Double quote to prevent globbing and word splitting.SC2086 Info

2019-09-19 20:01:31 +02:00 · 2019-09-19 20:01:31 +02:00 · ddd87371b5
parent 09a60783a6
commit ddd87371b5
1 changed files with 6 additions and 6 deletions
--- a/include/functions
+++ b/include/functions
@ -1532,12 +1532,12 @@
                            # Initialize users for strict mode
            if [ -n "${users:-}" ]; then
                for u in ${users}; do
-                    user_uid=$(getent passwd ${u} 2> /dev/null | ${AWKBINARY} -F: '{print $3}')
+                    user_uid=$(getent passwd "${u}" 2> /dev/null | ${AWKBINARY} -F: '{print $3}')
                    # Only perform search if user exists and we had no match yet
                    if [ -n "${user_uid}" ]; then
                        if [ -z "${FIND}" ]; then
                            LogText "Performing pgrep scan using uid ${user_uid}"
-                            FIND=$(${PGREPBINARY} ${pgrep_options} -u ${user_uid} "${search}" | ${TRBINARY} '\n' ' ')
+                            FIND=$(${PGREPBINARY} ${pgrep_options} -u "${user_uid}" "${search}" | ${TRBINARY} '\n' ' ')
                        fi
                    fi
                done
@ -1546,7 +1546,7 @@
                FIND=$(${PGREPBINARY} ${pgrep_options} "${search}" | ${TRBINARY} '\n' ' ')
            fi
        else
-            if [ ${SHELL_IS_BUSYBOX} -eq 1 ]; then
+            if [ "${SHELL_IS_BUSYBOX}" -eq 1 ]; then
                # This search is not foolproof
                LogText "Performing simple ps scan (busybox)"
                PSOPTIONS=" -o args="
@ -1554,16 +1554,16 @@
            else
                if [ -n "${users}" ]; then
                    for u in ${users}; do
-                        user_uid=$(getent passwd ${u} 2> /dev/null | ${AWKBINARY} -F: '{print $3}')
+                        user_uid=$(getent passwd "${u}" 2> /dev/null | ${AWKBINARY} -F: '{print $3}')
                        # Only perform search if user exists and we had no match yet
                        if [ -n "${user_uid}" ]; then
                            if [ -z "${FIND}" ]; then
                                if [ ${PARTIAL_SEARCH} -eq 1 ]; then
                                    LogText "Performing ps scan using partial match and for uid ${user_uid}"
-                                    FIND=$(${PSBINARY} -u ${user_uid} -o comm= "${search}" | ${AWKBINARY} -v pattern="${search}" '$0 ~ pattern {print}')
+                                    FIND=$(${PSBINARY} -u "${user_uid}" -o comm= "${search}" | ${AWKBINARY} -v pattern="${search}" '$0 ~ pattern {print}')
                                else
                                    LogText "Performing ps scan using exact match and for uid ${user_uid}"
-                                    FIND=$(${PSBINARY} -u ${user_uid} -o comm= "${search}" | ${AWKBINARY} -v pattern="^${search}$" '$0 ~ pattern {print}')
+                                    FIND=$(${PSBINARY} -u "${user_uid}" -o comm= "${search}" | ${AWKBINARY} -v pattern="^${search}$" '$0 ~ pattern {print}')
                                fi
                            fi
                        fi