zdi-team/CVE-2022-3236-4.perl Secret

## CVE-2022-3236-4.perl
sub validateJSON{
    my $self=shift;
    my $data=shift; ## object of validation package
    my $request=shift;
    my $refDetails=shift;
    my $entityJSON=$data;
    my @errorKeylist;
    my @errorKeyStatuslist;
    if (!stat FHLOG){
        open(FHLOG,”>>/log/validationError.log”);
    }else{
        open(FHLOG,”>>/log/validationError.log”);
    }
    my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
    my $mon=($mon + 1 );
    my $year=($year + 1900 );
    my $refname=ref($entityJSON);
    print FHLOG “\n********** Entity json validation log:$mday-$mon-$year
                 $hour:$min:$sec”.”Z Objectname=$refname\n”;
    #print “\n********** Entity json validation log:$mday-$mon-$year  $hour:$min:$sec Objectname=$refname\n”;
    // check for _discriminator JSON key
if(defined $entityJSON->{_discriminator}){
     #print “\n\n Discriminator Called”;
     // call getValidationHash on JSON object
     $entityJSON=CyberAPIArch->getValidationHash($entityJSON,$request,$refDetails);
    }

[... Truncated for readability ...]

sub getValidationHash{
    my $obj=shift;
    my $hashObj=shift;
    my $request=shift;
    my $refDetails=shift;
    my $secondHashObj = { %$hashObj };
    #Replacing Hash Objects with sub objects
    foreach my $key ( keys % {$hashObj})  {
        if($key eq “_discriminator”){
            # iterate over hash in _discriminator value
            foreach my $curKeyDisc ( keys % {$hashObj->{$key}})  {
                $curDischash={};
                $curDischash=$hashObj->{$key}->{$curKeyDisc};
                #print “\n\n _discriminator Key name $key”;
                #This is for value loop:::
                # iterate over hash associated with field name
                foreach my $curvalue ( keys % {$curDischash})  {
                    # get object name associated with value
                    $objNameToFetch=$curDischash->{$curvalue};
                    if($curvalue eq $hashObj->{$curKeyDisc}{value}){
                        my $Packagei=““;
                        if(defined $refDetails && $refDetails ne ''){
                            $Packagei=$refDetails;
                        }else{
                            $Packagei=ref($hashObj);
                        }
                        eval “use $Packagei”;
                        # object name concatenated into eval, resulting in code injection
                        my $subObj=eval “\$$Packagei”.”::”.”$objNameToFetch”;

[... Truncated for readability ...]
	sub validateJSON{
	my $self=shift;
	my $data=shift; ## object of validation package
	my $request=shift;
	my $refDetails=shift;
	my $entityJSON=$data;
	my @errorKeylist;
	my @errorKeyStatuslist;
	if (!stat FHLOG){
	open(FHLOG,”>>/log/validationError.log”);
	}else{
	open(FHLOG,”>>/log/validationError.log”);
	}
	my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
	my $mon=($mon + 1 );
	my $year=($year + 1900 );
	my $refname=ref($entityJSON);
	print FHLOG “\n********** Entity json validation log:$mday-$mon-$year
	$hour:$min:$sec”.”Z Objectname=$refname\n”;
	#print “\n********** Entity json validation log:$mday-$mon-$year $hour:$min:$sec Objectname=$refname\n”;
	// check for _discriminator JSON key
	if(defined $entityJSON->{_discriminator}){
	#print “\n\n Discriminator Called”;
	// call getValidationHash on JSON object
	$entityJSON=CyberAPIArch->getValidationHash($entityJSON,$request,$refDetails);
	}

	[... Truncated for readability ...]

	sub getValidationHash{
	my $obj=shift;
	my $hashObj=shift;
	my $request=shift;
	my $refDetails=shift;
	my $secondHashObj = { %$hashObj };
	#Replacing Hash Objects with sub objects
	foreach my $key ( keys % {$hashObj}) {
	if($key eq “_discriminator”){
	# iterate over hash in _discriminator value
	foreach my $curKeyDisc ( keys % {$hashObj->{$key}}) {
	$curDischash={};
	$curDischash=$hashObj->{$key}->{$curKeyDisc};
	#print “\n\n _discriminator Key name $key”;
	#This is for value loop:::
	# iterate over hash associated with field name
	foreach my $curvalue ( keys % {$curDischash}) {
	# get object name associated with value
	$objNameToFetch=$curDischash->{$curvalue};
	if($curvalue eq $hashObj->{$curKeyDisc}{value}){
	my $Packagei=““;
	if(defined $refDetails && $refDetails ne ''){
	$Packagei=$refDetails;
	}else{
	$Packagei=ref($hashObj);
	}
	eval “use $Packagei”;
	# object name concatenated into eval, resulting in code injection
	my $subObj=eval “\$$Packagei”.”::”.”$objNameToFetch”;

	[... Truncated for readability ...]