jar

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2022 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package jar implements JAR scanning capabilities for log4j.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsJAR 

func IsJAR(zr *zip.Reader) bool

IsJAR determines if a given ZIP reader is a JAR.

func NewReader 

func NewReader(ra io.ReaderAt, size int64) (zr *zip.Reader, offset int64, err error)

NewReader is a wrapper around zip.NewReader that supports self-executable JARs. JAR files with prefixed data, such as a bash script to allow them to run directly.

If the ZIP contains a prefix, the returned offset indicates the size of the prefix.

See: - https://kevinboone.me/execjava.html - https://github.com/golang/go/issues/10464

func Rewrite 

func Rewrite(w io.Writer, zr *zip.Reader) error

Rewrite attempts to remove any JndiLookup.class files from a JAR.

Rewrite does not account for self-executable JARs and does not preserve the file prefix. This must be explicitly handled, or use RewriteJAR() to do so automatically. 

zr, offset, err := jar.NewReader(ra, size)
if err != nil {
	// ...
}
dest, err := os.CreateTemp("", "")
if err != nil {
	// ...
}
defer dest.Close()

if offset > 0 {
	// Rewrite prefix.
	src := io.NewSectionReader(ra, 0, offset)
	if _, err := io.CopyN(dest, src, offset); err != nil {
		// ...
	}
}
if err := jar.Rewrite(dest, zr); err != nil {
	// ...
}

func RewriteJAR 

func RewriteJAR(dest io.Writer, src io.ReaderAt, size int64) error

RewriteJAR is like Rewrite but accounts for self-executable JARs, copying any prefixed data that may be included in the JAR.

Types

type ReadCloser 

type ReadCloser struct {
	zip.Reader
	// contains filtered or unexported fields
}

ReadCloser mirrors zip.ReadCloser.

func OpenReader 

func OpenReader(path string) (r *ReadCloser, offset int64, err error)

OpenReader mirrors zip.OpenReader, loading a JAR from a file, but supports self-executable JARs. See NewReader() for details.

func (*ReadCloser) Close 

func (r *ReadCloser) Close() error

Close closes the underlying file.

type Report 

type Report struct {
	// Vulnerable reports if a vulnerable version of the log4j is included in the
	// JAR and has been initialized.
	//
	// Note that this package considers the 2.15.0 versions vulnerable.
	Vulnerable bool

	// MainClass and Version are information taken from the MANIFEST.MF file.
	// Version indicates the version of JAR, NOT the log4j package.
	MainClass string
	Version   string
}

Report contains information about a scanned JAR.

func Parse 

func Parse(r *zip.Reader) (*Report, error)

Parse traverses a JAR file, attempting to detect any usages of vulnerable log4j versions.

type Walker 

type Walker struct {
	// Rewrite indicates if the Walker should rewrite JARs in place as it
	// iterates through the filesystem.
	Rewrite bool
	// SkipDir, if provided, allows the walker to skip certain directories
	// as it scans.
	SkipDir func(path string, de fs.DirEntry) bool
	// HandleError can be used to handle errors for a given directory or
	// JAR file.
	HandleError func(path string, err error)
	// HandleReport is called when a JAR is determined vulnerable. If Rewrite
	// is provided, this is called before the Rewrite occurs.
	HandleReport func(path string, r *Report)
	// HandleRewrite is called when a JAR is rewritten successfully.
	HandleRewrite func(path string, r *Report)
}

Walker implements a filesystem walker to scan for log4j vulnerable JARs and optional rewrite them.

func (*Walker) Walk 

func (w *Walker) Walk(dir string) error

Walk attempts to scan a directory for vulnerable JARs.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.