File tree Expand file tree Collapse file tree 2 files changed +12
-2
lines changed
src/main/java/com/mergebase/log4j Expand file tree Collapse file tree 2 files changed +12
-2
lines changed Original file line number Diff line number Diff line change 1818
1919public class Log4JDetector {
2020
21- private static final String FILE_OLD_LOG4J = "log4j/FileAppender .class" .toLowerCase (Locale .ROOT );
21+ private static final String FILE_OLD_LOG4J = "log4j/DailyRollingFileAppender .class" .toLowerCase (Locale .ROOT );
2222 private static final String FILE_LOG4J_1 = "core/LogEvent.class" .toLowerCase (Locale .ROOT );
2323 private static final String FILE_LOG4J_2 = "core/Appender.class" .toLowerCase (Locale .ROOT );
2424 private static final String FILE_LOG4J_3 = "core/Filter.class" .toLowerCase (Locale .ROOT );
@@ -583,7 +583,17 @@ private static void analyze(File f) {
583583 }
584584 scan (f );
585585 } else if (1 == fileType ) {
586- boolean maybe = f .getPath ().toLowerCase (Locale .ROOT ).endsWith (FILE_LOG4J_1 );
586+ String currentPathLower = f .getPath ().toLowerCase (Locale .ROOT );
587+ boolean isLog4J_1_X = currentPathLower .endsWith (FILE_OLD_LOG4J );
588+ boolean maybe = false ;
589+ if (isLog4J_1_X ) {
590+ StringBuilder buf = new StringBuilder ();
591+ String grandParent = f .getParentFile ().getParent ();
592+ buf .append (grandParent ).append (" contains contains Log4J-1.x <= 1.2.17 _OLD_ :-|" );
593+ System .out .println (buf );
594+ } else {
595+ maybe = currentPathLower .endsWith (FILE_LOG4J_1 );
596+ }
587597 if (maybe ) {
588598 boolean isVulnerable = false ;
589599 boolean isLog4J_2_10 = false ;
You can’t perform that action at this time.
0 commit comments