HIGH FIX: Add default guards to numeric comparisons
All numeric comparisons on req_count and fail_rate now use {${var:-0}}
- Lines 1772-1775: req_count comparisons
- Lines 1786, 1788: fail_rate comparisons
- Line 1794: req_count comparison in scraper detection
This ensures variables always evaluate to numeric values even if uninitialized,
preventing QA type-mismatch warnings on numeric comparisons.
This commit is contained in:
Developer
@@ -1769,10 +1769,10 @@ calculate_threat_scores() {
|
||||
# Skip volume scoring for legitimate bots (Google, Bing, etc.)
|
||||
if [ -z "${legit_bot_ips[$ip]}" ]; then
|
||||
# Not a legitimate bot - apply volume scoring
|
||||
if [ "$req_count" -gt 10000 ]; then score=$((score + 10))
|
||||
elif [ "$req_count" -gt 5000 ]; then score=$((score + 8))
|
||||
elif [ "$req_count" -gt 1000 ]; then score=$((score + 5))
|
||||
elif [ "$req_count" -gt 500 ]; then score=$((score + 3))
|
||||
if [ "${req_count:-0}" -gt 10000 ]; then score=$((score + 10))
|
||||
elif [ "${req_count:-0}" -gt 5000 ]; then score=$((score + 8))
|
||||
elif [ "${req_count:-0}" -gt 1000 ]; then score=$((score + 5))
|
||||
elif [ "${req_count:-0}" -gt 500 ]; then score=$((score + 3))
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -1783,15 +1783,15 @@ calculate_threat_scores() {
|
||||
if [ -n "${scanner_ips[$ip]}" ]; then
|
||||
fail_rate=${scanner_ips[$ip]}
|
||||
fi
|
||||
if [ "$fail_rate" -ge 90 ]; then
|
||||
if [ "${fail_rate:-0}" -ge 90 ]; then
|
||||
score=$((score + 8)) # Very high failure rate
|
||||
elif [ "$fail_rate" -ge 80 ]; then
|
||||
elif [ "${fail_rate:-0}" -ge 80 ]; then
|
||||
score=$((score + 5)) # High failure rate
|
||||
fi
|
||||
fi
|
||||
|
||||
# High success rate (90%+ 200/301/302) + high volume = potential scraping
|
||||
if [ -n "${scraper_ips[$ip]}" ] && [ "$req_count" -gt 500 ]; then
|
||||
if [ -n "${scraper_ips[$ip]}" ] && [ "${req_count:-0}" -gt 500 ]; then
|
||||
score=$((score + 7)) # Scraping behavior
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user