┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 4253 files tracked by git with 7 Code rules:
Scanning 77 files with 7 bash rules.
┌───────────────────┐
│ 984 Code Findings │
└───────────────────┘
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/etc/fsupgrade.d/add_profile
s.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
30┆ group_last_line=$(($(sed -ne "/^[[:blank:]]*\[$group_name.S$nbr_next\]/{=;q}" $conf) - 1))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
15┆ profile_groups=$(grep "^[[:blank:]]*\[StreamProfile.S[0-9]\+\]" $conf)
⋮┆----------------------------------------
21┆ group_profile_numbers=$(sed -rne "s/^[[:blank:]]*\[$group_name.S([0-9]+)\]/\\1/p" $conf)
⋮┆----------------------------------------
25┆ parhandclient addgroup $group_name --number $nbr $template_name ||
⋮┆----------------------------------------
28┆ nbr_next=$(($nbr + 1))
⋮┆----------------------------------------
29┆ group_first_line=$(sed -ne "/^[[:blank:]]*\[$group_name.S$nbr\]/{=;q}" $conf)
⋮┆----------------------------------------
30┆ group_last_line=$(($(sed -ne "/^[[:blank:]]*\[$group_name.S$nbr_next\]/{=;q}" $conf) - 1))
⋮┆----------------------------------------
34┆ profile_buf=$(sed -n "$group_first_line,$group_last_line p" $conf)
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/etc/fsupgrade.d/mediaclip_r
estore.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
144┆ until [ $index -gt $(count "$mediaclip_groups") ]; do
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ echo "$1" | sed -n $2p
⋮┆----------------------------------------
33┆ rm -rf $TMP_AUDIOCLIPS_DIR
⋮┆----------------------------------------
48┆ local index=$(($MAX_GROUPS - 1))
⋮┆----------------------------------------
50┆ until [ $index -lt 0 ]; do
⋮┆----------------------------------------
51┆ group_exists M$index || break
⋮┆----------------------------------------
52┆ index=$(($index - 1))
⋮┆----------------------------------------
56┆ group=$(parhandclient addgroup MediaClip --number $index mediaclip) ||
⋮┆----------------------------------------
59┆ is_empty $group || {
⋮┆----------------------------------------
67┆ parhandclient set $group.Name "$1" ||
⋮┆----------------------------------------
70┆ parhandclient set $group.Location $2 ||
⋮┆----------------------------------------
106┆ location=$(parhandclient get MediaClip.$m_group.Location - RAW) ||
⋮┆----------------------------------------
138┆ mediaclip_groups=$(grep "MediaClip\.M[0-9]" $1 | tr -d "\[\]")
⋮┆----------------------------------------
139┆ names=$(sed -rne 's/^Name[^"]+("[^"]+")/\1/p' $1)
⋮┆----------------------------------------
140┆ locations=$(sed -rne 's/^Location[^"]+("[^"]+")/\1/p' $1)
⋮┆----------------------------------------
141┆ current_nbr_of_groups=$(count $CURRENT_AUDIO_GROUPS)
⋮┆----------------------------------------
144┆ until [ $index -gt $(count "$mediaclip_groups") ]; do
⋮┆----------------------------------------
148┆ group=$(get_line "$mediaclip_groups" $index)
⋮┆----------------------------------------
149┆ name=$(get_line "$names" $index)
⋮┆----------------------------------------
152┆ location=$(get_line "$locations" $index)
⋮┆----------------------------------------
159┆ current_nbr_of_groups=$(($current_nbr_of_groups + 1))
⋮┆----------------------------------------
162┆ index=$(($index + 1))
⋮┆----------------------------------------
177┆ parhandclient deletegroup MediaClip.$m_group ||
⋮┆----------------------------------------
201┆ load_mediaclip_configuration $USR_MEDIACLIP_DIR/dyn_mediaclip.conf
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/etc/fsupgrade.d/update_old_
permissions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
6┆ files=$(echo $pattern)
⋮┆----------------------------------------
7┆ [ "$pattern" = "$files" ] || chmod +r $files ||
⋮┆----------------------------------------
8┆ error $0: Failed to change permissions.
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/etc/init.d/functions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
324┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
413┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
21┆ [ ! -r $RCLIB/sh/files.sh ] || . $RCLIB/sh/files.sh
⋮┆----------------------------------------
68┆ eval $2="$_LFD/$__lf.lock" ||
⋮┆----------------------------------------
77┆ validate_lock_fn $1 _lf
⋮┆----------------------------------------
118┆ validate_lock_fn $1 _lf
⋮┆----------------------------------------
226┆ if check_pid $1; then
⋮┆----------------------------------------
267┆ kill -TERM $1 || return 1
⋮┆----------------------------------------
270┆ if check_pid $1 && sleep 1 &&
⋮┆----------------------------------------
271┆ check_pid $1 && sleep 2 &&
⋮┆----------------------------------------
272┆ check_pid $1 && sleep 3 &&
⋮┆----------------------------------------
273┆ check_pid $1; then
⋮┆----------------------------------------
274┆ kill -KILL $1
⋮┆----------------------------------------
324┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
413┆ shift $(($OPTIND - 1))
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/etc/qos/qos.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
101┆ set -- $CLASSES
⋮┆----------------------------------------
366┆ . $CONF_PATH || _error "Failed to source '$CONF_PATH'"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/add_numbers.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ TOTAL=$(($TOTAL+$val))
⋮┆----------------------------------------
7┆ echo $TOTAL
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/casing_open_closed_
leds_on_off.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ $GDBUS_LED_SET_STATE "LED_STATE_CASE_CLOSED_POWERLED" > /dev/null ||
⋮┆----------------------------------------
20┆ $GDBUS_LED_SET_STATE "LED_STATE_CASE_CLOSED_NETWORKLED" > /dev/null ||
⋮┆----------------------------------------
23┆ $GDBUS_LED_SET_STATE "LED_STATE_CASE_CLOSED_STATUSLED" > /dev/null ||
⋮┆----------------------------------------
26┆ $GDBUS_LED_SET_STATE "LED_STATE_CASE_CLOSED_STATUSLED_1" > /dev/null ||
⋮┆----------------------------------------
29┆ $GDBUS_LED_SET_STATE "LED_STATE_CASE_CLOSED_STATUSLED_2" > /dev/null ||
⋮┆----------------------------------------
37┆ $GDBUS_LED_CANCEL_STATE "LED_STATE_CASE_CLOSED_POWERLED" > /dev/null ||
⋮┆----------------------------------------
40┆ $GDBUS_LED_CANCEL_STATE "LED_STATE_CASE_CLOSED_NETWORKLED" > /dev/null ||
⋮┆----------------------------------------
43┆ $GDBUS_LED_CANCEL_STATE "LED_STATE_CASE_CLOSED_STATUSLED" > /dev/null ||
⋮┆----------------------------------------
46┆ $GDBUS_LED_CANCEL_STATE "LED_STATE_CASE_CLOSED_STATUSLED_1" > /dev/null ||
⋮┆----------------------------------------
49┆ $GDBUS_LED_CANCEL_STATE "LED_STATE_CASE_CLOSED_STATUSLED_2" > /dev/null ||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/checkprogress.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
