You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Jon Bristow (Jira)" <ji...@apache.org> on 2021/12/16 23:17:00 UTC

[jira] [Comment Edited] (LOG4J2-3230) Certain strings can cause infinite recursion

    [ https://issues.apache.org/jira/browse/LOG4J2-3230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17461118#comment-17461118 ] 

Jon Bristow edited comment on LOG4J2-3230 at 12/16/21, 11:16 PM:
-----------------------------------------------------------------

Created a sample project that I believe reproduces this behavior.

(Results of testing in 2.8, 2.14.0, and 2.16.0 on Java=openjdk 11.0.12 2021-07-20)

 

In 2.16.0:
 * if the suspect string is put in the PatternLayout, then that specific patternLayout will crash when loaded and replace itself with a PatternLayout that just logs what is handed to it with no formatting
 * logging the suspect string seems to have no affect, and it is passed untransformed to both System.Out or the file I specified as expected.

in 2.14.0 and 2.8
 * The PatternLayout behaves the same as 2.16.0
 * logging the suspect string generates an exception in Log4j, and the intended log message is lost.
 * Basic program flow does not seem to be affected. Log statements NOT including the suspect string are logged normally both before and after the suspect string generates the exceptions.

 

Example Code Used:[^sample.tar.gz]

Error seen in console: (not logged)
{code:java}
2021-12-16 15:07:39,406 main ERROR Could not create plugin of type class org.apache.logging.log4j.core.layout.PatternLayout for element PatternLayout: java.lang.IllegalStateException: Infinite loop in property interpolation of ::-${::-$${::-j}}: : java.lang.IllegalStateException: Infinite loop in property interpolation of ::-${::-$${::-j}}: :
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.checkCyclicSubstitution(StrSubstitutor.java:1081)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:1029)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:1042)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:912)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:978)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:912)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:978)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:912)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.replace(StrSubstitutor.java:467)
    at org.apache.logging.log4j.core.config.plugins.visitors.PluginBuilderAttributeVisitor.visit(PluginBuilderAttributeVisitor.java:48)
    at org.apache.logging.log4j.core.config.plugins.util.PluginBuilder.injectFields(PluginBuilder.java:185)
    at org.apache.logging.log4j.core.config.plugins.util.PluginBuilder.build(PluginBuilder.java:121)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createPluginObject(AbstractConfiguration.java:1107)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createConfiguration(AbstractConfiguration.java:1032)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createConfiguration(AbstractConfiguration.java:1024)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createConfiguration(AbstractConfiguration.java:1024)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.doConfigure(AbstractConfiguration.java:643)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.initialize(AbstractConfiguration.java:243)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.start(AbstractConfiguration.java:289)
    at org.apache.logging.log4j.core.LoggerContext.setConfiguration(LoggerContext.java:626)
    at org.apache.logging.log4j.core.LoggerContext.reconfigure(LoggerContext.java:699)
    at org.apache.logging.log4j.core.LoggerContext.reconfigure(LoggerContext.java:716)
    at org.apache.logging.log4j.core.LoggerContext.start(LoggerContext.java:270)
    at org.apache.logging.log4j.core.impl.Log4jContextFactory.getContext(Log4jContextFactory.java:155)
    at org.apache.logging.log4j.core.impl.Log4jContextFactory.getContext(Log4jContextFactory.java:47)
    at org.apache.logging.log4j.LogManager.getContext(LogManager.java:196)
    at org.apache.logging.log4j.LogManager.getLogger(LogManager.java:599)
    at net.jondotcomdotorg.TestDOS.<clinit>(TestDOS.java:7)
{code}


was (Author: JIRAUSER282094):
Created a sample project that I believe reproduces this behavior.

(Results of testing in 2.8, 2.14.0, and 2.16.0)

 

In 2.16.0:
 * if the suspect string is put in the PatternLayout, then that specific patternLayout will crash when loaded and replace itself with a PatternLayout that just logs what is handed to it with no formatting
 *  logging the suspect string seems to have no affect, and it is passed untransformed to both System.Out or the file I specified as expected.

in 2.14.0 and 2.8
 * The PatternLayout behaves the same as 2.16.0
 * logging the suspect string generates an exception in Log4j, and the intended log message is lost.
 * Basic program flow does not seem to be affected. Log statements NOT including the suspect string are logged normally both before and after the suspect string generates the exceptions.

 

Example Code Used:[^sample.tar.gz]

Error seen in console: (not logged)
{code:java}
2021-12-16 15:07:39,406 main ERROR Could not create plugin of type class org.apache.logging.log4j.core.layout.PatternLayout for element PatternLayout: java.lang.IllegalStateException: Infinite loop in property interpolation of ::-${::-$${::-j}}: : java.lang.IllegalStateException: Infinite loop in property interpolation of ::-${::-$${::-j}}: :
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.checkCyclicSubstitution(StrSubstitutor.java:1081)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:1029)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:1042)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:912)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:978)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:912)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:978)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.substitute(StrSubstitutor.java:912)
    at org.apache.logging.log4j.core.lookup.StrSubstitutor.replace(StrSubstitutor.java:467)
    at org.apache.logging.log4j.core.config.plugins.visitors.PluginBuilderAttributeVisitor.visit(PluginBuilderAttributeVisitor.java:48)
    at org.apache.logging.log4j.core.config.plugins.util.PluginBuilder.injectFields(PluginBuilder.java:185)
    at org.apache.logging.log4j.core.config.plugins.util.PluginBuilder.build(PluginBuilder.java:121)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createPluginObject(AbstractConfiguration.java:1107)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createConfiguration(AbstractConfiguration.java:1032)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createConfiguration(AbstractConfiguration.java:1024)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.createConfiguration(AbstractConfiguration.java:1024)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.doConfigure(AbstractConfiguration.java:643)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.initialize(AbstractConfiguration.java:243)
    at org.apache.logging.log4j.core.config.AbstractConfiguration.start(AbstractConfiguration.java:289)
    at org.apache.logging.log4j.core.LoggerContext.setConfiguration(LoggerContext.java:626)
    at org.apache.logging.log4j.core.LoggerContext.reconfigure(LoggerContext.java:699)
    at org.apache.logging.log4j.core.LoggerContext.reconfigure(LoggerContext.java:716)
    at org.apache.logging.log4j.core.LoggerContext.start(LoggerContext.java:270)
    at org.apache.logging.log4j.core.impl.Log4jContextFactory.getContext(Log4jContextFactory.java:155)
    at org.apache.logging.log4j.core.impl.Log4jContextFactory.getContext(Log4jContextFactory.java:47)
    at org.apache.logging.log4j.LogManager.getContext(LogManager.java:196)
    at org.apache.logging.log4j.LogManager.getLogger(LogManager.java:599)
    at net.jondotcomdotorg.TestDOS.<clinit>(TestDOS.java:7)
{code}

> Certain strings can cause infinite recursion
> --------------------------------------------
>
>                 Key: LOG4J2-3230
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3230
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.8, 2.8.1, 2.8.2, 2.9.0, 2.9.1, 2.10.0, 2.11.0, 2.11.1, 2.11.2, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.13.2, 2.14.0, 2.13.3, 2.14.1, 2.15.0, 2.16.0
>            Reporter: Ross Cohen
>            Assignee: Carter Kozak
>            Priority: Major
>         Attachments: sample.tar.gz
>
>
> If a string substitution is attempted for any reason on the following string, it will trigger an infinite recursion, and the application will crash: ${${::\-${::\-$${::\-j}}}}.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)