HIGH FIX: Add error handling to grep/cut operations in report parsing

Lines 2063, 2081, 2106, 2107, 2125, 2126: Protected grep commands - Added 2>/dev/null to all grep commands - Added || echo '0' fallback for failed extractions - Added ${var:-0} guards to all arithmetic operations - Prevents crash if report lines don't exist or files are empty This handles cases where report files exist but don't contain expected lines.
2026-04-23 20:04:19 -04:00
parent a805676be5
commit e360f12aab
1 changed files with 15 additions and 15 deletions
@@ -2060,11 +2060,11 @@ generate_comparison_report() {
    echo ""
    print_header "BASELINE COMPARISON (Is this activity normal?)"

-    local total_requests=$(grep "^Total_Requests:" "$latest_report" | cut -d: -f2 | tr -d ' ')
+    local total_requests=$(grep "^Total_Requests:" "$latest_report" 2>/dev/null | cut -d: -f2 | tr -d ' ' || echo "0")
    local baseline_requests=$(calculate_baseline_average "server" "requests" 7)

-    if [ "$baseline_requests" -gt 0 ]; then
-        local request_pct=$((total_requests * 100 / baseline_requests))
+    if [ "${baseline_requests:-0}" -gt 0 ]; then
+        local request_pct=$((${total_requests:-0} * 100 / baseline_requests))
        if [ "$request_pct" -gt 200 ]; then
            echo -e "${RED}🔴 ABNORMAL: Requests are $(($request_pct - 100))% above 7-day average${NC}"
            echo "   Baseline (7-day avg): $baseline_requests requests"
@@ -2078,11 +2078,11 @@ generate_comparison_report() {
        echo "📊 (No historical baseline yet - first analysis)"
    fi

-    local high_risk=$(grep "^High_Risk_IPs:" "$latest_report" | cut -d: -f2 | tr -d ' ')
+    local high_risk=$(grep "^High_Risk_IPs:" "$latest_report" 2>/dev/null | cut -d: -f2 | tr -d ' ' || echo "0")
    local baseline_attacks=$(calculate_baseline_average "server" "high_risk" 7)

-    if [ "$baseline_attacks" -gt 0 ]; then
-        local attack_ratio=$((high_risk / baseline_attacks))
+    if [ "${baseline_attacks:-0}" -gt 0 ]; then
+        local attack_ratio=$((${high_risk:-0} / baseline_attacks))
        if [ "$attack_ratio" -gt 3 ]; then
            echo -e "${RED}🔴 ABNORMAL: High-risk IPs are ${attack_ratio}x above baseline${NC}"
            echo "   Baseline (7-day avg): $baseline_attacks high-risk IPs"
@@ -2103,27 +2103,27 @@ generate_comparison_report() {
        print_header "DAY-OVER-DAY TRENDS"

        # Extract metrics and calculate differences
-        local curr_high_risk=$(grep "^High_Risk_IPs:" "$latest_report" | cut -d: -f2 | tr -d ' ')
-        local prev_high_risk=$(grep "^High_Risk_IPs:" "$previous_report" | cut -d: -f2 | tr -d ' ')
-        local risk_diff=$((curr_high_risk - prev_high_risk))
+        local curr_high_risk=$(grep "^High_Risk_IPs:" "$latest_report" 2>/dev/null | cut -d: -f2 | tr -d ' ' || echo "0")
+        local prev_high_risk=$(grep "^High_Risk_IPs:" "$previous_report" 2>/dev/null | cut -d: -f2 | tr -d ' ' || echo "0")
+        local risk_diff=$((${curr_high_risk:-0} - ${prev_high_risk:-0}))
        local risk_pct=0

-        if [ "$prev_high_risk" -gt 0 ]; then
+        if [ "${prev_high_risk:-0}" -gt 0 ]; then
            risk_pct=$((risk_diff * 100 / prev_high_risk))
        fi

        # Display trend
        if [ "$risk_diff" -gt 0 ]; then
-            echo "⚠️  High-Risk IPs: $curr_high_risk (↑ $risk_diff IPs, +${risk_pct}%)"
+            echo "⚠️  High-Risk IPs: ${curr_high_risk:-0} (↑ $risk_diff IPs, +${risk_pct}%)"
        elif [ "$risk_diff" -lt 0 ]; then
-            echo "✓  High-Risk IPs: $curr_high_risk (↓ $((risk_diff * -1)) IPs, ${risk_pct}%)"
+            echo "✓  High-Risk IPs: ${curr_high_risk:-0} (↓ $((risk_diff * -1)) IPs, ${risk_pct}%)"
        else
-            echo "→  High-Risk IPs: $curr_high_risk (no change)"
+            echo "→  High-Risk IPs: ${curr_high_risk:-0} (no change)"
        fi

        # Repeat for other metrics
-        local curr_sql=$(grep "^SQL_Injection:" "$latest_report" | cut -d: -f2 | tr -d ' ')
-        local prev_sql=$(grep "^SQL_Injection:" "$previous_report" | cut -d: -f2 | tr -d ' ')
+        local curr_sql=$(grep "^SQL_Injection:" "$latest_report" 2>/dev/null | cut -d: -f2 | tr -d ' ' || echo "0")
+        local prev_sql=$(grep "^SQL_Injection:" "$previous_report" 2>/dev/null | cut -d: -f2 | tr -d ' ' || echo "0")
        local sql_diff=$((curr_sql - prev_sql))

        if [ "$sql_diff" -gt 0 ]; then