xeraph
commented
2 years ago @Robert-J-Slover Thank you for bug report! My mistake..
Closed Robert-J-Slover closed 2 years ago
xeraph
commented
2 years ago @Robert-J-Slover Thank you for bug report! My mistake..
xeraph
commented
2 years ago @Robert-J-Slover Fixed in v2.4.2. Would you test it?
Robert-J-Slover
commented
2 years ago Will be happy to.
On Dec 20, 2021, at 19:50, Yang, BongYeol (xeraph) @.***> wrote:
@Robert-J-Slover Fixed in v2.4.2. Would you test it?
— Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you were mentioned.
Robert-J-Slover
commented
2 years ago I can confirm that this does fix the issue. Thank you for the quick fix.
xeraph
commented
2 years ago @Robert-J-Slover Thank you for test report!
In an earlier build, there was a date/time in the last column of each CSV row indicating the timestamp when the entry was created. A CSV heading for this field exists in the latest build but the field is not present. The problem appears to simply be the format string.
https://github.com/logpresso/CVE-2021-44228-Scanner/blob/8aaa0e55538bc5fd6cec6242be3dc56da52e2858/src/main/java/com/logpresso/scanner/ReportEntry.java#L83-L84
There are only 7 '%s' format specifiers while there are 8 fields. The '%n' specifier simply expands to the platform-appropriate line ending, so doesn't count. The issue can be fixed by inserting
,\"%s\"in front of the%nat the end of the format string.