Documentation ¶
Overview ¶
Package jar implements JAR scanning capabilities for log4j.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewReader ¶
NewReader is a wrapper around zip.NewReader that supports self-executable JARs. JAR files with prefixed data, such as a bash script to allow them to run directly.
If the ZIP contains a prefix, the returned offset indicates the size of the prefix.
See: - https://kevinboone.me/execjava.html - https://github.com/golang/go/issues/10464
func Rewrite ¶
Rewrite attempts to remove any JndiLookup.class files from a JAR.
Rewrite does not account for self-executable JARs and does not preserve the file prefix. This must be explicitly handled, or use RewriteJAR() to do so automatically.
zr, offset, err := jar.NewReader(ra, size) if err != nil { // ... } dest, err := os.CreateTemp("", "") if err != nil { // ... } defer dest.Close() if offset > 0 { // Rewrite prefix. src := io.NewSectionReader(ra, 0, offset) if _, err := io.CopyN(dest, src, offset); err != nil { // ... } } if err := jar.Rewrite(dest, zr); err != nil { // ... }
Types ¶
type ReadCloser ¶
ReadCloser mirrors zip.ReadCloser.
func OpenReader ¶
func OpenReader(path string) (r *ReadCloser, offset int64, err error)
OpenReader mirrors zip.OpenReader, loading a JAR from a file, but supports self-executable JARs. See NewReader() for details.
type Report ¶
type Report struct { // Vulnerable reports if a vulnerable version of the log4j is included in the // JAR and has been initialized. // // Note that this package considers the 2.15.0 versions vulnerable. Vulnerable bool // MainClass and Version are information taken from the MANIFEST.MF file. // Version indicates the version of JAR, NOT the log4j package. MainClass string Version string }
Report contains information about a scanned JAR.
type Walker ¶
type Walker struct { // Rewrite indicates if the Walker should rewrite JARs in place as it // iterates through the filesystem. Rewrite bool // SkipDir, if provided, allows the walker to skip certain directories // as it scans. SkipDir func(path string, de fs.DirEntry) bool // HandleError can be used to handle errors for a given directory or // JAR file. HandleError func(path string, err error) // HandleReport is called when a JAR is determined vulnerable. If Rewrite // is provided, this is called before the Rewrite occurs. HandleReport func(path string, r *Report) // HandleRewrite is called when a JAR is rewritten successfully. HandleRewrite func(path string, r *Report) }
Walker implements a filesystem walker to scan for log4j vulnerable JARs and optional rewrite them.