[Bug]: ./checks/check_extra715: line 41: ${SEARCH_SLOWLOG_ENABLED,,}: bad substitution

[yadox666]

Error message after running:

./prowler -M html,csv,json,json-asff,mono

Prowler 2.7.0-24January2022

[lazize]

Would you give more details about your bash version and environment?

[n4ch04]

Hi @yadox666 could you please provide more information? Exact error, bash version, environment ...
Also, please, to make our work easier is preferable to use the issue template.

[yadox666]

Darwin XXXXXXXXXXXX 20.6.0 Darwin Kernel Version 20.6.0: Wed Jan 12 22:22:42 PST 2022; root:xnu-7195.141.19~2/RELEASE_X86_64 x86_64

GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin20)

[n4ch04]

We need also information about the error, it is easier if you fill the default template

[n4ch04]

Basically to reproduce it and test it

[lazize]

I have two versions of bash on my machine. As you can see below.

$ /bin/bash --version
GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin19)
Copyright (C) 2007 Free Software Foundation, Inc.

$ bash --version
GNU bash, version 5.1.8(1)-release (x86_64-apple-darwin19.6.0)
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

The version 3.2.57(1)-release (x86_64-apple-darwin19) shows me the same error reported by OP.

$ /bin/bash prowler -p default -f sa-east-1 -c extra715
                          _
  _ __  _ __ _____      _| | ___ _ __
 | '_ \| '__/ _ \ \ /\ / / |/ _ \ '__|
 | |_) | | | (_) \ V  V /| |  __/ |
 | .__/|_|  \___/ \_/\_/ |_|\___|_|v2.7.0-24January2022
 |_| the handy cloud security tool

 Date: Mon Mar  7 11:57:51 -03 2022

 Color code for results:
 -  INFO (Information)
 -  PASS (Recommended value)
 -  WARNING (Ignored by whitelist)
 -  FAIL (Fix required)

 This report is being generated using credentials below:

 AWS-CLI Profile: [default] AWS API Region: [sa-east-1] AWS Filter Region: [sa-east-1]
 AWS Account: [****5262] UserId: [AROA****:****]
 Caller Identity ARN: [arn:aws:sts::****5262:assumed-role/****/****]

7.15 [extra715] Check if Amazon Elasticsearch Service (ES) domains have logging enabled - es [Medium]
./checks/check_extra715: line 41: ${SEARCH_SLOWLOG_ENABLED,,}: bad substitution

The version 5.1.8(1)-release (x86_64-apple-darwin19.6.0) it works fine.

$ ./prowler -p default -f sa-east-1 -c extra715
                          _
  _ __  _ __ _____      _| | ___ _ __
 | '_ \| '__/ _ \ \ /\ / / |/ _ \ '__|
 | |_) | | | (_) \ V  V /| |  __/ |
 | .__/|_|  \___/ \_/\_/ |_|\___|_|v2.7.0-24January2022
 |_| the handy cloud security tool

 Date: Mon Mar  7 11:45:13 -03 2022

 Color code for results:
 -  INFO (Information)
 -  PASS (Recommended value)
 -  WARNING (Ignored by whitelist)
 -  FAIL (Fix required)

 This report is being generated using credentials below:

 AWS-CLI Profile: [default] AWS API Region: [sa-east-1] AWS Filter Region: [sa-east-1]
 AWS Account: [****5262] UserId: [AROA****:****]
 Caller Identity ARN: [arn:aws:sts::****5262:assumed-role/****/****]

7.15 [extra715] Check if Amazon Elasticsearch Service (ES) domains have logging enabled - es [Medium]
       FAIL! sa-east-1: Amazon ES domain test SEARCH_SLOW_LOGS disabled!
       FAIL! sa-east-1: Amazon ES domain test INDEX_SLOW_LOGS disabled!

So I believe macOS original bash version is too old to support modern bash variable expansion features.

---

I see two options here.

1. Set a minimum version for bash
2. Change from variable expansion to tr '[:upper:]' '[:lower:]'

Just let me know what is the best option and If necessary I can fix the code.

[n4ch04]

Thanks @lazize !!!
We are going to track it to be resolved in the next few days

[ShadySQL]

Just ran into the same issue today. Any ideas on when this will be resolved?

[n4ch04]

Hi @ShadySQL we are going to review it and get this done asap !

[n4ch04]

Fixed in #1064 closing it