From 7cdf4c2c109bcf900fd2d27979e2d9c8c020c30f Mon Sep 17 00:00:00 2001 From: Nathan Martins Date: Thu, 10 Feb 2022 09:00:58 -0300 Subject: [PATCH] engine/java:chore - updating log4j rule to avoid false positives Signed-off-by: Nathan Martins --- internal/services/engines/java/rules.go | 2 +- internal/services/engines/java/sample_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/services/engines/java/rules.go b/internal/services/engines/java/rules.go index eebf6d8cf..8973642b2 100644 --- a/internal/services/engines/java/rules.go +++ b/internal/services/engines/java/rules.go @@ -2608,7 +2608,7 @@ func NewVulnerableRemoteCodeInjectionApacheLog4j() *text.Rule { Expressions: []*regexp.Regexp{ regexp.MustCompile(`compile.*group:.*org\.apache\.logging\.log4j.*name:.*log4j.*version:.*(('|")(2\.([0-9]\.|1[0-6]|17\.0))|([0-1]\.[0-9]+\.[0-9]+)).*('|")`), regexp.MustCompile(`compile.*log4j.*(:((2\.([0-9]\.|1[0-6]|17\.0))|([0-1]\.[0-9]+\.[0-9]+))).*('|")`), - regexp.MustCompile(`(.*|\n).*org\.apache\.logging\.log4j.*(.*|\n).*.*log4j.*(.*|\n)*(version>((2\.([0-9]\.|1[0-6]|17\.0))|([0-1]\.[0-9]+\.[0-9]+)))(.*|\n)*`), + regexp.MustCompile(`\s*org\.apache\.logging\.log4j\s*\s*.*\s*log4j.*\s*\s*(\s*((2\.([0-9]\.[0-9]|1[0-6]\.[0-9]|17\.0))|([0-1]\.[0-9]+\.[0-9]+)).*)\s*`), regexp.MustCompile(``), regexp.MustCompile(`<(log4j2|log4j)\.version>.*(2\.([0-9]\.|1[0-6]|17\.0))|([0-1]\.[0-9]+\.[0-9]+).*`), }, diff --git a/internal/services/engines/java/sample_test.go b/internal/services/engines/java/sample_test.go index cdb9daf8b..d220ed2c0 100644 --- a/internal/services/engines/java/sample_test.go +++ b/internal/services/engines/java/sample_test.go @@ -1179,7 +1179,7 @@ test { junit junit - 3.8.1 + 2.8.1 test