15┆ $(init_done)
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/elflibcheck.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
8┆ echo $((1+${#t}))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ local t=`dd if=$1 bs=1 count=1 skip=$2 2>/dev/null`
⋮┆----------------------------------------
8┆ echo $((1+${#t}))
⋮┆----------------------------------------
12┆ local elfmag0=`getb $1 0`
⋮┆----------------------------------------
13┆ local elfmag1_3=`dd if=$1 bs=1 count=3 skip=1 2>/dev/null`
⋮┆----------------------------------------
14┆ local e_type0=`getb $1 16`
⋮┆----------------------------------------
15┆ local e_type1=`getb $1 17`
⋮┆----------------------------------------
16┆ local e_machine0=`getb $1 18`
⋮┆----------------------------------------
17┆ local e_machine1=`getb $1 19`
⋮┆----------------------------------------
19┆ local ei_data=`getb $1 5`
⋮┆----------------------------------------
20┆ local e_flags0=`getb $1 36`
⋮┆----------------------------------------
21┆ local e_flags1=`getb $1 37`
⋮┆----------------------------------------
22┆ local e_flags2=`getb $1 38`
⋮┆----------------------------------------
23┆ local e_flags3=`getb $1 39`
⋮┆----------------------------------------
233┆ ldd -s $file || {
⋮┆----------------------------------------
235┆ filestr=`emstr $file`
⋮┆----------------------------------------
242┆ exit $result
⋮┆----------------------------------------
245┆ ldd $file
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/fan_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
16┆ nbr_of_fans=$($GDBUS_GET_NBR) ||
⋮┆----------------------------------------
25┆ stat=$(dbus-send --system --print-reply \
26┆ --dest=com.axis.TemperatureController
--type=method_call \
27┆
/com/axis/TemperatureController \
28┆ com.axis.TemperatureController.GetFanStatus
int32:$i \
⋮┆----------------------------------------
31┆ stat=$(echo $stat)
⋮┆----------------------------------------
39┆ i=$(($i + 1))
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/function_button.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
8┆ $LOGIT -p err -- $*
⋮┆----------------------------------------
16┆ $GDBUS_CALL.assistant_is_active 2>/dev/null
⋮┆----------------------------------------
29┆ focus_active=$($GDBUS_CALL.assistant_is_active) ||
⋮┆----------------------------------------
36┆ $GDBUS_CALL.assistant_button ||
⋮┆----------------------------------------
60┆ $GDBUS_CALL.assistant_button ||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/heater_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
11┆ nbr_of_heaters=$($GDBUS_GET_NBR) ||
⋮┆----------------------------------------
22┆ stat=$(dbus-send --system --print-reply \
23┆ --dest=com.axis.TemperatureController
--type=method_call \
24┆
/com/axis/TemperatureController \
25┆ com.axis.TemperatureController.GetHeaterStatus
int32:$i)
⋮┆----------------------------------------
27┆ stat=$(echo $stat)
⋮┆----------------------------------------
35┆ i=$(($i + 1))
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/humidity_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
13┆ nbr_of_humidity_sensors=$($GDBUS_GET_NBR) ||
⋮┆----------------------------------------
22┆ hum=$(dbus-send --system --print-reply \
23┆ --dest=com.axis.TemperatureController
--type=method_call \
24┆
/com/axis/TemperatureController \
25┆ com.axis.TemperatureController.GetHumidity
int32:$i)
⋮┆----------------------------------------
27┆ hum=$(echo $hum)
⋮┆----------------------------------------
31┆ printf "Sensor S%d: %.0f %%\n" $i $hum
⋮┆----------------------------------------
35┆ i=$(($i + 1))
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/iowrapper.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
47┆ check_port $2
⋮┆----------------------------------------
48┆ check_state $3
⋮┆----------------------------------------
51┆ check_duration $4
⋮┆----------------------------------------
67┆ port=$(($2 + 1))
⋮┆----------------------------------------
83┆ $cmd
⋮┆----------------------------------------
101┆ $cmd
⋮┆----------------------------------------
130┆ $cmd "$args"
⋮┆----------------------------------------
149┆ $cmd "$args"
⋮┆----------------------------------------
158┆ port=$(($1 + 1))
⋮┆----------------------------------------
171┆ $cmd
⋮┆----------------------------------------
190┆ $cmd "$args"
⋮┆----------------------------------------
196┆ validate $*
⋮┆----------------------------------------
201┆ start_io2d $*
⋮┆----------------------------------------
203┆ start $*
⋮┆----------------------------------------
209┆ stop_io2d $*
⋮┆----------------------------------------
211┆ stop $*
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/ir_status_notify.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
22┆ logger -s -t${0##*/} -p err -- "Usage: <start|stop|validate>"
⋮┆----------------------------------------
23┆ logger -s -t${0##*/} -p err -- "Supported:"
⋮┆----------------------------------------
24┆ logger -s -t${0##*/} -p err -- "$0 start"
⋮┆----------------------------------------
25┆ logger -s -t${0##*/} -p err -- "$0 stop"
⋮┆----------------------------------------
26┆ logger -s -t${0##*/} -p err -- "$0 validate <lightid>"
⋮┆----------------------------------------
31┆ $GDBUS_SET_IR \<0\> >/dev/null ||
⋮┆----------------------------------------
36┆ $GDBUS_SET_IR \<1\> >/dev/null ||
⋮┆----------------------------------------
62┆ validate $*
⋮┆----------------------------------------
65┆ usage $*
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/ircutfilter.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
8┆ logger -p $level -t "$SELF" -s "$@"
⋮┆----------------------------------------
43┆ mode get $source > /dev/null
⋮┆----------------------------------------
55┆ source=$(($2 - 1))
⋮┆----------------------------------------
75┆ parhandclient --nolog get $param 2>/dev/null || error info "IR cut filter not supported (no parameter
'$param')"
⋮┆----------------------------------------
77┆ parhandclient set $param $val || error err "Failed to set parameter $param"
⋮┆----------------------------------------
84┆ validate $*
⋮┆----------------------------------------
88┆ mode $*
⋮┆----------------------------------------
92┆ mode $*
⋮┆----------------------------------------
96┆ mode $*
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/irlight.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
10┆ $LOGIT -p err -- $*
⋮┆----------------------------------------
15┆ $LOGIT -p info
-- "
16┆ Error: $0 $1 $2 $3 $4 $5
17┆ Usage: <start|stop> <continuous|one_shot> <lightid> <activate> <timeout>
18┆ Supported:
19┆ $0 start continuous <lightid> yes 0
20┆ $0 stop continuous <lightid> yes 0
21┆ $0 start one_shot <lightid> yes <timeout>
22┆ $0 start one_shot <lightid> no <timeout>
