Merge pull request #1 from ErezYalon/ErezYalon-patch-1

ErezYalon · ErezYalon · commit d0e25a2e0178 · 2016-04-13T17:36:17.000+03:00
Update CheckmarxReader.java
diff --git a/src/main/java/org/owasp/benchmark/score/parsers/CheckmarxReader.java b/src/main/java/org/owasp/benchmark/score/parsers/CheckmarxReader.java
@@ -121,8 +121,12 @@ private TestCaseResult parseCheckmarxVulnerability(Node query, Node result) {
             return null;
         }
 
-		//In the output xml file from Checkmarx there is no attribute on the node "query" named SeverityIndex
-        //tcr.setConfidence( Integer.parseInt( getAttributeValue( "SeverityIndex", result) ) );
+	//Output xml file from Checkmarx (depends on version) sometimes does not
+	//contain attribute on the node "query" named SeverityIndex
+        String SeverityIndex = getAttributeValue( "SeverityIndex", result);
+	if(SeverityIndex != null && !SeverityIndex.equals("")) { 
+		tcr.setConfidence( Integer.parseInt( getAttributeValue( "SeverityIndex", result) ) );
+	}
 
         tcr.setEvidence( getAttributeValue( "name", query ) );
 
