[jira] [Created] (LOG4J2-3355) ObjectFilter parameters not expanded by JPL

Thu, 20 Jan 2022 00:57:12 -0800 

Travis Spencer created LOG4J2-3355:
--------------------------------------

             Summary: ObjectFilter parameters not expanded by JPL
                 Key: LOG4J2-3355
                 URL: https://issues.apache.org/jira/browse/LOG4J2-3355
             Project: Log4j 2
          Issue Type: Bug
          Components: JPL Adapter
            Reporter: Travis Spencer
         Attachments: log4j-jpl-bug-main.zip

The JPL leaves parameters unexpanded. This can be seen in the attached sample 
project ([also available on 
GitHub|[https://github.com/travisspencer/log4j-jpl-bug]).] As [discussed on the 
mailing list|https://lists.apache.org/thread/k0mdk5b73qbcthw80kgj1z0cnfz7f68c], 
I added {{log4j-jpl-2.17.1.jar}} to my class path. I then added this to my 
log4j config file:
 
{{<Logger name="java.io.serialization" level="TRACE" />}}
 
Now, I see this in my log file:
 
{{2022-01-04T15:05:52:849+0100 TRACE 8P1u2Wr5 dd4ec2e6 \{req-169} 
java.io.serialization:-1 ObjectInputFilter \{0}: \{1}, array length: \{2}, 
nRefs: \{3}, depth: \{4}, bytes: \{5}, ex: \{6}}}
 
Looking at the OpenJDK 11 code at 
{{{}java.base/java/io/ObjectInputStream.java:1345{}}}, I see this:
 
{{Logging.filterLogger.log(status == null || status == 
ObjectInputFilter.Status.REJECTED}}
{{                                ? Logger.Level.DEBUG}}
{{                                : Logger.Level.TRACE,}}
{{                        "ObjectInputFilter \{0}: \{1}, array length: \{2}, 
nRefs: \{3}, depth: \{4}, bytes: \{5}, ex: \{6}",}}
{{                        status, clazz, arrayLength, totalObjectRefs, depth, 
bytesRead,}}
{{                        Objects.toString(ex, "n/a"));}}
 
This logger seems to be set above this on line 300ish:
 
{{static {}}
{{            Logger filterLog = System.getLogger("java.io.serialization");}}
{{            filterLogger = (filterLog.isLoggable(Logger.Level.DEBUG)}}
{{                    || filterLog.isLoggable(Logger.Level.TRACE)) ? filterLog 
: null;}}
{{        }}}
 
So, the placeholders don't seem to get changed for their parameter values.
 
As [pointed out on the mailing 
list|https://lists.apache.org/thread/k0mdk5b73qbcthw80kgj1z0cnfz7f68c]:
 
{quote}MessageFormatMessage` should have been used instead of
`ParametrizedMessage`{quote}
 
[~ggregory] asked that if this change is made when fixing the bug, a comment is 
added to say why.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to