23┆ Note that this script has a hardcode lightid to 0, to fit current action template"
⋮┆----------------------------------------
58┆ $GDBUS_LIGHTLOGIC_SETLIGHTSTATUS true $setdaynightsync $syncon ||
⋮┆----------------------------------------
85┆ $GDBUS_LIGHTLOGIC_SETLIGHTSTATUS false $setdaynightsync $syncon ||
⋮┆----------------------------------------
106┆ timeout=$(($timeout * 1000))
⋮┆----------------------------------------
107┆ usleep $timeout
⋮┆----------------------------------------
128┆ timeout=$(($timeout * 1000))
⋮┆----------------------------------------
129┆ usleep $timeout
⋮┆----------------------------------------
177┆ [ $# -ge 5 ] || usage $*
⋮┆----------------------------------------
185┆ start_light $5
⋮┆----------------------------------------
188┆ stop_light $5
⋮┆----------------------------------------
191┆ usage $*
⋮┆----------------------------------------
201┆ usage $*
⋮┆----------------------------------------
206┆ usage $*
⋮┆----------------------------------------
218┆ usage $*
⋮┆----------------------------------------
223┆ usage $*
⋮┆----------------------------------------
229┆ validate $*
⋮┆----------------------------------------
232┆ usage $*
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/ledsonoff.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
15┆ kill $pid
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/light_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
46┆ local value=$($2 2>&1)
⋮┆----------------------------------------
66┆ local value=$($2 2>&1)
⋮┆----------------------------------------
77┆ printf "$1: %d\n" $value
⋮┆----------------------------------------
82┆ local value=$($2 2>&1)
⋮┆----------------------------------------
93┆ printf "$1: %d\n" $value
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/poe_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
214┆ printf " -Software Power Requested: %d.%d Watt\n" $(($requested/10))
$(($requested%10))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
27┆ value=$($GDBUS_POWERD_PROP_GET $2 2>&1) ||
⋮┆----------------------------------------
36┆ eval $1=\$value
⋮┆----------------------------------------
61┆ poe_class=$(($2 & 0x0F))
⋮┆----------------------------------------
64┆ poe_class=$(($2 & 0x0F))
⋮┆----------------------------------------
155┆ info=$($GDBUS_GLLDPD_METHOD.GetNeighbourInfo 2>&1) ||
⋮┆----------------------------------------
204┆ info=$($GDBUS_GLLDPD_METHOD.GetPoeInfo 2>&1) ||
⋮┆----------------------------------------
214┆ printf " -Software Power Requested: %d.%d Watt\n" $(($requested/10))
$(($requested%10))
⋮┆----------------------------------------
214┆ printf " -Software Power Requested: %d.%d Watt\n" $(($requested/10))
$(($requested%10))
⋮┆----------------------------------------
221┆ print_prio_string $prio
⋮┆----------------------------------------
242┆ info=$($GDBUS_POWERD_METHOD.TotalPowerConsumption 2>&1) || {
⋮┆----------------------------------------
257┆ set -- $info
⋮┆----------------------------------------
263┆ current_power=$(printf "%.1f" $current_power)
⋮┆----------------------------------------
266┆ min_power=$(printf "%.1f" $2)
⋮┆----------------------------------------
269┆ max_power=$(printf "%.1f" $3)
⋮┆----------------------------------------
274┆ average_power=$(printf "%.1f" $average_power)
⋮┆----------------------------------------
318┆ info=$($GDBUS_POWERD_METHOD.DevicePower $1 2>&1) ||
⋮┆----------------------------------------
324┆ set -- $info
⋮┆----------------------------------------
333┆ current_power=$(printf "%.1f" $2)
⋮┆----------------------------------------
336┆ min_power=$(printf "%.1f" $3)
⋮┆----------------------------------------
339┆ max_power=$(printf "%.1f" $4)
⋮┆----------------------------------------
344┆ average_power=$(printf "%.1f" $average_power)
⋮┆----------------------------------------
348┆ print_pretty_name $name
⋮┆----------------------------------------
359┆ info=$($GDBUS_POWERSAVE_METHOD.GetPowerSavingSupport 2>&1) ||
⋮┆----------------------------------------
368┆ info=$($GDBUS_POWERSAVE_METHOD.GetPowerSavingMode 2>&1) ||
⋮┆----------------------------------------
391┆ print_poeclass_string "Hardware:" $return_value
⋮┆----------------------------------------
395┆ print_poeclass_string "Software:" $return_value
⋮┆----------------------------------------
400┆ lldp_info=$($GDBUS_POLICYKIT_LLDPCLI show-neighbors 2>&1) ||
⋮┆----------------------------------------
408┆ print_power_status $return_value
⋮┆----------------------------------------
412┆ printf "Power Requested: %.1f Watt\n" $return_value
⋮┆----------------------------------------
416┆ printf "Power Received: %.1f Watt\n" $return_value
⋮┆----------------------------------------
440┆ print_device_power_consumption $device_index
⋮┆----------------------------------------
442┆ device_index=$(($device_index + 1))
⋮┆----------------------------------------
496┆ poe_output=$($poet_executable --info 2>&1 || :)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
256┆ local IFS=,
⋮┆----------------------------------------
323┆ local IFS=,
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/ptzaction.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
13┆ SPEED=$(($DEFAULT_SPEED << 16))
⋮┆----------------------------------------
18┆ /usr/bin/dbus-send\
19┆ --system\
20┆ --type=method_call\
21┆ --dest=com.axis.PTZ.Coordinator\
22┆ /com/axis/PTZ/Coordinator/$channel\
23┆ com.axis.PTZ.Coordinator.GotoPresetName\
24┆ string:Administrator\
25┆ int32:1\
26┆ string:"$preset"\
27┆ int32:$SPEED
⋮┆----------------------------------------
31┆ [ $home_timeout -lt 0 ] || goto_home $channel $home_timeout
⋮┆----------------------------------------
41┆ [ $timeout -eq 0 ] || sleep $timeout
⋮┆----------------------------------------
43┆ /usr/bin/dbus-send\
44┆ --system\
45┆ --type=method_call\
46┆ --dest=com.axis.PTZ.Coordinator\
47┆ /com/axis/PTZ/Coordinator/$channel\
48┆ com.axis.PTZ.Coordinator.GotoHome\
49┆ string:Administrator\
50┆ int32:1\
51┆ int32:$SPEED
⋮┆----------------------------------------
56┆ goto_preset $2 $3 "$4" $5
⋮┆----------------------------------------
59┆ [ $3 -lt 0 ] || goto_home
$2 $3
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/set_wdr.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
9┆ wdr=$(busctl get-property $img_foo /com/axis/ImageControl/0/0 \
10┆ $img_interface
$wdr_prop) || {
⋮┆----------------------------------------
11┆ $logit "Could not get property: $wdr_prop from $img_interface";
⋮┆----------------------------------------
20┆ parhandclient set $param $1 ||
⋮┆----------------------------------------
21┆ $logit "Could not set $param to $1"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/start-package-allow
ed.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
23┆ MAXRUNNING=$(($MAXRUNNING + 1))
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/sync_irlight_ircut.
sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
9┆ logger -s -t${0##*/} -p err -- "Usage: $0 ir_filter_off [channel]"
⋮┆----------------------------------------
10┆ logger -s -t${0##*/} -p err -- "Usage: $0 ir_filter_on [channel]"
⋮┆----------------------------------------
22┆ CHANNEL=$(($2 - 1))
⋮┆----------------------------------------
59┆ use_day_night=$($GDBUS_LIGHT_GET UseDayNight) ||
⋮┆----------------------------------------
61┆ sync=$($GDBUS_LIGHT_GET SyncDayNight) ||
⋮┆----------------------------------------
71┆ day=$($GDBUS_IMG_GET IsAboveIlluminanceLevel) ||
⋮┆----------------------------------------
79┆ $GDBUS_LIGHT_SETLIGHTSTATUS true >/dev/null ||
⋮┆----------------------------------------
89┆ $GDBUS_LIGHT_SETLIGHTSTATUS true >/dev/null ||
⋮┆----------------------------------------
100┆ if eval $GDBUS_IMG_GET IrCutFilter >/dev/null 2>& then
⋮┆----------------------------------------
107┆ s=$(eval $GDBUS_GET_NBR_OF_SOURCES 2>&1) ||
⋮┆----------------------------------------
114┆ nbrofsources=$(($nbrofsources + 1))
⋮┆----------------------------------------
119┆ eval $GDBUS_LIGHT_SETLIGHTSTATUS false >/dev/null ||
⋮┆----------------------------------------
125┆ isabove=$(eval $GDBUS_IMG_GET_BY_CHANNEL/$i/$STREAM IsAboveIlluminanceLevel 2>&1) ||
⋮┆----------------------------------------
129┆ [ $isabove -eq 1 ] || isabovecounter=$(($isabovecounter + 1))
⋮┆----------------------------------------
130┆ ircut=$(eval $GDBUS_IMG_GET_BY_CHANNEL/$i/$STREAM IrCutFilter 2>&1) ||
⋮┆----------------------------------------
136┆ ircutcounter=$(($ircutcounter + 1))
⋮┆----------------------------------------
139┆ i=$(($i + 1))
⋮┆----------------------------------------
142┆ eval $GDBUS_LIGHT_SETLIGHTSTATUS false >/dev/null ||
⋮┆----------------------------------------
148┆ eval $GDBUS_LIGHT_SETLIGHTSTATUS false >/dev/null ||
⋮┆----------------------------------------
153┆ card_detected=$($GDBUS_LIGHT_GET CardDetected) ||
⋮┆----------------------------------------
165┆ correct_poe=$($GDBUS_LIGHT_GET CorrectPoe) ||
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
110┆ IFS="'"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/temperature_status.
sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
85┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
6┆ logger -s -t$SELF -p err -- $*
⋮┆----------------------------------------
11┆
printf \
12┆ 'Usage: %s [Options]
13┆ Options:
14┆ -h Help & usage
15┆ -v verbose
16┆ ' $SELF
⋮┆----------------------------------------
27┆ if name=$($GDBUS_GET_TEMP_NAME $1 2>/dev/null) && [ "$name" ]; then
⋮┆----------------------------------------
65┆ echo Sensor S$1: $temp.${dec%$rest} C $name
⋮┆----------------------------------------
85┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
98┆ temp_values=$($GDBUS_GET_TEMP_VALUES celcius 2>/dev/null) ||
⋮┆----------------------------------------
105┆ set -- $sensor
⋮┆----------------------------------------
107┆ [ $# -lt 3 ] || print_temp $1 $2 $3
⋮┆----------------------------------------
116┆ [ ! -r $logf ] || echo "TempCounter:" $all_count_cmd
⋮┆----------------------------------------
117┆ [ ! -r $logf ] || echo "HighTemp:" $hi_count_cmd
⋮┆----------------------------------------
118┆ [ ! -r $logf ] || echo "LowTemp:" $lo_count_cmd
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
102┆ IFS='('
⋮┆----------------------------------------
104┆ IFS=' ,.)'
⋮┆----------------------------------------
106┆ IFS=$OLD_IFS
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/update_angleofillum
ination.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
6┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
11┆ logger -s -t${0##*/} -p warn -- $*
⋮┆----------------------------------------
18┆ rval=$($GDBUS_CALL \
19┆
--dest=com.axis.Optics \
20┆
--object-path=/com/axis/Optics/Zoom \
21┆ --method=com.axis.Optics.Motorized.GetZoomValue)
||
⋮┆----------------------------------------
34┆ $GDBUS_CALL \
35┆
--dest=com.axis.LightController \
36┆
--object-path=/com/axis/LightController/led/0 \
37┆
--method=com.axis.LightController.Zoom.ChangeAngleOfIllumination \
38┆ $rval >/dev/null
||
⋮┆----------------------------------------
43┆ card_detected=$($GDBUS_CALL \
44┆
--dest=com.axis.LightController \
45┆
--object-path=/com/axis/LightController/led/0 \
46┆
--method=org.freedesktop.DBus.Properties.Get \
47┆
com.axis.LightController.Common \
48┆ CardDetected)
||
⋮┆----------------------------------------
58┆ correct_poe=$($GDBUS_CALL \
59┆
--dest=com.axis.LightController \
60┆
--object-path=/com/axis/LightController/led/0 \
61┆
--method=org.freedesktop.DBus.Properties.Get \
62┆
com.axis.LightController.Common \
63┆ CorrectPoe)
||
⋮┆----------------------------------------
73┆ auto_illum_supp=$($GDBUS_CALL \
74┆
--dest=com.axis.LightController \
75┆
--object-path=/com/axis/LightController/led/0 \
76┆
--method=org.freedesktop.DBus.Properties.Get \
77┆
com.axis.LightController.Zoom \
78┆ AutomaticAngleOfIlluminationSupp)
||
⋮┆----------------------------------------
88┆ auto_illum=$($GDBUS_CALL \
89┆
--dest=com.axis.LightController \
90┆
--object-path=/com/axis/LightController/led/0 \
91┆
--method=org.freedesktop.DBus.Properties.Get \
92┆
com.axis.LightController.Zoom \
93┆ AutomaticAngleOfIllumination)
||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/validate_parameters
.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
27┆ echo $1 | grep "^[^0-9]*$" || ! ( [ $1 -lt 0 ] || [ $1 -gt 63 ] )
⋮┆----------------------------------------
51┆ ! ( [ -z $user ] || [ -z $host ] || ! validate_host $host) ||
⋮┆----------------------------------------
66┆ local location=$(echo $1 | urldecode)
⋮┆----------------------------------------
103┆ validate_host $OPTARG
⋮┆----------------------------------------
106┆ validate_url $OPTARG
⋮┆----------------------------------------
109┆ validate_port $OPTARG
⋮┆----------------------------------------
112┆ validate_qos $OPTARG
⋮┆----------------------------------------
115┆ validate_email $OPTARG
⋮┆----------------------------------------
118┆ validate_audio_clip $OPTARG
⋮┆----------------------------------------
121┆ validate_wdr $OPTARG
⋮┆----------------------------------------
124┆ validate_defog $OPTARG
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
44┆ IFS="$IFS,;"
⋮┆----------------------------------------
54┆ IFS=$old_IFS
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/vmstatus.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
63┆ printf "%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%d\t%s\n" \
64┆ $Rss $Pss $Pss_Dirty $Shared_Clean $Shared_Dirty $Private_Clean $Private_Dirty $Swap $SwapPss $1
$comm
⋮┆----------------------------------------
69┆ TOTAL_PSS=$(($TOTAL_PSS + $Pss + $SwapPss))
⋮┆----------------------------------------
82┆ vmstatus $p
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/lib/acap_
handle_files.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
23┆ [ -d $2 ] && rm -rf $2 2>&1
⋮┆----------------------------------------
25┆ rm -rf $tmpdir 2>&1
⋮┆----------------------------------------
27┆ res=$(mkdir $tmpdir 2>&1) || {
⋮┆----------------------------------------
32┆ res=$(cp -fa $1/. $tmpdir) || {
⋮┆----------------------------------------
34┆ rm -rf $tmpdir 2>&1
⋮┆----------------------------------------
41┆ rm -rf $tmpdir 2>&1
⋮┆----------------------------------------
45┆ res=$(mv $tmpdir $2) || {
⋮┆----------------------------------------
47┆ rm -rf $tmpdir 2>&1
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/lib/adp.s
h
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
429┆ res=$(eval $(__rootpath) $INSTALLER preupgrade \
430┆ $tmp_ld/$PREUPGRADESCRIPT 2>&1) || warning
"$res"
⋮┆----------------------------------------
438┆ res=$(eval $(__rootpath) $INSTALLER uninstall) || warning "$res"
⋮┆----------------------------------------
468┆ eval $(__rootpath) $INSTALLER install $limited_postinstall >$instlog.tmp 2>&1 || ret=$?
