Recipe Name:
Prevent CRLF injection in SLF4J using the Logstash Logback Encoder
Description:
Encode untrustated data to prevent the log files from CRLF injections
Level:
marked_information
Language:
  • java
Tags:
  • security
  • SLF4J
  • framework specific
  • logging
  • injection
Recipe
id: scw:logging:slf4j-crlf-injection-logstash
version: 10
metadata:
  name: Prevent CRLF injection in SLF4J using the Logstash Logback Encoder
  shortDescription: Encode untrustated data to prevent the log files from CRLF injections
  level: marked_information
  language: java
  scwCategory: insufficient_logging:generic
  cweCategory: 117
  enabled: true
  tags: security;SLF4J;framework specific;logging;injection
search:
  methodcall:
    args:
      any:
        type: java.lang.String
        value:
          containsUntrustedInput: true
    name:
      matches: (trace|debug|info|warn|error)
    declaration:
      type: org.slf4j.Logger
scopes:
  without:
    library:
      name:
        contains: net.logstash.logstash
availableFixes:
- name: Add logstash encoder to your production configuration
  actions:
  - goto:
      type: URL
      value: https://github.com/logstash/logstash-logback-encoder