e-m-b-a · m-1-k-3 · Oct 24, 2023 · Oct 17, 2023 · Oct 17, 2023 · Oct 17, 2023
diff --git a/helpers/helpers_emba_prepare.sh b/helpers/helpers_emba_prepare.sh
@@ -486,7 +486,7 @@ detect_root_dir_helper() {
   local R_PATH
   local MECHANISM=""
 
-  mapfile -t INTERPRETER_FULL_PATH < <(find "$SEARCH_PATH" -ignore_readdir_race -type f -exec file {} \; 2>/dev/null | grep "ELF" | grep "interpreter" | sed s/.*interpreter\ // | sed s/,\ .*$// | sort -u 2>/dev/null || true)
+  mapfile -t INTERPRETER_FULL_PATH < <(find "$SEARCH_PATH" -ignore_readdir_race -type f -exec file {} \; 2>/dev/null | grep "ELF" | grep "interpreter" | sed s/.*interpreter\ // | sed 's/,\ .*$//' | sort -u 2>/dev/null || true)
 
   if [[ "${#INTERPRETER_FULL_PATH[@]}" -gt 0 ]]; then
     for INTERPRETER_PATH in "${INTERPRETER_FULL_PATH[@]}"; do

diff --git a/helpers/helpers_emba_status_bar.sh b/helpers/helpers_emba_status_bar.sh
@@ -57,7 +57,7 @@ system_load_util_str() {
   local UTIL_STR="${UTIL_TYPES[$UTIL_TYPE_NO]}"
   local UTIL_BAR_COLOR=""
   local UTIL_BAR_BLANK=""
-  local UTIL_PERCENTAGE=$((PERCENTAGE/(100/12)))
+  local UTIL_PERCENTAGE=$(("$PERCENTAGE"/(100/12)))
 
   local A=0
   local BAR_COUNT=0
@@ -76,7 +76,7 @@ system_load_util_str() {
     UTIL_BAR_COLOR="\033[31m$UTIL_BAR_COLOR\033[0m"
   elif [[ $BAR_COUNT -gt 4 ]] ; then
     UTIL_BAR_COLOR="\033[33m$UTIL_BAR_COLOR\033[0m"
-  else 
+  else
     UTIL_BAR_COLOR="\033[32m$UTIL_BAR_COLOR\033[0m"
   fi
 
@@ -369,11 +369,11 @@ initial_status_bar() {
   # create new tmp file with empty lines
   STATUS_TMP_PATH="$TMP_DIR/status"
   if [[ ! -f "$STATUS_TMP_PATH" && -d "$TMP_DIR" ]] ; then
-    echo -e "\\n\\n\\n\\n" > "$STATUS_TMP_PATH" 
+    echo -e "\\n\\n\\n\\n" > "$STATUS_TMP_PATH"
   fi
   # calculate boxes fitting and draw them
   local INITIAL_STR=""
-  INITIAL_STR="\e[${LINE_POS};1f\e[0J\e[0;${LINE_POS}r\e[${LINE_POS};1f" 
+  INITIAL_STR="\e[${LINE_POS};1f\e[0J\e[0;${LINE_POS}r\e[${LINE_POS};1f"
   if [[ $LINES -gt 10 ]] ; then
     # column has to be increased with 2 characters because of possible arrow column
     local ARROW_POS=0
@@ -391,7 +391,7 @@ initial_status_bar() {
     if [[ $COLUMNS -ge 80 ]] ; then
       INITIAL_STR+="$(draw_box 26 "MODULES" 53)"
       STATUS_BAR_BOX_COUNT=3
-      ARROW_POS=79 
+      ARROW_POS=79
     fi
     if [[ $COLUMNS -ge 104 ]] ; then
       INITIAL_STR+="$(draw_box 26 "STATUS 2" 79)"

diff --git a/installer/wickStrictModeFail.sh b/installer/wickStrictModeFail.sh
@@ -14,9 +14,9 @@ wickStrictModeFail() (
   set +x
   local argsList argsLeft i nextArg
 
