Reduced memory footprint significantly. v2.9.0

README.md

@@ -39,7 +39,7 @@ Just run log4j2-scan.exe or log4j2-scan with target directory path. The logpress
 
 Usage
 ```
-Logpresso CVE-2021-44228 Vulnerability Scanner 2.8.1 (2022-01-27)
+Logpresso CVE-2021-44228 Vulnerability Scanner 2.9.0 (2022-02-02)
 Usage: log4j2-scan [--scan-log4j1] [--fix] target_path1 target_path2
 
 -f [config_file_path]

pom.xml

@@ -6,7 +6,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.logpresso</groupId>
 	<artifactId>log4j2-scanner</artifactId>
-	<version>2.8.1</version>
+	<version>2.9.0</version>
 	<packaging>jar</packaging>
 	<name>Logpresso Log4j2 Scanner</name>
 

src/main/java/com/logpresso/scanner/Log4j2Scanner.java

@@ -7,11 +7,16 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
+import java.nio.file.AccessDeniedException;
+import java.nio.file.DirectoryStream;
+import java.nio.file.Files;
+import java.nio.file.Path;
 import java.text.DecimalFormat;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashSet;
+import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
 import java.util.zip.ZipEntry;
@@ -24,8 +29,8 @@
 import com.logpresso.scanner.utils.ZipUtils;
 
 public class Log4j2Scanner {
-	public static final String VERSION = "2.8.1";
-	public static final String RELEASE_DATE = "2022-01-27";
+	public static final String VERSION = "2.9.0";
+	public static final String RELEASE_DATE = "2022-02-02";
 	public static final String BANNER = "Logpresso CVE-2021-44228 Vulnerability Scanner " + VERSION + " (" + RELEASE_DATE + ")";
 
 	private static final boolean isWindows = File.separatorChar == '\\';
@@ -486,12 +491,23 @@ private void traverse(File f, int depth) {
 
 			metrics.addScanDirCount();
 
-			File[] files = f.listFiles();
-			if (files == null)
-				return;
+			DirectoryStream<Path> stream = null;
+			Iterator<Path> it = null;
+			try {
+				stream = Files.newDirectoryStream(f.toPath());
+				it = stream.iterator();
 
-			for (File file : files) {
-				traverse(file, depth + 1);
+				while (it.hasNext()) {
+					Path p = it.next();
+					traverse(p.toFile(), depth + 1);
+				}
+			} catch (AccessDeniedException e) {
+				reportError(f, "Access denied", e);
+			} catch (IOException e) {
+				String msg = e.getClass().getSimpleName() + " - " + e.getMessage();
+				reportError(f, msg, e);
+			} finally {
+				IoUtils.ensureClose(stream);
 			}
 		} else {
 			metrics.addScanFileCount();
@@ -579,7 +595,9 @@ private void reportError(File f, String msg, Throwable t) {
 
 		System.out.println("Error: " + msg + ". Skipping " + f.getAbsolutePath());
 
-		if (config.isDebug() && t != null)
-			t.printStackTrace();
+		if (config.isDebug() && t != null) {
+			if (!(t instanceof AccessDeniedException))
+				t.printStackTrace();
+		}
 	}
 }