Malware scanner: Fix critical bugs in error handling
Fixed two critical bugs that could cause failures:
**Bug 1: Trap handler file existence checks**
Problem: Trap handler tried to write to log files that might not exist
if script exited early (before directories created)
Impact: Could cause errors on Ctrl+C or early exit
Fix: Added file/directory existence checks before all log operations
- Check SESSION_LOG exists before logging
- Check RESULTS_DIR exists before writing interrupted status
- Use parameter expansion with default for RKHUNTER_TEMP_INSTALLED
**Bug 2: Undefined variable in ImunifyAV**
Problem: LAST_SCAN variable used at line 818 could be undefined if
all scan paths failed or were skipped
Impact: Could cause "unbound variable" error
Fix: Initialize LAST_SCAN="" before loop, check if non-empty before use
- Set LAST_SCAN="" at line 790
- Added check: if [ -n "$LAST_SCAN" ]; then
- Set IMUNIFY_INFECTED=0 if LAST_SCAN is empty
Changes to cleanup_on_exit() function:
- All log_message calls now wrapped in SESSION_LOG existence check
- Summary file writes wrapped in RESULTS_DIR existence check
- Uses ${RKHUNTER_TEMP_INSTALLED:-false} to prevent unbound var
Changes to ImunifyAV scanner:
- Initialize LAST_SCAN="" before path loop
- Check LAST_SCAN is non-empty before extracting infected count
- Fallback to IMUNIFY_INFECTED=0 if no scan data
Testing: Syntax validated, edge cases handled
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
cschantz
@@ -575,25 +575,38 @@ log_message() {
|
|||||||
cleanup_on_exit() {
|
cleanup_on_exit() {
|
||||||
local exit_code=$?
|
local exit_code=$?
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
|
# Only log if session log exists
|
||||||
|
if [ -f "$SESSION_LOG" ]; then
|
||||||
log_message "Cleanup triggered (exit code: $exit_code)"
|
log_message "Cleanup triggered (exit code: $exit_code)"
|
||||||
|
fi
|
||||||
|
|
||||||
# Remove temporarily installed RKHunter
|
# Remove temporarily installed RKHunter
|
||||||
if [ "$RKHUNTER_TEMP_INSTALLED" = "true" ]; then
|
if [ "${RKHUNTER_TEMP_INSTALLED:-false}" = "true" ]; then
|
||||||
|
if [ -f "$SESSION_LOG" ]; then
|
||||||
log_message "Removing temporarily installed RKHunter..."
|
log_message "Removing temporarily installed RKHunter..."
|
||||||
|
fi
|
||||||
echo "→ Cleaning up: Removing Rootkit Hunter..."
|
echo "→ Cleaning up: Removing Rootkit Hunter..."
|
||||||
if command -v yum &>/dev/null; then
|
if command -v yum &>/dev/null; then
|
||||||
yum remove -y rkhunter &>/dev/null 2>&1
|
yum remove -y rkhunter &>/dev/null 2>&1
|
||||||
|
if [ -f "$SESSION_LOG" ]; then
|
||||||
log_message "RKHunter removed"
|
log_message "RKHunter removed"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
# Save interrupted status
|
# Save interrupted status (only if summary file directory exists)
|
||||||
if [ $exit_code -ne 0 ]; then
|
if [ $exit_code -ne 0 ] && [ -d "$RESULTS_DIR" ]; then
|
||||||
echo "SCAN INTERRUPTED" >> "$SUMMARY_FILE"
|
{
|
||||||
echo "Exit code: $exit_code" >> "$SUMMARY_FILE"
|
echo ""
|
||||||
echo "Time: $(date)" >> "$SUMMARY_FILE"
|
echo "SCAN INTERRUPTED"
|
||||||
|
echo "Exit code: $exit_code"
|
||||||
|
echo "Time: $(date)"
|
||||||
|
} >> "$SUMMARY_FILE"
|
||||||
|
if [ -f "$SESSION_LOG" ]; then
|
||||||
log_message "Scan interrupted with exit code: $exit_code"
|
log_message "Scan interrupted with exit code: $exit_code"
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# Set trap for cleanup on exit, interrupt, or termination
|
# Set trap for cleanup on exit, interrupt, or termination
|
||||||
@@ -774,6 +787,7 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
|
|||||||
log_message "ImunifyAV: Starting on-demand scan (synchronous)"
|
log_message "ImunifyAV: Starting on-demand scan (synchronous)"
|
||||||
|
|
||||||
# Use on-demand start (synchronous) instead of queue (asynchronous)
|
# Use on-demand start (synchronous) instead of queue (asynchronous)
|
||||||
|
LAST_SCAN=""
|
||||||
for path in "${SCAN_PATHS[@]}"; do
|
for path in "${SCAN_PATHS[@]}"; do
|
||||||
if [ -d "$path" ]; then
|
if [ -d "$path" ]; then
|
||||||
log_message "ImunifyAV: Scanning $path"
|
log_message "ImunifyAV: Scanning $path"
|
||||||
@@ -802,7 +816,11 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
|
|||||||
|
|
||||||
# Extract malicious file count
|
# Extract malicious file count
|
||||||
# Skip header line and count data rows, or use TOTAL_MALICIOUS from most recent scan
|
# Skip header line and count data rows, or use TOTAL_MALICIOUS from most recent scan
|
||||||
|
if [ -n "$LAST_SCAN" ]; then
|
||||||
IMUNIFY_INFECTED=$(echo "$LAST_SCAN" | awk '{print $12}')
|
IMUNIFY_INFECTED=$(echo "$LAST_SCAN" | awk '{print $12}')
|
||||||
|
else
|
||||||
|
IMUNIFY_INFECTED=0
|
||||||
|
fi
|
||||||
# Verify we got a valid number, otherwise try malicious list
|
# Verify we got a valid number, otherwise try malicious list
|
||||||
if ! [[ "$IMUNIFY_INFECTED" =~ ^[0-9]+$ ]]; then
|
if ! [[ "$IMUNIFY_INFECTED" =~ ^[0-9]+$ ]]; then
|
||||||
IMUNIFY_INFECTED=$(imunify-antivirus malware malicious list 2>/dev/null | tail -n +2 | wc -l || echo 0)
|
IMUNIFY_INFECTED=$(imunify-antivirus malware malicious list 2>/dev/null | tail -n +2 | wc -l || echo 0)
|
||||||
|
|||||||
Reference in New Issue
Block a user