Use `od` only for displaying invalid characters

The first od is removed, the second time is moved to right before echoing
the characters. On certain OpenSolaris distributions, `od` always outputs
spaces, even if the input is empty. The spaces would have been converted
to !space!, thus Lynis detected invalid characters / old style configuration.

Resolves cisofy/lynis#1065.

Signed-off-by: Simon Biewald <simon@fam-biewald.de>
This commit is contained in:
Simon Biewald 2020-10-28 01:55:01 +00:00
parent 499cf1cdb9
commit 3e3589291f
1 changed files with 3 additions and 4 deletions

View File

@ -35,7 +35,7 @@
# Show deprecation message for old config entries such as 'config:' and 'apache:' # Show deprecation message for old config entries such as 'config:' and 'apache:'
FOUND=0 FOUND=0
DATA=$(grep -E "^[a-z-]{1,}:" ${PROFILE} | od -An -ta | sed 's/ /!space!/g') # od -An (no file offset), -ta (named character, to be on safe side) DATA=$(grep -E "^[a-z-]{1,}:" ${PROFILE})
if ! IsEmpty "${DATA}"; then FOUND=1; fi if ! IsEmpty "${DATA}"; then FOUND=1; fi
if [ ${FOUND} -eq 1 ]; then if [ ${FOUND} -eq 1 ]; then
@ -56,12 +56,11 @@
fi fi
# Security check for unexpected and possibly harmful escape characters (hyphen should be listed as first or last character) # Security check for unexpected and possibly harmful escape characters (hyphen should be listed as first or last character)
DATA=$(grep -Ev '^$|^ |^#|^config:' "${PROFILE}" | tr -d '[:alnum:]/\[\]\(\)_\|,\.:;= \n\r-' | od -An -ta | sed 's/ /!space!/g') DATA=$(grep -Ev '^$|^ |^#|^config:' "${PROFILE}" | tr -d '[:alnum:]/\[\]\(\)_\|,\.:;= \n\r-')
if ! IsEmpty "${DATA}"; then if ! IsEmpty "${DATA}"; then
DisplayWarning "Your profile '${PROFILE}' contains unexpected characters. See the log file for more information." DisplayWarning "Your profile '${PROFILE}' contains unexpected characters. See the log file for more information."
LogText "Found unexpected or possibly harmful characters in profile '${PROFILE}'. See which characters matched in the output below and compare them with your profile." LogText "Found unexpected or possibly harmful characters in profile '${PROFILE}'. See which characters matched in the output below and compare them with your profile."
for I in ${DATA}; do for I in $(printf ${DATA} | od -An -ta); do
I=$(echo ${I} | sed 's/!space!/ /g')
LogText "Output: ${I}" LogText "Output: ${I}"
done done
LogText "Suggestion: comment incorrect lines with a '#' and try again. Open a GitHub issue if valid characters are blocked" LogText "Suggestion: comment incorrect lines with a '#' and try again. Open a GitHub issue if valid characters are blocked"