global flags are recognized by the cli if they have a name collision in

a subcommand
lunasec-io · Dec 17, 2021 · ccd10e6 · ccd10e6
1 parent c6affa5
commit ccd10e6
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 16 deletions.
diff --git a/tools/log4shell/commands/analyze.go b/tools/log4shell/commands/analyze.go
@@ -21,8 +21,8 @@ import (
 	"github.com/urfave/cli/v2"
 )
 
-func AnalyzeCommand(c *cli.Context) error {
-	enableGlobalFlags(c)
+func AnalyzeCommand(c *cli.Context, globalBoolFlags map[string]bool) error {
+	enableGlobalFlags(c, globalBoolFlags)
 
 	searchDirs := c.Args().Slice()
 

diff --git a/tools/log4shell/commands/flags.go b/tools/log4shell/commands/flags.go
@@ -24,10 +24,11 @@ import (
 	"os"
 )
 
-func enableGlobalFlags(c *cli.Context) {
-	verbose := c.Bool("verbose")
-	ignoreWarnings := c.Bool("ignore-warnings")
-	debug := c.Bool("debug")
+func enableGlobalFlags(c *cli.Context, globalBoolFlags map[string]bool) {
+	verbose := globalBoolFlags["verbose"]
+	debug := globalBoolFlags["debug"]
+	jsonFlag := globalBoolFlags["json"]
+	ignoreWarnings := globalBoolFlags["ignore-warnings"]
 
 	if verbose || debug {
 		zerolog.SetGlobalLevel(zerolog.DebugLevel)
@@ -41,7 +42,6 @@ func enableGlobalFlags(c *cli.Context) {
 		log.Logger = log.With().Caller().Logger()
 	}
 
-	jsonFlag := c.Bool("json")
 	if !jsonFlag {
 		// pretty print output to the console if we are not interested in parsable output
 		consoleOutput := zerolog.ConsoleWriter{Out: os.Stdout}

diff --git a/tools/log4shell/commands/livepatch.go b/tools/log4shell/commands/livepatch.go
@@ -24,8 +24,8 @@ import (
 	"github.com/urfave/cli/v2"
 )
 
-func LivePatchCommand(c *cli.Context, hotpatchFiles embed.FS) error {
-	enableGlobalFlags(c)
+func LivePatchCommand(c *cli.Context, globalBoolFlags map[string]bool, hotpatchFiles embed.FS) error {
+	enableGlobalFlags(c, globalBoolFlags)
 
 	payloadUrl := c.String("payload-url")
 	ldapHost := c.String("ldap-host")

diff --git a/tools/log4shell/commands/scan.go b/tools/log4shell/commands/scan.go
@@ -47,8 +47,8 @@ func loadHashLookup(log4jLibraryHashes []byte, versionHashes string, onlyScanArc
 	return
 }
 
-func ScanCommand(c *cli.Context, log4jLibraryHashes []byte) (err error) {
-	enableGlobalFlags(c)
+func ScanCommand(c *cli.Context, globalBoolFlags map[string]bool, log4jLibraryHashes []byte) (err error) {
+	enableGlobalFlags(c, globalBoolFlags)
 
 	searchDirs := c.Args().Slice()
 	log.Debug().

diff --git a/tools/log4shell/main.go b/tools/log4shell/main.go
@@ -28,6 +28,22 @@ func main() {
 
 	zerolog.SetGlobalLevel(zerolog.InfoLevel)
 
+	globalBoolFlags := map[string]bool{
+		"verbose":         false,
+		"json":            false,
+		"debug":           false,
+		"ignore-warnings": false,
+	}
+
+	setGlobalBoolFlags := func(c *cli.Context) error {
+		for flag := range globalBoolFlags {
+			if c.IsSet(flag) {
+				globalBoolFlags[flag] = true
+			}
+		}
+		return nil
+	}
+
 	app := &cli.App{
 		Name:  "log4shell",
 		Usage: "Identify and mitigate the impact of the log4shell (CVE-2021-44228) vulnerability.",
@@ -39,6 +55,7 @@ func main() {
 		},
 		Version:     constants.Version,
 		Description: "Identify code dependencies that are vulnerable to the log4shell vulnerability. Read more at https://log4shell.com.",
+		Before:      setGlobalBoolFlags,
 		Flags: []cli.Flag{
 			&cli.BoolFlag{
 				Name:  "verbose",
@@ -55,20 +72,24 @@ func main() {
 		},
 		Commands: []*cli.Command{
 			{
-				Name:  "analyze",
-				Usage: "Scan known vulnerable Log4j dependencies and create a mapping of JndiLookup.class hash to version.",
+				Name:   "analyze",
+				Usage:  "Scan known vulnerable Log4j dependencies and create a mapping of JndiLookup.class hash to version.",
+				Before: setGlobalBoolFlags,
 				Flags: []cli.Flag{
 					&cli.StringFlag{
 						Name:  "output",
 						Usage: "File path for where to output findings in JSON format.",
 					},
 				},
-				Action: commands.AnalyzeCommand,
+				Action: func(c *cli.Context) error {
+					return commands.AnalyzeCommand(c, globalBoolFlags)
+				},
 			},
 			{
 				Name:    "scan",
 				Aliases: []string{"s"},
 				Usage:   "Scan directories, passed as arguments, for archives (.jar, .war) which contain class files that are vulnerable to the log4shell vulnerability.",
+				Before:  setGlobalBoolFlags,
 				Flags: []cli.Flag{
 					&cli.StringSliceFlag{
 						Name:  "exclude",
@@ -109,13 +130,14 @@ func main() {
 					},
 				},
 				Action: func(c *cli.Context) error {
-					return commands.ScanCommand(c, log4jLibraryHashes)
+					return commands.ScanCommand(c, globalBoolFlags, log4jLibraryHashes)
 				},
 			},
 			{
 				Name:    "livepatch",
 				Aliases: []string{"s"},
 				Usage:   "Perform a live patch of a system by exploiting the log4shell vulnerability for immediate mitigation. The payload executed patches the running process to prevent further payloads from being able to be executed.",
+				Before:  setGlobalBoolFlags,
 				Flags: []cli.Flag{
 					&cli.StringFlag{
 						Name:  "payload-url",
@@ -131,7 +153,7 @@ func main() {
 					},
 				},
 				Action: func(c *cli.Context) error {
-					return commands.LivePatchCommand(c, hotpatchFiles)
+					return commands.LivePatchCommand(c, globalBoolFlags, hotpatchFiles)
 				},
 			},
 		},