⋮┆----------------------------------------
768┆ eval $(__rootpath) $INSTALLER uninstall >/dev/null || {
⋮┆----------------------------------------
924┆ if eval $(__rootpath) start-package-allowed.sh $packdir/$APPNAME $APPTYPE >/dev/null; then
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
14┆ logger -t ${0##*/} -p INFO -- "$*"
⋮┆----------------------------------------
18┆ logger -t ${0##*/} -p WARNING -- "$*"
⋮┆----------------------------------------
22┆ logger -t ${0##*/} -p CRIT -- "$*"
⋮┆----------------------------------------
69┆ exit $exit_status
⋮┆----------------------------------------
82┆ exit $exit_status
⋮┆----------------------------------------
149┆ arch=$($PHC get properties.System.Architecture 2>&1) || {
⋮┆----------------------------------------
153┆ eval arch=$arch
⋮┆----------------------------------------
175┆ return $retval
⋮┆----------------------------------------
185┆ eval enb=$val
⋮┆----------------------------------------
192┆ eval $2=\$enb
⋮┆----------------------------------------
204┆ state=$(systemctl is-active $service 2>/dev/null) ||:
⋮┆----------------------------------------
209┆ systemctl stop $service || warning "Failed to stop $service"
⋮┆----------------------------------------
210┆ systemctl disable $service || warning "Failed to disable $service"
⋮┆----------------------------------------
215┆ systemctl enable $service || warning "Failed to enable $service"
⋮┆----------------------------------------
218┆ systemctl disable $service || warning "Failed to disable $service"
⋮┆----------------------------------------
220┆ systemctl restart $service || warning "Failed to restart $service"
⋮┆----------------------------------------
228┆ fsynced_write_or_cleanup $PACKAGE_DIRECTORY/$2/conf/$runstate_conf.tmp
$PACKAGE_DIRECTORY/$2/conf/$runstate_conf
⋮┆----------------------------------------
253┆ tmp_file=$(file_upload -S $CONTENT_LENGTH -n 204800 \
254┆ --allowed-realms=$realms --allowed-dirs=$dirs 2>&1)
|| {
⋮┆----------------------------------------
266┆ [ $CLEANUP -eq 0 ] || rm -f $tmp_file
⋮┆----------------------------------------
271┆ mv $tmp_file $tmp_file_general || {
⋮┆----------------------------------------
273┆ [ $CLEANUP -eq 0 ] || rm -f $tmp_file
⋮┆----------------------------------------
278┆ eval $1=\$tmp_file_general
⋮┆----------------------------------------
301┆ __pkgconf_get_var $tmp_package REQEMBDEVVERSION || :
⋮┆----------------------------------------
302┆ __pkgconf_get_var $tmp_package APPNAME || :
⋮┆----------------------------------------
303┆ embdevversion=$($PHC get properties.EmbeddedDevelopment.Version 2>&1) || {
⋮┆----------------------------------------
312┆ compare_vers $REQEMBDEVVERSION le $embdevversion || {
⋮┆----------------------------------------
322┆ res=$(tar -xzf $tmp_package -C $tmp_ld 2>&1) || {
⋮┆----------------------------------------
324┆ res2=$(tar -xf $tmp_package -C $tmp_ld 2>&1) || {
⋮┆----------------------------------------
326┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
332┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
337┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
344┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
349┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
354┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
359┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
369┆ mv /tmp/$APPNAME.xml $tmp_ld/$APPNAME.xml
⋮┆----------------------------------------
373┆ __is_supported_apptype $APPTYPE || {
⋮┆----------------------------------------
374┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
377┆ res=$($ELFCHECK $tmp_ld/$APPNAME 2>&1) || {
⋮┆----------------------------------------
378┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
387┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
393┆ res=$(mkdir $PACKAGE_DIRECTORY 2>&1) || {
⋮┆----------------------------------------
395┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
398┆ res=$(chmod 775 $PACKAGE_DIRECTORY 2>&1) || {
⋮┆----------------------------------------
400┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
412┆ _tmpbakdir=$(mktemp -d /tmp/$APPNAME.XXXXXX 2>&1) || {
⋮┆----------------------------------------
417┆ [ -z "$_tmpbakdir" ] || __preserve_app_runstate $dest_dir $_tmpbakdir
⋮┆----------------------------------------
424┆ preupgrade_res=$(chmod 755 $tmp_ld 2>&1) ||
⋮┆----------------------------------------
428┆ cd $dest_dir
⋮┆----------------------------------------
429┆ res=$(eval $(__rootpath) $INSTALLER preupgrade \
430┆ $tmp_ld/$PREUPGRADESCRIPT 2>&1) || warning
"$res"
⋮┆----------------------------------------
431┆ cd $oldpwd || :
⋮┆----------------------------------------
435┆ [ ! $_tmpbakdir ] || __preserve_app_conf $dest_dir $_tmpbakdir
⋮┆----------------------------------------
437┆ cd $dest_dir
⋮┆----------------------------------------
438┆ res=$(eval $(__rootpath) $INSTALLER uninstall) || warning "$res"
⋮┆----------------------------------------
440┆ cd $oldpwd || :
⋮┆----------------------------------------
441┆ rm -rf $dest_dir
⋮┆----------------------------------------
445┆ if ! __fsynced_write_or_cleanup_dir $tmp_ld $dest_dir; then
⋮┆----------------------------------------
447┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld $dest_dir $_tmpbakdir
⋮┆----------------------------------------
451┆ res=$(chmod 775 $dest_dir 2>&1) || {
⋮┆----------------------------------------
453┆ [ $CLEANUP -eq 0 ] || rm -fr $dest_dir $_tmpbakdir
⋮┆----------------------------------------
457┆ if ! __fsynced_write_or_cleanup_dir $_tmpbakdir $dest_dir/$BAKDIR; then
⋮┆----------------------------------------
462┆ rm -fr $tmp_ld $_tmpbakdir
⋮┆----------------------------------------
466┆ cd $dest_dir
⋮┆----------------------------------------
468┆ eval $(__rootpath) $INSTALLER install $limited_postinstall >$instlog.tmp 2>&1 || ret=$?
