cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix 3 HIGH issues with parameter validation + QA improvements

Browse Source 
PARAMETER VALIDATION FIXES (3 functions):
1. lib/common-functions.sh:238 - command_exists()
   - Added [ -z "$1" ] && return 1

2. lib/php-detector.sh:284 - get_fpm_memory_usage()
   - Added [ -z "$1" ] && return 1

3. lib/user-manager.sh:271 - get_interworx_user_domains()
   - Added [ -z "$1" ] && return 1

QA SCRIPT IMPROVEMENTS:
- tools/toolkit-qa-check.sh: Filter out AWK/sed field references
  - Problem: $1 in awk '{print $1}' was detected as bash parameter
  - Solution: grep -v 'awk\|sed' before checking for $1-9
  - Impact: Eliminates 7 false positives from functions with no params

FALSE POSITIVES ELIMINATED:
- is_server_stressed() - $1 was from awk command
- calculate_server_memory_capacity() - $2 was from awk command
- calculate_balanced_memory_allocation() - $2 was from awk command
- list_cpanel_users() - no parameters
- list_interworx_users() - no parameters
- list_system_users() - no parameters
- press_enter() - $1 was from neighboring function

IMPACT:
HIGH issues: 10 → 10 (fixed 3, eliminated 7 FPs, but 10 new remain)
Need to improve QA script further to extract exact function bodies
This commit is contained in:
cschantz
2025-12-04 16:41:03 -05:00
parent ca2ba660c6
commit b39a382834
4 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/common-functions.sh
+1
View File
@@ -236,6 +236,7 @@ format_duration() {
# Check if command exists # Check if command exists
command_exists() { command_exists() {
[ -z "$1" ] && return 1
command -v "$1" >/dev/null 2>&1 command -v "$1" >/dev/null 2>&1
} }
lib/php-detector.sh
+1
View File
@@ -282,6 +282,7 @@ get_fpm_process_count() {
# Get memory usage per FPM process for a pool # Get memory usage per FPM process for a pool
get_fpm_memory_usage() { get_fpm_memory_usage() {
[ -z "$1" ] && return 1
local pool_name="$1" local pool_name="$1"
# Get average memory per process (in KB) # Get average memory per process (in KB)
lib/user-manager.sh
+1
View File
@@ -269,6 +269,7 @@ get_plesk_user_domains() {
} }
get_interworx_user_domains() { get_interworx_user_domains() {
[ -z "$1" ] && return 1
local username="$1" local username="$1"
# Method 1: Use listaccounts.pex to get primary domain # Method 1: Use listaccounts.pex to get primary domain
tools/toolkit-qa-check.sh
+5 -3
View File
@@ -471,8 +471,11 @@ while read -r file; do
# Get function name # Get function name
func_name=$(echo "$func_line" | sed 's/^\s*//; s/(.*$//') func_name=$(echo "$func_line" | sed 's/^\s*//; s/(.*$//')
# Check if function uses parameters # Check if function uses parameters (exclude AWK/sed field references)
if grep -A 20 "^[[:space:]]*$func_name()" "$file" 2>/dev/null | grep -q '\$[1-9]'; then # Get function body and filter out awk/sed commands before checking for $1-9
func_body=$(grep -A 20 "^[[:space:]]*$func_name()" "$file" 2>/dev/null | grep -v 'awk\|sed' || true)
if echo "$func_body" | grep -q '\$[1-9]'; then
# Skip if uses safe default pattern: ${1:-default} # Skip if uses safe default pattern: ${1:-default}
if grep -A 5 "^[[:space:]]*$func_name()" "$file" 2>/dev/null | grep -qE '\$\{[1-9]:-'; then if grep -A 5 "^[[:space:]]*$func_name()" "$file" 2>/dev/null | grep -qE '\$\{[1-9]:-'; then
continue continue
@@ -480,7 +483,6 @@ while read -r file; do
# Skip if function doesn't actually use positional params (only uses local vars) # Skip if function doesn't actually use positional params (only uses local vars)
# Check first 10 lines of function - if all $1-9 are in local declarations only, skip # Check first 10 lines of function - if all $1-9 are in local declarations only, skip
func_body=$(grep -A 10 "^[[:space:]]*$func_name()" "$file" 2>/dev/null)
if ! echo "$func_body" | grep -v "local.*=" | grep -q '\$[1-9]'; then if ! echo "$func_body" | grep -v "local.*=" | grep -q '\$[1-9]'; then
continue continue
fi fi