From 7f9ecfac8192d3ccbd70498434a7c9844ba63d22 Mon Sep 17 00:00:00 2001 From: Developer Date: Tue, 21 Apr 2026 19:55:57 -0400 Subject: [PATCH] Fix: Detect and handle empty/failed downloads properly Issue: wget/curl was creating empty files (0 bytes) when downloads failed due to network/firewall issues. Installer treated these as valid archives. Root cause: wget/curl create output file even when download fails, leaving empty/partial files that later attempts mistook for valid archives. Solution: - Clean up empty files before each download attempt - After download, verify file is not empty ([ -s ]) - Show file size on successful download - Explicitly delete failed/empty files - Differentiate between download command failure vs empty result - Clear error messages: 'empty file (network/firewall issue)' vs 'failed' Now handles the network/firewall interception scenario properly. --- modules/security/malware-scanner.sh | 32 +++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh index 31eb7d6..d4f49de 100755 --- a/modules/security/malware-scanner.sh +++ b/modules/security/malware-scanner.sh @@ -280,6 +280,11 @@ install_maldet_only() { local temp_file="maldetect-latest.tar.gz" local best_source="" + # Clean up any empty/partial files from previous failed attempts + if [ -f "$temp_file" ] && [ ! -s "$temp_file" ]; then + rm -f "$temp_file" + fi + # Download sources in priority order # Format: "name|url|label" (using | as delimiter to avoid splitting https://) local sources=( @@ -296,35 +301,50 @@ install_maldet_only() { echo " Trying $source_label..." + # Clean up any previous attempt file before trying + rm -f "$temp_file" + # Try download with aggressive timeout # --timeout: fail if no progress for this many seconds # --read-timeout: fail if no data received for this many seconds if wget -q --timeout=30 --read-timeout=10 -O "$temp_file" "$source_url" 2>/dev/null; then + # Verify download created a non-empty file (wget creates empty file on failure) if [ -f "$temp_file" ] && [ -s "$temp_file" ]; then - echo -e " ${GREEN}✓ Download successful from $source_label${NC}" + echo -e " ${GREEN}✓ Download successful ($(du -h "$temp_file" | cut -f1))${NC}" download_success=true best_source="$source_label" break + else + # Download command succeeded but file is empty - network/proxy issue + rm -f "$temp_file" + echo -e " ${RED}✗ Download created empty file (network/firewall issue)${NC}" fi + else + # wget command failed rm -f "$temp_file" + echo -e " ${RED}✗ Download failed${NC}" fi # Also try with curl as fallback if [ "$download_success" = false ]; then + rm -f "$temp_file" + if curl -f --connect-timeout 10 --max-time 30 -L -o "$temp_file" "$source_url" 2>/dev/null; then + # Verify curl created a non-empty file if [ -f "$temp_file" ] && [ -s "$temp_file" ]; then - echo -e " ${GREEN}✓ Download successful from $source_label${NC}" + echo -e " ${GREEN}✓ Download successful via curl ($(du -h "$temp_file" | cut -f1))${NC}" download_success=true best_source="$source_label" break + else + rm -f "$temp_file" + echo -e " ${RED}✗ Curl created empty file (network/firewall issue)${NC}" fi + else rm -f "$temp_file" + echo -e " ${RED}✗ Curl failed${NC}" fi fi - - if [ "$download_success" = false ]; then - echo -e " ${RED}✗ Failed or timeout${NC}" - fi done echo ""