diff --git a/src/main/java/com/logpresso/scanner/Detector.java b/src/main/java/com/logpresso/scanner/Detector.java index cb786c8..5a82174 100644 --- a/src/main/java/com/logpresso/scanner/Detector.java +++ b/src/main/java/com/logpresso/scanner/Detector.java @@ -348,8 +348,7 @@ private DetectResult scanStream(File jarFile, ZipFileIterator it, List p } boolean log4j1Found = log4j1Version != null || foundJmsAppender || foundHUP; - boolean log4j1Mitigated = !(foundJmsAppender || foundJmsSink || foundJdbcAppender - || foundChainsaw); + boolean log4j1Mitigated = !(foundJmsAppender || foundJmsSink || foundJdbcAppender || foundChainsaw); log4j1Mitigated &= shadedJmsAppenderPaths.isEmpty(); if (log4j1Found) { diff --git a/src/main/java/com/logpresso/scanner/Log4j2Scanner.java b/src/main/java/com/logpresso/scanner/Log4j2Scanner.java index d8cbb65..0606300 100644 --- a/src/main/java/com/logpresso/scanner/Log4j2Scanner.java +++ b/src/main/java/com/logpresso/scanner/Log4j2Scanner.java @@ -29,8 +29,8 @@ import com.logpresso.scanner.utils.ZipUtils; public class Log4j2Scanner { - public static final String VERSION = "3.0.1"; - public static final String RELEASE_DATE = "2022-02-13"; + public static final String VERSION = "3.0.2"; + public static final String RELEASE_DATE = "2022-02-14"; public static final String BANNER = "Logpresso CVE-2021-44228 Vulnerability Scanner " + VERSION + " (" + RELEASE_DATE + ")"; private static final boolean isWindows = File.separatorChar == '\\'; @@ -165,10 +165,10 @@ private void restore(InputStream is, File targetFile) { IoUtils.ensureClose(fos); // restore read only attribute - if (readonlyFile) - if(!targetFile.setReadOnly()) { - System.out.println("Error: File cannot be set as read only - " + targetFile.getAbsolutePath()); - }; + if (readonlyFile) { + if (!targetFile.setReadOnly()) + System.out.println("Error: File cannot be set as read only - " + targetFile.getAbsolutePath()); + } } } @@ -402,19 +402,19 @@ private void fix() { if (lockError) { reportError(f, "Cannot lock file " + t.getMessage(), t); } else if (truncateError) { - if(!backupFile.delete()) { - System.out.println("Error: Backup file cannot be deleted - " + backupFile.getAbsolutePath()); - } + if (!backupFile.delete()) + System.out.println("Error: Backup file cannot be deleted - " + backupFile.getAbsolutePath()); + reportError(f, "Cannot truncate file " + t.getMessage(), t); } else { reportError(f, "Cannot backup file " + t.getMessage(), t); } } finally { // restore read only attribute - if (readonlyFile) - if(!f.setReadOnly()) { - System.out.println("Error: File cannot be set as read only - " + f.getAbsolutePath()); - } + if (readonlyFile) { + if (!f.setReadOnly()) + System.out.println("Error: File cannot be set as read only - " + f.getAbsolutePath()); + } } } @@ -458,10 +458,10 @@ private void fix() { } // delete backup files only if zip file is generated - for (File backupFile : backupFiles) - if(!backupFile.delete()) { - System.out.println("Error: Backup file cannot be deleted - " + backupFile.getAbsolutePath()); - } + for (File backupFile : backupFiles) { + if (!backupFile.delete()) + System.out.println("Error: Backup file cannot be deleted - " + backupFile.getAbsolutePath()); + } } private void traverse(File f, int depth) {