added support for CVE-2022-23307 (8.1)

HynekPetrak · Jan 20, 2022 · b271f27 · b271f27
1 parent 1ef6585
commit b271f27
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/test_log4shell.py b/test_log4shell.py
@@ -58,6 +58,7 @@
 # in 2.8.x and < 2.9.0
 ABSSOCKETSRV = "core/net/server/AbstractSocketServer"
 FILOBJINPSTREAM = "FilteredObjectInputStream"
+CHAINSAW = "chainsaw/Main"
 
 CLASSES = [
     APPENDER,
@@ -75,6 +76,7 @@
     SETUTILS,
     ABSSOCKETSRV,
     FILOBJINPSTREAM,
+    CHAINSAW,
     ]
 
 progress = None
@@ -140,6 +142,7 @@ class Status(Flag):
     NOJNDILOOKUP = auto()
     CVE_2019_17571 = auto()
     CVE_2021_4104 = auto()
+    CVE_2022_23307 = auto()
     CVE_2017_5645 = V2_8_1 | V2_0_BETA9 | V2_0_BETA8 | V2_3_1 | V2_3_2
     CVE_2021_44228 = V2_10_0 | V2_0_BETA9
     CVE_2021_45046 = CVE_2021_44228 | V2_15_0
@@ -173,6 +176,8 @@ def get_status_text(status):
         vulns.append("CVE-2017-5645 (9.8)")
     if status & Status.CVE_2019_17571:
         vulns.append("CVE-2019-17571 (9.8)")
+    if status & Status.CVE_2022_23307:
+        vulns.append("CVE-2022-23307 (8.1)")
     if not vulns and (status & Status.SAFE):
         vulns.append("SAFE")
         flag = "-"
@@ -275,6 +280,7 @@ def scan_archive(f, path):
         isLog4j2_12_3 = False
         isLog4j2_3_1 = False
         hasCVE_2017_5645 = False
+        hasCVE_2022_23307 = False
         hasnotCVE_2019_17571 = False
         pom_path = None
         manifest_path = None
@@ -335,6 +341,8 @@ def scan_archive(f, path):
                 isLog4j1_unsafe = True
             elif fn.endswith(CLASS_VARIANTS[FILOBJINPSTREAM]):
                 hasnotCVE_2019_17571 = True
+            elif fn.endswith(CLASS_VARIANTS[CHAINSAW]):
+                hasCVE_2022_23307 = True
             elif fn.endswith(CLASS_VARIANTS[LOGEVENT]):
                 log4jProbe[0] = True
             elif fn.endswith(CLASS_VARIANTS[APPENDER]):
@@ -407,6 +415,8 @@ def scan_archive(f, path):
         if isLog4j1_x:
             if not hasnotCVE_2019_17571:
                 status = Status.CVE_2019_17571
+            if hasCVE_2022_23307:
+                status |= Status.CVE_2022_23307
             if isLog4j1_unsafe:
                 log_item(path, status | Status.CVE_2021_4104,  # CVE_2021_4104
                          f"contains Log4J-{version} <= 1.2.17",
@@ -589,6 +599,8 @@ def check_class(class_file):
         version = get_version_from_path(parent) or "1.x"
         if not check_path_exists(parent, FILOBJINPSTREAM):
             status = Status.CVE_2019_17571
+        if check_path_exists(parent, CHAINSAW):
+            status |= Status.CVE_2022_23307
         if check_path_exists(parent, JMSAPPENDER):
             log_item(parent, status | Status.CVE_2021_4104,  # CVE_2021_4104,
                      f"contains Log4J-{version} <= 1.2.17",