⋮┆----------------------------------------
469┆ fsynced_write_or_cleanup $instlog.tmp $instlog
⋮┆----------------------------------------
471┆ cd $oldpwd
⋮┆----------------------------------------
475┆ __logfile2error $instlog
⋮┆----------------------------------------
476┆ [ $CLEANUP -eq 0 ] || rm -fr $dest_dir
⋮┆----------------------------------------
484┆ __read_runstate $dest_dir/conf/runstate.conf _started
⋮┆----------------------------------------
486┆ __set_runstate start $APPNAME $STARTMODE ||
⋮┆----------------------------------------
504┆ __install_eap_file $eap_file reload_web
⋮┆----------------------------------------
507┆ [ "$result_code" -eq 0 ] || exit $result_code
⋮┆----------------------------------------
511┆ echo $APPNAME
⋮┆----------------------------------------
534┆ resstr=$(cp $keyfile $packdir/$LICFILENAME 2>&1) || {
⋮┆----------------------------------------
566┆ ... echo $licensekey | sed -rn
's/.*<ApplicationID>([[:digit:]]*)<\/ApplicationID>.*<MinimumMajorVersion>([-[:digit:]]*)<\/MinimumMajorVersion>.*<Min
imumMinorVersio ...
[shortened a long line from output, adjust with --max-chars-per-line]
⋮┆----------------------------------------
572┆ eval $expression || :
⋮┆----------------------------------------
615┆ serialnumber=$($PHC get \
616┆ properties.system.serialnumber -
RAW |
⋮┆----------------------------------------
618┆ deviceid=$(echo $deviceid |tr '[:lower:]' '[:upper:]')
⋮┆----------------------------------------
625┆ date -d $expirationdate -D%F +%s)
⋮┆----------------------------------------
651┆ __validate_license_key $keyfile
⋮┆----------------------------------------
653┆ [ $result_code -eq 0 ] || exit $result_code
⋮┆----------------------------------------
655┆ __install_license_key $pack $keyfile
⋮┆----------------------------------------
657┆ [ $result_code -eq 0 ] || exit $result_code
⋮┆----------------------------------------
675┆ resstr=$(rm $1 2>&1) || {
⋮┆----------------------------------------
688┆ __error 10 $pack
⋮┆----------------------------------------
697┆ __error 24 $pack
⋮┆----------------------------------------
701┆ __error 24 $pack
⋮┆----------------------------------------
705┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
706┆ __error 24 $pack
⋮┆----------------------------------------
708┆ tmp_file=$(file_upload -S $CONTENT_LENGTH -n 204800 \
709┆ --allowed-realms=$realms --allowed-dirs=$dirs 2>&1) ||
ret=$?
⋮┆----------------------------------------
712┆ __error 22 $pack
⋮┆----------------------------------------
716┆ __error 22 $pack
⋮┆----------------------------------------
719┆ rm -f $uploadfile
⋮┆----------------------------------------
722┆ __error 22 $pack
⋮┆----------------------------------------
726┆ error cannot mv $tmp_file $uploadfile
⋮┆----------------------------------------
727┆ __error 22 $pack
⋮┆----------------------------------------
729┆ chmod 644 $uploadfile || {
⋮┆----------------------------------------
731┆ __error 22 $pack
⋮┆----------------------------------------
735┆ __validate_license_key $uploadfile
⋮┆----------------------------------------
738┆ [ $result_code -ne 21 ] || rm -f $uploadfile
⋮┆----------------------------------------
739┆ __error "$result_code" $pack
⋮┆----------------------------------------
758┆ pid=$(__lua_application_is_running $xmlfile)
⋮┆----------------------------------------
760┆ pid=$(pidof $APPNAME) || :
⋮┆----------------------------------------
763┆ __set_runstate stop $APPNAME $STARTMODE || {
⋮┆----------------------------------------
767┆ cd $packdir
⋮┆----------------------------------------
768┆ eval $(__rootpath) $INSTALLER uninstall >/dev/null || {
⋮┆----------------------------------------
777┆ rm -f $APACHE_VHOSTS_ALL/urls_$APPNAME.conf
⋮┆----------------------------------------
778┆ rm -f $APACHE_VHOSTS_ALL/urls_$APPNAME.conf.tmp
⋮┆----------------------------------------
799┆ resstring=$(rm $packdir/$LICFILENAME 2>&1) || {
⋮┆----------------------------------------
826┆ cat $packdir/$LICFILENAME
⋮┆----------------------------------------
882┆ pid=$(__lua_application_is_running $xmlfile)
⋮┆----------------------------------------
884┆ pid=$(pidof $APPNAME) || :
⋮┆----------------------------------------
924┆ if eval $(__rootpath) start-package-allowed.sh $packdir/$APPNAME $APPTYPE >/dev/null; then
⋮┆----------------------------------------
925┆ __set_runstate start $APPNAME $STARTMODE ||
⋮┆----------------------------------------
943┆ __set_runstate stop $APPNAME $STARTMODE || :
⋮┆----------------------------------------
945┆ pid=$(__lua_application_is_running $xmlfile)
⋮┆----------------------------------------
947┆ pid=$(pidof $APPNAME) || :
⋮┆----------------------------------------
964┆ [ $err -eq 0 ] || exit $err
⋮┆----------------------------------------
983┆ __error 29 $pack
⋮┆----------------------------------------
987┆ __error 29 $pack
⋮┆----------------------------------------
991┆ __error 29 $pack
⋮┆----------------------------------------
1010┆ __error 27 $pack
⋮┆----------------------------------------
1013┆ response_code=$(echo $response |
⋮┆----------------------------------------
1019┆ __error 28 $pack
⋮┆----------------------------------------
1022┆ mkdir -p $LICDIR || {
⋮┆----------------------------------------
1024┆ __error 22 $pack
⋮┆----------------------------------------
1026┆ chmod 700 $LICDIR || {
⋮┆----------------------------------------
1028┆ __error 22 $pack
⋮┆----------------------------------------
1031┆ if ! touch $LICFILEPATH >/dev/null; then
⋮┆----------------------------------------
1033┆ __error 28 $pack
⋮┆----------------------------------------
1038┆ rm -f $LICFILEPATH.data $LICFILEPATH.raw
⋮┆----------------------------------------
1040┆ [ -z "$within_xml" ] || echo $line >>$LICFILEPATH
⋮┆----------------------------------------
1041┆ echo $line >>$LICFILEPATH.raw
⋮┆----------------------------------------
1042┆ echo $line >>$LICFILEPATH.data
⋮┆----------------------------------------
1044┆ echo $line >$LICFILEPATH
⋮┆----------------------------------------
1056┆ content=$(cat $LICFILEPATH.data || :)
⋮┆----------------------------------------
1059┆ __error 28 $pack
⋮┆----------------------------------------
1071┆ __error $err $pack
⋮┆----------------------------------------
1074┆ chmod 644 $LICFILEPATH || {
⋮┆----------------------------------------
1076┆ __error 28 $pack
⋮┆----------------------------------------
1079┆ __install_license_key $pack $LICFILEPATH
⋮┆----------------------------------------
1081┆ rm -f $LICFILEPATH
⋮┆----------------------------------------
1082┆ [ $result_code -eq 0 ] || __error "$result_code" $pack
⋮┆----------------------------------------
1084┆ __send_action_resp $action "" $pack
⋮┆----------------------------------------
1140┆ dbus_resp=$($DBUS_REQ_GET_APP_STATUS string:$PACKAGE_DIRECTORY/${APPNAME%.*}/$APPNAME 2>/dev/null)
⋮┆----------------------------------------
1161┆ eval $1=\$app_status
⋮┆----------------------------------------
1180┆ exit $res
