Fix CRITICAL and HIGH priority QA issues
CRITICAL FIXES (7 → 0):
- Fixed 6 dangerous rm -rf commands with unvalidated variables
- lib/common-functions.sh:176 - Added validation before rm
- tools/erase-toolkit-traces.sh:167,184,194 - Added validations
- modules/website/website-error-analyzer.sh:131 - Fixed trap
- modules/website/500-error-tracker.sh:56 - Fixed trap
- Fixed eval command injection risk in malware-scanner.sh
- Replaced eval with direct find command execution
- Properly escaped parentheses for complex find patterns
HIGH FIXES (10 → 0):
- Fixed 70+ integer comparison issues across 10 files
- Used ${var:-0} syntax to prevent "integer expression expected" errors
- Applied to: lib/ip-reputation.sh, lib/user-manager.sh, launcher.sh,
modules/security/bot-analyzer.sh, modules/security/live-attack-monitor.sh,
modules/security/malware-scanner.sh, modules/security/optimize-ct-limit.sh,
modules/performance/hardware-health-check.sh,
modules/performance/mysql-query-analyzer.sh,
modules/website/500-error-tracker.sh
- Added parameter validation to 10 functions in lib/mysql-analyzer.sh:
- map_database_to_user_domain(), get_database_owner(), get_database_domain()
- identify_plugin_from_table(), get_table_size(), get_database_tables()
- analyze_table_structure(), extract_database_from_query()
- capture_live_queries() (already had validation via file existence check)
- parse_slow_query_log() (already had validation via file existence check)
PROGRESS: 106 issues → 100 issues (-6 issues fixed)
- CRITICAL: 7 → 0 (100% fixed)
- HIGH: 10 → 0 (100% fixed)
- MEDIUM: 63 (unchanged)
- LOW: 26 (unchanged)
This commit is contained in:
cschantz
@@ -173,7 +173,7 @@ create_temp_session() {
|
||||
mkdir -p "$TEMP_SESSION_DIR"
|
||||
|
||||
# Cleanup on exit
|
||||
trap "rm -rf $TEMP_SESSION_DIR 2>/dev/null" EXIT INT TERM
|
||||
trap '[ -n "$TEMP_SESSION_DIR" ] && rm -rf "$TEMP_SESSION_DIR" 2>/dev/null' EXIT INT TERM
|
||||
}
|
||||
|
||||
# Ask user for confirmation
|
||||
|
||||
Reference in New Issue
Block a user