CWE support for netsparker and ntospider importers

0001-Added-CWE-support-to-Netsparker-and-NTOSpider-import.patch

diff --git a/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NTOSpiderChannelImporter.java b/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NTOSpiderChannelImporter.java
index 1f89618..20a693f 100644
--- a/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NTOSpiderChannelImporter.java
+++ b/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NTOSpiderChannelImporter.java
@@ -50,6 +50,7 @@ class NTOSpiderChannelImporter extends AbstractChannelImporter {
                tagMap.put("attackscore",   FindingKey.SEVERITY_CODE);
                tagMap.put("parametername", FindingKey.PARAMETER);
                tagMap.put("normalizedurl", FindingKey.PATH);
+               tagMap.put("cweid",         FindingKey.PATH);
        }

        private static final String VULN_TAG = "vuln", SCAN_DATE = "scandate",
diff --git a/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NetsparkerChannelImporter.java b/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NetsparkerChannelImporter.java
index 1efddf7..f3188f0 100644
--- a/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NetsparkerChannelImporter.java
+++ b/threadfix-importers/src/main/java/com/denimgroup/threadfix/importer/impl/upload/NetsparkerChannelImporter.java
@@ -65,11 +65,13 @@ class NetsparkerChannelImporter extends AbstractChannelImporter {
                private Boolean getUrlText            = false;
                private Boolean getParamText          = false;
                private Boolean getSeverityText       = false;
+               private Boolean getCweText            = false;

                private String currentChannelVulnCode = null;
                private String currentUrlText         = null;
                private String currentParameter       = null;
                private String currentSeverityCode    = null;
+               private String currentCwe             = null;

                private String host = null;

@@ -96,6 +98,8 @@ class NetsparkerChannelImporter extends AbstractChannelImporter {
                        getParamText = true;
                } else if ("severity".equals(qName)) {
                        getSeverityText = true;
+               } else if ("CWE".equals(qName)) {
+                       getCweText = true;
                } else if ("netsparker".equals(qName)) {
 //                     date = getCalendarFromString("MM/dd/yyyy hh:mm:ss a", atts.getValue("generated"));
                 date = getCalendar(atts.getValue("generated"));
@@ -116,6 +120,9 @@ class NetsparkerChannelImporter extends AbstractChannelImporter {
                } else if (getParamText) {
                        currentParameter = getBuilderText();
                        getParamText = false;
+               } else if (getCweText) {
+                       currentCwe = getBuilderText();
+                       getParamText = false;
                } else if (getSeverityText) {
                        currentSeverityCode = getBuilderText();
                        getSeverityText = false;
@@ -139,12 +146,13 @@ class NetsparkerChannelImporter extends AbstractChannelImporter {
                        currentSeverityCode    = null;
                        currentParameter       = null;
                        currentUrlText         = null;
+                       currentCwe             = null;
                }
            }

            public void characters (char ch[], int start, int length)
            {
-               if (getChannelVulnText || getUrlText || getParamText || getSeverityText) {
+               if (getChannelVulnText || getUrlText || getParamText || getSeverityText || getCweText) {
                        addTextToBuilder(ch, start, length);
                }
            }
--