⋮┆----------------------------------------
1191┆ licstatus=$(licensekey_cli -a $APPNAME -i $APPID -m $APPMAJORVERSION -n $APPMINORVERSION) || {
⋮┆----------------------------------------
1208┆ eval $2=\$licstatus
⋮┆----------------------------------------
1209┆ eval $3=\$licdate
⋮┆----------------------------------------
1219┆ __licinfo_from_file $license_file lic_status lic_date || return 1
⋮┆----------------------------------------
1223┆ lic_status=$($PACKAGE_DIRECTORY/$APPNAME/$APPNAME $LICENSE_CHECK_ARGS)
⋮┆----------------------------------------
1233┆ __licinfo_from_file $license_file lic_status lic_date || return 1
⋮┆----------------------------------------
1237┆ eval $2=\$lic_status
⋮┆----------------------------------------
1238┆ eval $3=\$lic_date
⋮┆----------------------------------------
1257┆ eval $2=\$lic_name
⋮┆----------------------------------------
1274┆ eval $3=\$url
⋮┆----------------------------------------
1282┆ eval $2=""
⋮┆----------------------------------------
1286┆ eval $2=\$link
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
179┆ local file=$1 enb=no var= val= IFS==
⋮┆----------------------------------------
557┆ IFS=
⋮┆----------------------------------------
561┆ IFS=$old_IFS
⋮┆----------------------------------------
994┆ IFS="&"
⋮┆----------------------------------------
1004┆ IFS=$old_IFS
⋮┆----------------------------------------
1036┆
IFS="
1037┆ "
⋮┆----------------------------------------
1053┆ IFS=$old_IFS
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/lib/funct
ions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
257┆ eval tmpvar__=$(echo \$$n__) || :
⋮┆----------------------------------------
260┆ eval outvar__=$(echo \$$(($n__ + $nof_params__)))
⋮┆----------------------------------------
260┆ eval outvar__=$(echo \$$(($n__ + $nof_params__)))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
25┆ [ -z "$3" ] || printf "Content-Length: %d\r\n" $3
⋮┆----------------------------------------
117┆ eval $ret__=\$mess__
⋮┆----------------------------------------
126┆ printf "Status: %d %s\r\n" $1 "$2"
⋮┆----------------------------------------
127┆ __cgi_hdgen yes $3
⋮┆----------------------------------------
128┆ [ $1 -lt 400 ] || printf "%d %s\r\n\r\n" $1 "$2"
⋮┆----------------------------------------
147┆ __cgi_errcode ctmess__ $code__
⋮┆----------------------------------------
149┆ __cgi_content $code__ "$ctmess__" $c_type__ $*
⋮┆----------------------------------------
158┆ __cgi_errcode hdmess__ $code__
⋮┆----------------------------------------
160┆ __cgi_content $code__ "$hdmess__" text/plain $*
⋮┆----------------------------------------
181┆ . $1
⋮┆----------------------------------------
230┆ return $reterr__
⋮┆----------------------------------------
252┆ set -- $*
⋮┆----------------------------------------
257┆ eval tmpvar__=$(echo \$$n__) || :
⋮┆----------------------------------------
260┆ eval outvar__=$(echo \$$(($n__ + $nof_params__)))
⋮┆----------------------------------------
263┆ n__=$(($n__ + 1))
⋮┆----------------------------------------
267┆ printf "%s" $outvar__
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
206┆ local inparam__=$1 IFS='&' param__
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/lib/limit
ed_access.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
20┆ for _line in $(tar -Oxf $1 $PKG_CONF_FILE); do
⋮┆----------------------------------------
36┆ __pkgconf_value $1 APPUSR _user
⋮┆----------------------------------------
37┆ __pkgconf_value $1 APPGRP _group
⋮┆----------------------------------------
50┆ command -v $CHECKSUM_CMD >/dev/null 2>&1 || {
⋮┆----------------------------------------
63┆ _checksum=$($CHECKSUM_CMD "$_eap_path" || :)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
18┆ local
IFS='
19┆ '
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/lib/syste
mlog.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
29┆ max_num_files=$(sed -rn 's/^[[:blank:]]rotate[[:blank:]]+//p' \
30┆ $logrotate_file)
||
⋮┆----------------------------------------
38┆ max_num_files=$(($max_num_files + 1))
⋮┆----------------------------------------
40┆ [ "$lf_title__" != yes ] || __title $lf_title__ "System log"
⋮┆----------------------------------------
58┆ eval $cmd__ $logf__ ||
⋮┆----------------------------------------
65┆ [ "$lf_title__" != yes ] || __title $lf_title__ $3
⋮┆----------------------------------------
70┆ eval $cmd__ $3 || echo "$sn Failed to read file $3"
⋮┆----------------------------------------
94┆ __title $lf_title__ "Contents of $3 for '$appname__'"
⋮┆----------------------------------------
96┆ if __is_lua_application $appname__; then
⋮┆----------------------------------------
97┆ __do_show_logfile $* | grep
"monolith\[[0-9]\+\]:[[:blank:]]\+$appname__:\|[[:blank:]]\+$appname__\[[0-9]\+"
⋮┆----------------------------------------
99┆ __do_show_logfile $* | grep "[[:blank:]]\+$appname__\[[0-9]\+"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/virtualin
put/virtual_input_common.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
26┆ logger -s -t${0##*/} -perr -- $*
⋮┆----------------------------------------
62┆ xml_error_resp $1 "$2"
⋮┆----------------------------------------
130┆ state_changed=$(gdbus call -y -d $DBUS_DEST -o $DBUS_OBJ$1 -m $2) ||
⋮┆----------------------------------------
145┆ success_reply $method $state_changed
⋮┆----------------------------------------
165┆ eval $1=\$port
⋮┆----------------------------------------
183┆ eval $1=\$version
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/bin/devtools.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ logger -t $TAG -p INFO "$1"
⋮┆----------------------------------------
24┆ cat $PACKAGE_DIRECTORY/$1/$LICENSEFILE 2>/dev/null || echo -n "none"
⋮┆----------------------------------------
39┆ echo $st_resp
⋮┆----------------------------------------
46┆ cd $PACKAGE_DIRECTORY
⋮┆----------------------------------------
87┆ cd $PACKAGE_DIRECTORY
⋮┆----------------------------------------
108┆ LICENSEPAGE=$(echo $LICENSEPAGE |tr '[:upper:]' '[:lower:]')
⋮┆----------------------------------------
160┆ eval val=\$$2
⋮┆----------------------------------------
161┆ echo $val
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/conf-migrate/upgrad
e-run.d/openssh_permitrootlogin.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
11┆ ! grep -iq "^[[:blank:]]*$kw_pr[[:blank:]]" $sshd_config || kw_pr=
⋮┆----------------------------------------
12┆ ! grep -iq "^[[:blank:]]*$kw_au[[:blank:]]" $sshd_config || kw_au=
⋮┆----------------------------------------
16┆ rm -f $tmp
⋮┆----------------------------------------
17┆ cp $sshd_config $tmp || error "Failed to create temporary file '$tmp'"
⋮┆----------------------------------------
23┆ fsynced_write_or_cleanup $tmp $sshd_config
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/fsupgrade/pre-upgra
de.d/mediaclip_backup.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
20┆ [ -d $tmp_audioclips_dir ] || mkdir $tmp_audioclips_dir ||
