# Improper Output Neutralization for Logs (CWE-117) The product does not neutralize or incorrectly neutralizes output that is written to logs. **Stack:** JavaScript - Prevalence: 中 3 言語をカバー - Impact: ミディアム レビュー推奨 - Prevention: 文書化済み 4 件の修正例 **OWASP:** Injection (A03:2021-Injection) - #3 ## Description Log injection attacks occur when user input is written to log files without proper sanitization. This can allow attackers to forge log entries, inject malicious content, or exploit log analysis tools. ## Prevention 2 件の Shoulder 検出ルールに基づく Log Injection の予防策。 ### JavaScript Strip newline characters from user input before writing to log files Sanitize user input by stripping CRLF characters before writing to logs ## Warning Signs - [LOW] user input flowing to persistent log files without sanitization ## Consequences - アプリケーションデータの変更 - 活動の隠蔽 - 未承認コードの実行 ## Mitigations - ログに書き込む前に、すべての入力を検証してサニタイズする - データとログ構文を分離する構造化ログ形式を使用する - ユーザー制御可能なデータをログに書き込む際は、特殊文字をエンコードする ## Detection - Total rules: 4 - Languages: go, javascript, typescript, python ## Rules by Language ### Javascript (2 rules) - **Log Injection** [LOW]: Detects user input flowing to persistent log files without sanitization. - Remediation: Sanitize user input by removing newline characters before logging. ```javascript const safe = userInput.replace(/[\r\n]/g, ''); logger.info(safe); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-117/log-injection - **Log Injection** [MEDIUM]: Detects user input flowing to persistent log files without sanitization. - Remediation: Sanitize user input before logging to prevent log forgery: ```javascript const sanitize = (str) => str.replace(/[\r\n]/g, '').substring(0, 200); logger.info('Login attempt', { username: sanitize(req.body.username) }); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-117/log-injection ### Typescript (1 rules) - **Log Injection** [MEDIUM]: Detects user input flowing to persistent log files without sanitization. - Remediation: Sanitize user input before logging to prevent log forgery: ```javascript const sanitize = (str) => str.replace(/[\r\n]/g, '').substring(0, 200); logger.info('Login attempt', { username: sanitize(req.body.username) }); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-117/log-injection