Re-apply critical stability fixes from production to dev

Browse Source

CRITICAL FIXES RE-APPLIED:
1. Safe read statements with /dev/tty redirection
   - Prevents hangs when stdin is piped or unavailable
   - Prevents SSH session termination on menu prompts
   - Gracefully returns instead of crashing

2. Error handling on all read statements
   - Read failures now return instead of exiting unexpectedly
   - Fixes crash when stdin is closed

3. SQL injection prevention in reference-db.sh
   - Database names now escaped with backticks
   - Prevents malicious DB names from breaking queries

4. Password exposure fix in reference-db.sh
   - Use MYSQL_PWD environment variable
   - Credentials no longer visible in 'ps aux' output

5. Race condition fix in temp directory creation
   - Use mktemp -d instead of mkdir -p
   - Secure permissions (0700) and unpredictable naming
   - Prevents TOCTOU attacks

TESTING RESULTS:
✓ QA script passed
✓ Multi-scanner detection verified (4 scanners)
✓ Syntax validation passed
✓ Safe input handling verified
✓ All critical functions available

Status: Ready for testing in dev branch

...

This commit is contained in:

Developer

2026-03-20 16:05:11 -04:00

parent ea40ef0e8b

commit e4bb749ddd

3 changed files with 320 additions and 669 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

launcher.sh

+282 -515

File diff suppressed because it is too large Load Diff