cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2bf8c4f2754e02cb852469499af053e0c94dd85a
Linux-Server-Management-Too…/modules/security
T
History
Developer 2bf8c4f275 Fix: Comprehensive quality issues in malware-scanner.sh 
ISSUES FIXED:

1. **Array expansion in echo (lines 1664, 1871):**
   - Changed ${SCAN_PATHS[@]} to ${SCAN_PATHS[*]} for proper expansion in echo context
   - Prevents word splitting issues with paths containing spaces

2. **UUOC (Useless Use of Pipe) with echo (lines 1716-1720):**
   - Removed: $(echo "$malicious_output" | head -1)
   - Replaced with: "${malicious_output%%$'\n'*}" (bash parameter expansion)
   - Replaced pipe-based wc with printf to avoid unnecessary processes

3. **C-style increment operators (lines 2141, 2148, 2154, 2162, 2169, 2213):**
   - Changed ((var++)) to var=$((var + 1)) for consistency with project style
   - Follows CLAUDE.md guidance: use proper arithmetic syntax
   - Applied to: validation_issues and real_threats_count variables

4. **Sed escaping incomplete (line 2325):**
   - Added explicit backslash escaping before other character escaping
   - Changed: 's/[\/&|]/\\&/g'
   - To: 's/\\\\\\\\\\\\/g; s/[\/&|]/\\&/g'
   - Ensures paths with backslashes are properly escaped for sed replacement

5. **Unquoted PID variable (lines 2380, 2392):**
   - Added quotes around $scan_pid in: ps -p "$scan_pid"
   - Added quotes in printed command: echo "  ps -p \"$scan_pid\""
   - Defensive programming best practice

VERIFICATION:
- Syntax check: bash -n passes
- No functional changes to logic
- All fixes follow CLAUDE.md guidelines

IMPACT:
- More robust path handling (spaces, special characters)
- Better resource efficiency (fewer subshells)
- Consistent with codebase standards
- Improved reliability with edge cases
2026-04-21 21:17:01 -04:00
..
bot-analyzer.sh
Standardize bot-analyzer.sh menu validation and improve input handling
2026-02-11 22:45:04 -05:00
bot-blocker.sh
Standardize bot-blocker.sh menu validation, colors, and yes/no prompts
2026-02-17 18:42:04 -05:00
enable-cphulk.sh
Fix cPHulk to use SQLite database instead of MySQL
2025-12-11 17:01:17 -05:00
ip-reputation-manager.sh
Fix final 10 HIGH integer comparisons in live-attack-monitor and ip-reputation-manager
2025-12-03 20:12:20 -05:00
live-attack-monitor-v2.sh
Fix: Proper IFS restoration in all files (HIGH priority)
2026-03-20 01:33:26 -04:00
live-attack-monitor.sh
Add immediate blocking for RCE and critical web exploits
2026-02-20 23:04:35 -05:00
malware-scanner.sh
Fix: Comprehensive quality issues in malware-scanner.sh
2026-04-21 21:17:01 -04:00
optimize-ct-limit.sh
Fix remaining AWK-UNINIT issues in bot-analyzer and network analysis
2026-02-07 02:50:34 -05:00
suspicious-login-monitor.conf.example
MAJOR: Add advanced false positive reduction - whitelists, admin context, temporal analysis
2026-02-03 02:13:10 -05:00
suspicious-login-monitor.sh
Fix TYPE-MISMATCH and AWK-UNINIT issues in email analysis scripts
2026-02-07 02:43:07 -05:00
web-traffic-monitor.sh
CRITICAL FIX: Update InterWorx log file name from access_log to transfer.log
2025-11-20 15:50:45 -05:00