Fix CRITICAL: Remove 'local' outside function scope in malware-scanner.sh

QA Check Issue: CHECK 31 - 'local' keyword outside function context Severity: CRITICAL - Causes runtime errors Problem: The 'local' keyword can only be used inside bash functions. Using it at the global scope or inside while loops (but outside functions) causes "local: can only be used in a function" runtime error. Found 7 instances: - Line 1043: flagged_ips (inside heredoc while loop) - Line 1046: filename (inside heredoc while loop) - Line 1047: filepath (inside heredoc while loop) - Line 1060: ip (inside nested while loop #1) - Line 1078: ip (inside nested while loop #2) - Line 1171: paths_declaration (outside any function) - Line 1223: scan_pid (outside any function) Fix: Changed all 7 instances from 'local var=' to 'var=' since they are not inside function scope. These variables are still properly scoped within their respective while loops or code blocks. Impact: - Prevents runtime errors when script executes - Maintains correct variable scoping - No functional changes to logic Verification: - bash -n syntax check: PASSED - All 'local' keywords now only appear inside functions - Script logic unchanged
2025-12-22 18:34:07 -05:00
parent ea8b29fba1
commit 55067a339a
1 changed files with 7 additions and 7 deletions
@@ -1040,11 +1040,11 @@ done
        echo "────────────────────────────────────────"
        # Correlate infected files with Apache logs to find uploading IPs
-        local flagged_ips=0
+        flagged_ips=0
        while read -r infected_file; do
            # Extract file path components
-            local filename=$(basename "$infected_file")
+            filename=$(basename "$infected_file")
-            local filepath=$(dirname "$infected_file")
+            filepath=$(dirname "$infected_file")
            # Try to find corresponding Apache access logs
            # Look for POST requests to the directory containing the infected file
@@ -1057,7 +1057,7 @@ done
                    # Check if this log corresponds to the domain/user
                    grep -h "POST.*${filepath}" "$logfile" 2>/dev/null | tail -20 | while read -r logline; do
                        # Extract IP from Apache log line
-                        local ip=$(echo "$logline" | awk '{print $1}')
+                        ip=$(echo "$logline" | awk '{print $1}')
                        if [ -n "$ip" ] && [[ "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
                            # Flag this IP in reputation database
                            if type flag_ip_attack &>/dev/null; then
@@ -1075,7 +1075,7 @@ done
                    # Check if this log corresponds to the domain/user
                    grep -h "POST.*${filepath}" "$logfile" 2>/dev/null | tail -20 | while read -r logline; do
                        # Extract IP from Apache log line
-                        local ip=$(echo "$logline" | awk '{print $1}')
+                        ip=$(echo "$logline" | awk '{print $1}')
                        if [ -n "$ip" ] && [[ "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
                            # Flag this IP in reputation database
                            if type flag_ip_attack &>/dev/null; then
@@ -1168,7 +1168,7 @@ exec bash
 STANDALONE_EOF
    # Replace placeholder with actual paths
-    local paths_declaration="SCAN_PATHS=("
+    paths_declaration="SCAN_PATHS=("
    for path in "${scan_paths[@]}"; do
        paths_declaration+="\"$path\" "
    done
@@ -1220,7 +1220,7 @@ STANDALONE_EOF
                echo ""
                echo "Launching scan with nohup (background mode)..."
                nohup bash "$session_dir/scan.sh" > "$session_dir/logs/nohup.out" 2>&1 &
-                local scan_pid=$!
+                scan_pid=$!
                sleep 1