-  echo -e "Error detected - status code $ORANGE$1$NC"
-  echo -e "Command:  $ORANGE$BASH_COMMAND$NC"
-  echo -e "Location:  $ORANGE${BASH_SOURCE[1]:-unknown}$NC, line $ORANGE${BASH_LINENO[0]:-unknown}$NC"
+  echo -e "Error detected - status code ${ORANGE}${1}${NC}"
+  echo -e "Command:  ${ORANGE}${BASH_COMMAND}${NC}"
+  echo -e "Location:  ${ORANGE}${BASH_SOURCE[1]:-unknown}${NC}, line ${ORANGE}${BASH_LINENO[0]:-unknown}${NC}"
 
   if [[ ${#PIPESTATUS[@]} -gt 1 ]]; then
       echo "Pipe status: " "${PIPESTATUS[@]}"
@@ -25,20 +25,20 @@ wickStrictModeFail() (
   i=$#
   nextArg=$#
 
-  if [[ $i -lt ${#BASH_LINENO[@]} ]]; then
+  if [[ ${i} -lt ${#BASH_LINENO[@]} ]]; then
     echo "Stack Trace:"
   else
     echo "Stack trace is unavailable"
   fi
 
-  while [[ $i -lt ${#BASH_LINENO[@]} ]]; do
+  while [[ ${i} -lt ${#BASH_LINENO[@]} ]]; do
     argsList=()
 
-    if [[ ${#BASH_ARGC[@]} -gt $i ]] && [[ ${#BASH_ARGV[@]} -ge $(( nextArg + BASH_ARGC[i] )) ]]; then
+    if [[ ${#BASH_ARGC[@]} -gt ${i} ]] && [[ ${#BASH_ARGV[@]} -ge $(( nextArg + BASH_ARGC[i] )) ]]; then
       for (( argsLeft = BASH_ARGC[i]; argsLeft; --argsLeft )); do
         # Note: this reverses the order on purpose
         # shellcheck disable=SC2004
-        argsList[$argsLeft]=${BASH_ARGV[nextArg]}
+        argsList[${argsLeft}]=${BASH_ARGV[nextArg]}
         (( nextArg ++ ))
       done
 
@@ -55,7 +55,7 @@ wickStrictModeFail() (
       argsList=""
     fi
 
-    echo "    [$i] ${FUNCNAME[i]:+${FUNCNAME[i]}(): }${BASH_SOURCE[i]}, line ${BASH_LINENO[i - 1]} -> ${FUNCNAME[i]:-${BASH_SOURCE[i]##*/}}$argsList"
+    echo "    [${i}] ${FUNCNAME[i]:+${FUNCNAME[i]}"():" }${BASH_SOURCE[i]}, line ${BASH_LINENO[i - 1]} -> ${FUNCNAME[i]:-${BASH_SOURCE[i]##*/}}${argsList}"
     (( i ++ ))
   done
   echo -e "\n${BLUE}${BOLD}Important: Consider filling out a bug report at https://github.com/e-m-b-a/emba/issues${NC}\n"

diff --git a/modules/L10_system_emulation/run_service.sh b/modules/L10_system_emulation/run_service.sh
@@ -22,12 +22,13 @@ if ("${FIRMAE_ETC}"); then
   fi
 
   while (true); do
-    while IFS= read -r BINARY; do
-      BINARY_NAME=$("${BUSYBOX}" echo "${BINARY}" | "${BUSYBOX}" cut -d\  -f1)
+    while IFS= read -r _BINARY; do
+      BINARY_NAME=$("${BUSYBOX}" echo "${_BINARY}" | "${BUSYBOX}" cut -d\  -f1)
       BINARY_NAME=$("${BUSYBOX}" basename "${BINARY_NAME}")
       if ( ! ("${BUSYBOX}" ps | "${BUSYBOX}" grep -v grep | "${BUSYBOX}" grep -sqi "${BINARY_NAME}") ); then
         "${BUSYBOX}" echo "[*] Starting $BINARY_NAME service ..."
-        ${BINARY} &
+        #BINARY variable could be something like: binary parameter parameter ...
+        ${_BINARY} &
         "${BUSYBOX}" sleep 5
         "${BUSYBOX}" echo "[*] Netstat output ..."
         "${BUSYBOX}" netstat -antu

diff --git a/modules/Q02_openai_question.sh b/modules/Q02_openai_question.sh
@@ -15,7 +15,7 @@
 # Description: Openai questioning module for container #2
 # Note:        Important requirement for Q-modules is the self termination when a certain phase ends
 
