutils/score/BenchmarkScore.java
+++ b/plugin/src/main/java/org/owasp/benchmarkutils/score/BenchmarkScore.java
@@ -36,7 +36,6 @@
 import java.util.Set;
 import java.util.TreeMap;
 import java.util.TreeSet;
-import javax.xml.parsers.ParserConfigurationException;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.maven.plugin.AbstractMojo;
@@ -58,7 +57,6 @@
 import org.owasp.benchmarkutils.score.report.html.VulnerabilityStatsTable;
 import org.owasp.benchmarkutils.score.service.ExpectedResultsProvider;
 import org.owasp.benchmarkutils.score.service.ResultsFileCreator;
-import org.xml.sax.SAXException;
 
 @Mojo(name = "create-scorecard", requiresProject = false, defaultPhase = LifecyclePhase.COMPILE)
 public class BenchmarkScore extends AbstractMojo {
@@ -161,17 +159,6 @@ public static void main(String[] args) {
             System.exit(-1);
         }
 
-        // Load in the categories definitions from the config file.
-        try {
-            InputStream categoriesFileStream =
-                    BenchmarkScore.class.getClassLoader().getResourceAsStream(Categories.FILENAME);
-            new Categories(categoriesFileStream);
-        } catch (ParserConfigurationException | SAXException | IOException e1) {
-            System.out.println("ERROR: couldn't load categories from categories config file.");
-            e1.printStackTrace();
-            System.exit(-1);
-        }
-
         // Step 0: Make sure the results file or directory exists before doing anything.
         File resultsFileOrDir = new File(config.resultsFileOrDirName);
         if (!resultsFileOrDir.exists()) {
diff --git a/plugin/src/main/java/org/owasp/benchmarkutils/score/service/ExpectedResultsProvider.java b/plugin/src/main/java/org/owasp/benchmarkutils/score/service/ExpectedResultsProvider.java
index 78b428d5..ad30c4ba 100644
--- a/plugin/src/main/java/org/owasp/benchmarkutils/score/service/ExpectedResultsProvider.java
+++ b/plugin/src/main/java/org/owasp/benchmarkutils/score/service/ExpectedResultsProvider.java
@@ -55,16 +55,16 @@ public static TestSuiteResults parse(ResultFile resultFile) throws IOException {
                 if (record.get(TEST_NAME).startsWith(tr.getTestSuiteName() + BenchmarkScore.TEST)) {
                     TestCaseResult tcr = new TestCaseResult();
 
-                    tcr.setTestCaseName(record.get(TEST_NAME));
-                    tcr.setCategory(record.get(CATEGORY));
-                    tcr.setTruePositive(parseBoolean(record.get(REAL_VULNERABILITY)));
-                    tcr.setCWE(parseInt(record.get(CWE)));
-                    tcr.setNumber(testNumber(record.get(TEST_NAME), testCaseName));
+                    tcr.setTestCaseName(record.get(TEST_NAME).trim());
+                    tcr.setCategory(record.get(CATEGORY).trim());
+                    tcr.setTruePositive(parseBoolean(record.get(REAL_VULNERABILITY).trim()));
+                    tcr.setCWE(parseInt(record.get(CWE).trim()));
+                    tcr.setNumber(testNumber(record.get(TEST_NAME).trim(), testCaseName));
 
                     if (isExtendedResultsFile(parser)) {
-                        tcr.setSource(record.get(SOURCE));
-                        tcr.setDataFlow(record.get(DATA_FLOW));
-                        tcr.setSink(record.get(SINK));
+                        tcr.setSource(record.get(SOURCE).trim());
+                        tcr.setDataFlow(record.get(DATA_FLOW).trim());
+                        tcr.setSink(record.get(SINK).trim());
                     }
 
                     tr.put(tcr);
diff --git a/plugin/src/test/java/org/owasp/benchmarkutils/score/report/html/MenuUpdaterTest.java b/plugin/src/test/java/org/owasp/benchmarkutils/score/report/html/MenuUpdaterTest.java
index 2a269f4b..96ab91eb 100644
--- a/plugin/src/test/java/org/owasp/benchmarkutils/score/report/html/MenuUpdaterTest.java
+++ b/plugin/src/test/java/org/owasp/benchmarkutils/score/report/html/MenuUpdaterTest.java
@@ -114,10 +114,10 @@ public String filenameFor(Tool tool) {
                             assertFalse(file.contains("${vulnmenu}"));
                             assertTrue(
                                     file.contains(
-                                            "<li><a href=\"Benchmark_v1.2_Scorecard_for_Path_Traversal.html\">Path Traversal</a></li>\n"));
+                                            "<li><a href=\"Benchmark_v1.2_Scorecard_for_Path_Traversal.html\">Path Traversal</a></li>"));
                             assertTrue(
                                     file.contains(
-                                            "<li><a href=\"Benchmark_v1.2_Scorecard_for_Command_Injection.html\">Command Injection</a></li>\n"));
+                                            "<li><a href=\"Benchmark_v1.2_Scorecard_for_Command_Injection.html\">Command Injection</a></li>"));
 
                             assertFalse(file.contains("${testsuite}"));
                             assertTrue(file.contains("testsuite=OWASP Benchmark"));