背景
网络有很多关于该漏洞的详细信息,此处就贴一个链接吧:!CVE-2021-44228
由于微服务component较多,不想一个一个去看依赖,所以写了一个循环扫描依赖的脚步,如果有需要的自取
脚本代码
#!/bin/bash
search_target="$1"
if [ -z "$search_target" ]; then
echo "Please input search_target as first parameter"
fi
work_dir="$2"
if [ -z "$work_dir" ]; then
work_dir="$(pwd)"
elif [ -f "$work_dir" ]; then
echo "The second parameter should be a directory"
fi
function find_mvn_dependency() {
search_results=$(mvn dependency:tree -f "$2" | grep "$1")
if [ $? -ne 0 ]; then
return
else
echo "$pom_file:"
echo "$search_results"
fi
}
full_path=$(readlink -f "$work_dir")
echo "Scanning dependencies ..."
for pom_file in $(find "$full_path" -name "pom.xml") ; do
find_mvn_dependency "$search_target" "$pom_file"
done
echo "All directories were scanned"
说明
脚本需要两个参数 :
- 第一个: 需要查找到的目标lib关键字
- 第二个: 工作目录
- e.g.:
bash recursive_dependency_search.sh log4j-core /c/work/code