-Q02_openai_question() { 
+Q02_openai_question() {
   if [[ "${GPT_OPTION}" -gt 0 ]] && [[ -n "${OPENAI_API_KEY}" ]]; then
     module_log_init "${FUNCNAME[0]}"
     # Prints title to CLI and into log
@@ -51,7 +51,7 @@ ask_chatgpt() {
   local GPT_FILE_DIR_="${LOG_PATH_MODULE}""/gpt_files"
   local GPT_PRIO_=3
   # default vars
-  local GPT_QUESTION_="" 
+  local GPT_QUESTION_=""
   local CHATGPT_CODE_=""
   local GPT_RESPONSE_=""
   local GPT_RESPONSE_CLEANED_=""
@@ -89,7 +89,7 @@ ask_chatgpt() {
     GPT_TOKENS_="${GPT_TOKENS_//cost\=/}"
     GPT_RESPONSE_="$(echo "${ELEM}" | cut -d\; -f7)"
     GPT_INPUT_FILE_="$(basename "${SCRIPT_PATH_TMP_}")"
-    
+
     # in case we have nothing we are going to move on
     [[ -z "${SCRIPT_PATH_TMP_}" ]] && continue
     print_output "[*] Identification of ${ORANGE}${SCRIPT_PATH_TMP_} / ${GPT_INPUT_FILE_}${NC} inside ${ORANGE}${LOG_DIR}/firmware${NC}" "no_log"
@@ -160,7 +160,8 @@ ask_chatgpt() {
                 local CNT=0
                 while [[ "${CNT}" -lt 1000 ]]; do
                   CNT=$((CNT+1))
-                  (( "${CNT}" % 100 == 0 )) && print_output "[*] Rate limit handling ... sleep mode - ${CNT}" "no_log"
+                  local TEMP_VAR="$(( "${CNT}" % 100 ))"
+                  (( "${TEMP_VAR}" == 0 )) && print_output "[*] Rate limit handling ... sleep mode - ${CNT}" "no_log"
                   if grep -q "Testing phase ended" "${LOG_DIR}"/"${MAIN_LOG_FILE}"; then
                     break 2
                   fi

diff --git a/modules/S110_yara_check.sh b/modules/S110_yara_check.sh
@@ -43,7 +43,8 @@ S110_yara_check()
     ulimit -Sv unlimited
 
     while read -r YARA_OUT_LINE; do
-      if [[ "$YARA_OUT_LINE" == *" [] [author="* ]]; then
+      local AUTHOR_STRING=" [] [author="
+      if [[ "${YARA_OUT_LINE}" == *"${AUTHOR_STRING}"* ]]; then
         YRULE=$(echo "$YARA_OUT_LINE" | awk '{print $1}')
         MATCH_FILE=$(echo "$YARA_OUT_LINE" | grep "\ \[\]\ \[author=\"" | rev | awk '{print $1}' | rev)
         MATCH_FILE_NAME=$(basename "$MATCH_FILE")

diff --git a/modules/S22_php_check.sh b/modules/S22_php_check.sh
@@ -239,7 +239,7 @@ s22_check_php_ini(){
   for PHP_FILE in "${PHP_INI_FILE[@]}" ;  do
     # print_output "[*] iniscan check of ""$(print_path "$PHP_FILE")"
     mapfile -t INISCAN_RESULT < <( "$PHP_INISCAN_PATH" scan --path="$PHP_FILE" || true)
-    for LINE in "${INISCAN_RESULT[@]}" ; do  
+    for LINE in "${INISCAN_RESULT[@]}" ; do
       local LIMIT_CHECK
       IFS='|' read -ra LINE_ARR <<< "$LINE"
       # TODO: STRICT mode not working here:
@@ -266,7 +266,7 @@ s22_check_php_ini(){
         elif ( echo "$LINE" | grep -q "passing" ) ; then
           IFS=' ' read -ra LINE_ARR <<< "$LINE"
           # semgrep does not like the following line of code:
-          LINE_ARR[0]=$(( LINE_ARR[0]-PHP_INI_LIMIT_EXCEEDED ))
+          LINE_ARR[0]=$(( "${LINE_ARR[0]}" - "${PHP_INI_LIMIT_EXCEEDED}" ))
         fi
       fi
     done