diff --git a/Src/CoreTests/VulnerabilityReportsTest.cs b/Src/CoreTests/VulnerabilityReportsTest.cs new file mode 100644 index 0000000..357782b --- /dev/null +++ b/Src/CoreTests/VulnerabilityReportsTest.cs @@ -0,0 +1,40 @@ +using System.Collections.Generic; +using NuGetDefense; +using NuGetDefense.Core; +using Xunit; + +namespace CoreTests +{ + public class VulnerabilityReportsTest + { + [Fact] + public void ReportVulnerabilityWithNullReferences() + { + var vulnDict = new Dictionary>() + { + { + "TestPkg", new Dictionary() + { + { + "CVE-Test", new Vulnerability() + { + Cve = "CVE-Test", + Cwe = "CWE-Test", + CvssScore = 6.6, + Description = "Test Description", + References = null, + Vendor = "Test Vendor", + Vector = Vulnerability.AccessVectorType.NETWORK, + } + } + } + + } + }; + + var pkgs = new NuGetPackage[] {new NuGetPackage() {LineNumber = 1, Id = "TestPkg", Version = "1.0.1"}}; + + VulnerabilityReports.ReportVulnerabilities(vulnDict, pkgs, "NuGetDefense.dll", false, 0D); + } + } +} \ No newline at end of file diff --git a/Src/NuGetDefense.Core/VulnerabilityReports.cs b/Src/NuGetDefense.Core/VulnerabilityReports.cs index a021339..02b73b3 100644 --- a/Src/NuGetDefense.Core/VulnerabilityReports.cs +++ b/Src/NuGetDefense.Core/VulnerabilityReports.cs @@ -35,8 +35,12 @@ public static void ReportVulnerabilities( Console.WriteLine($"CWE: {vulnerabilities[cve].Cwe}"); Console.WriteLine($"CVSS Score: {vulnerabilities[cve].CvssScore}"); Console.WriteLine($"CVSS Vector: {vulnerabilities[cve].Vector}"); - Console.WriteLine("References:"); - foreach (var reference in vulnerabilities[cve].References) Console.WriteLine(reference); + if (vulnerabilities[cve].References != null && vulnerabilities[cve].References.Any()) + { + Console.WriteLine("References:"); + foreach (var reference in vulnerabilities[cve].References) Console.WriteLine(reference); + } + Console.WriteLine("---------------------------"); }