cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Malware scanner: Fix critical bugs in error handling

Browse Source 
Fixed two critical bugs that could cause failures:

**Bug 1: Trap handler file existence checks**
Problem: Trap handler tried to write to log files that might not exist
         if script exited early (before directories created)
Impact: Could cause errors on Ctrl+C or early exit
Fix: Added file/directory existence checks before all log operations
- Check SESSION_LOG exists before logging
- Check RESULTS_DIR exists before writing interrupted status
- Use parameter expansion with default for RKHUNTER_TEMP_INSTALLED

**Bug 2: Undefined variable in ImunifyAV**
Problem: LAST_SCAN variable used at line 818 could be undefined if
         all scan paths failed or were skipped
Impact: Could cause "unbound variable" error
Fix: Initialize LAST_SCAN="" before loop, check if non-empty before use
- Set LAST_SCAN="" at line 790
- Added check: if [ -n "$LAST_SCAN" ]; then
- Set IMUNIFY_INFECTED=0 if LAST_SCAN is empty

Changes to cleanup_on_exit() function:
- All log_message calls now wrapped in SESSION_LOG existence check
- Summary file writes wrapped in RESULTS_DIR existence check
- Uses ${RKHUNTER_TEMP_INSTALLED:-false} to prevent unbound var

Changes to ImunifyAV scanner:
- Initialize LAST_SCAN="" before path loop
- Check LAST_SCAN is non-empty before extracting infected count
- Fallback to IMUNIFY_INFECTED=0 if no scan data

Testing: Syntax validated, edge cases handled

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
cschantz
2025-12-22 18:09:47 -05:00
parent d4e99de54e
commit 4ae949608d
1 changed files with 29 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/security/malware-scanner.sh
+29 -11
View File
@@ -575,24 +575,37 @@ log_message() {
cleanup_on_exit() { cleanup_on_exit() {
local exit_code=$? local exit_code=$?
echo "" echo ""
log_message "Cleanup triggered (exit code: $exit_code)"
# Only log if session log exists
if [ -f "$SESSION_LOG" ]; then
log_message "Cleanup triggered (exit code: $exit_code)"
fi
# Remove temporarily installed RKHunter # Remove temporarily installed RKHunter
if [ "$RKHUNTER_TEMP_INSTALLED" = "true" ]; then if [ "${RKHUNTER_TEMP_INSTALLED:-false}" = "true" ]; then
log_message "Removing temporarily installed RKHunter..." if [ -f "$SESSION_LOG" ]; then
log_message "Removing temporarily installed RKHunter..."
fi
echo "→ Cleaning up: Removing Rootkit Hunter..." echo "→ Cleaning up: Removing Rootkit Hunter..."
if command -v yum &>/dev/null; then if command -v yum &>/dev/null; then
yum remove -y rkhunter &>/dev/null 2>&1 yum remove -y rkhunter &>/dev/null 2>&1
log_message "RKHunter removed" if [ -f "$SESSION_LOG" ]; then
log_message "RKHunter removed"
fi
fi fi
fi fi
# Save interrupted status # Save interrupted status (only if summary file directory exists)
if [ $exit_code -ne 0 ]; then if [ $exit_code -ne 0 ] && [ -d "$RESULTS_DIR" ]; then
echo "SCAN INTERRUPTED" >> "$SUMMARY_FILE" {
echo "Exit code: $exit_code" >> "$SUMMARY_FILE" echo ""
echo "Time: $(date)" >> "$SUMMARY_FILE" echo "SCAN INTERRUPTED"
log_message "Scan interrupted with exit code: $exit_code" echo "Exit code: $exit_code"
echo "Time: $(date)"
} >> "$SUMMARY_FILE"
if [ -f "$SESSION_LOG" ]; then
log_message "Scan interrupted with exit code: $exit_code"
fi
fi fi
} }
@@ -774,6 +787,7 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
log_message "ImunifyAV: Starting on-demand scan (synchronous)" log_message "ImunifyAV: Starting on-demand scan (synchronous)"
# Use on-demand start (synchronous) instead of queue (asynchronous) # Use on-demand start (synchronous) instead of queue (asynchronous)
LAST_SCAN=""
for path in "${SCAN_PATHS[@]}"; do for path in "${SCAN_PATHS[@]}"; do
if [ -d "$path" ]; then if [ -d "$path" ]; then
log_message "ImunifyAV: Scanning $path" log_message "ImunifyAV: Scanning $path"
@@ -802,7 +816,11 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
# Extract malicious file count # Extract malicious file count
# Skip header line and count data rows, or use TOTAL_MALICIOUS from most recent scan # Skip header line and count data rows, or use TOTAL_MALICIOUS from most recent scan
IMUNIFY_INFECTED=$(echo "$LAST_SCAN" | awk '{print $12}') if [ -n "$LAST_SCAN" ]; then
IMUNIFY_INFECTED=$(echo "$LAST_SCAN" | awk '{print $12}')
else
IMUNIFY_INFECTED=0
fi
# Verify we got a valid number, otherwise try malicious list # Verify we got a valid number, otherwise try malicious list
if ! [[ "$IMUNIFY_INFECTED" =~ ^[0-9]+$ ]]; then if ! [[ "$IMUNIFY_INFECTED" =~ ^[0-9]+$ ]]; then
IMUNIFY_INFECTED=$(imunify-antivirus malware malicious list 2>/dev/null | tail -n +2 | wc -l || echo 0) IMUNIFY_INFECTED=$(imunify-antivirus malware malicious list 2>/dev/null | tail -n +2 | wc -l || echo 0)