⋮┆----------------------------------------
24┆ cp -p $audioclips_dir/* $tmp_audioclips_dir ||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/cmpver
sions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
35┆ _validate_vers $2 ||
⋮┆----------------------------------------
39┆ set -- $2
⋮┆----------------------------------------
40┆ eval $result=$#
⋮┆----------------------------------------
51┆ set -- $version
⋮┆----------------------------------------
54┆ eval tmp=\$$i
⋮┆----------------------------------------
56┆ eval $array$i=\$$i
⋮┆----------------------------------------
58┆ eval $array$i=0
⋮┆----------------------------------------
60┆ i=$(($i + 1))
⋮┆----------------------------------------
71┆ eval $arg=\${$arg#\\\"}
⋮┆----------------------------------------
72┆ eval $arg=\${$arg%\\\"}
⋮┆----------------------------------------
90┆ _validate_op $op || error "compare_vers: invalid operator '$op'"
⋮┆----------------------------------------
92┆ _nof_args nbr_count1 $version1 ||
⋮┆----------------------------------------
94┆ _nof_args nbr_count2 $version2 ||
⋮┆----------------------------------------
100┆ _split_vers v1_nbr_ $version1 $nbr
⋮┆----------------------------------------
101┆ _split_vers v2_nbr_ $version2 $nbr
⋮┆----------------------------------------
104┆ eval number1=\$v1_nbr_$i
⋮┆----------------------------------------
105┆ eval number2=\$v2_nbr_$i
⋮┆----------------------------------------
152┆ i=$(($i + 1))
⋮┆----------------------------------------
154┆ return $res
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
38┆ IFS=.
⋮┆----------------------------------------
49┆ local IFS=. array=$1 version=$2 i=1 nbr=$3 tmp
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/error.
sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
36┆ _message $SD_WARNING "!" "$*"
⋮┆----------------------------------------
43┆ _message $SD_ERR "!!!" "$*"
⋮┆----------------------------------------
51┆ _message $SD_INFO "+" "$*"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/files.
sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
28┆ if fsync $1; then
⋮┆----------------------------------------
29┆ if mv -f $1 $2; then
⋮┆----------------------------------------
30┆ if ! fsync ${2%/*}; then
⋮┆----------------------------------------
49┆ [ -z "$1" ] || rm -f $1 || error "$_f: $error_msg. Unable to remove '$1'"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/fsupgr
ade-functions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
7┆ printf "%s: %s!\n" $TAG "$*" >&2
⋮┆----------------------------------------
23┆ command which $1 >/dev/null 2>&1
⋮┆----------------------------------------
57┆ if umount $1; then
⋮┆----------------------------------------
76┆ [ -d $1 ] || mkdir -p $1 ||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/macadd
ress-read.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ validate_varname $1 || error "$_f: invalid variable name '$1' (arg 1)"
⋮┆----------------------------------------
21┆ eval $1=\$mac_def
⋮┆----------------------------------------
23┆ validate_varname $2 ||
⋮┆----------------------------------------
25┆ eval $2=\$mac_def
⋮┆----------------------------------------
31┆ [ ! -r $conf ] || . $conf || error "Failed to source '$conf'"
⋮┆----------------------------------------
33┆ [ -z "${MAC:-}" ] || mac_res=$(echo $MAC | tr a-f A-F)
⋮┆----------------------------------------
41┆ mac_res=$(echo $serno | tr a-f A-F |
⋮┆----------------------------------------
53┆ eval $1=\$mac_res
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/module
.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
34┆ modprobe -r $1 || error "Failed to unload '$1'"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/string
.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
162┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
57┆ i=$(($i + 1))
⋮┆----------------------------------------
64┆ eval $1=\$lastc
⋮┆----------------------------------------
89┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
131┆ eval $1=\$__prefix
⋮┆----------------------------------------
132┆ eval $2=\$__suffix
⋮┆----------------------------------------
162┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
171┆ eval $1=\$_prefix\$_suffix
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/system
d-generator.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
11┆ rm -f $_SERVICEDIR/$2.wants/$1
⋮┆----------------------------------------
21┆ mkdir -p $d || error "$_f: failed to create directory '$d'"
⋮┆----------------------------------------
22┆ ln -sf /lib/systemd/system/$1 $d/$1
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/system
d.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
7┆ eval $(systemctl show -p $v || :)
⋮┆----------------------------------------
14┆ eval $(systemctl show -p $v || :)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
7┆ eval $(systemctl show -p $v || :)
⋮┆----------------------------------------
14┆ eval $(systemctl show -p $v || :)
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/rcscripts/sh/times.
sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
47┆ eval $_r=$(dc <<-EOF
48┆
$_m
49┆
60
50┆
*
51┆
$_s
52┆
+
53┆
$_t
54┆
+
55┆
p
56┆
EOF
[hid 1 additional lines, adjust with --max-lines-per-finding]
204┆ eval $_r=$(dc <<-EOF
205┆
$_uptime_now
206┆
$2
207┆
-
208┆
p
209┆
EOF
210┆
)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
67┆ eval $1=0$2
⋮┆----------------------------------------
70┆ eval $1=$2
⋮┆----------------------------------------
80┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
125┆ tmp_f=$(mktemp $fs_mp/$$.XXXXXX) || {
⋮┆----------------------------------------
137┆ _dc_times_calc t $t $u || break
⋮┆----------------------------------------
138┆ _dc_times_calc t $t $s || break
⋮┆----------------------------------------
140┆ rm -f $tmp_f
⋮┆----------------------------------------
142┆ zeropad_real t $t
⋮┆----------------------------------------
143┆ eval $_r=$t
⋮┆----------------------------------------
152┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
169┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
20┆ IFS=ms
⋮┆----------------------------------------
22┆ IFS=$sIFS
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/libexec/image2d_shutter
.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
20┆ gdbus call -y -d $VIDEO_DESTINATION -o $VIDEO_OBJECT_PATH -m $METHOD.Get $VIDEO_INTERFACE $VIDEO_TYPE
2>/dev/null && exit 0 || :
⋮┆----------------------------------------
41┆ value=$(gdbus call -y -d $DESTINATION -o $OBJECT_PATH/$channel/$STREAM_ID -m $METHOD.Get $INTERFACE
$param 2>&1) || {
⋮┆----------------------------------------
54┆ value=${value%>*}
55┆ echo $value
⋮┆----------------------------------------
65┆ ret=$(gdbus call -y -d $DESTINATION -o $OBJECT_PATH/$channel/$STREAM_ID -m $METHOD.Set $INTERFACE
MaxExposureTime "<$value>")
⋮┆----------------------------------------
70┆ max_exposure_time=$(get_property MaxExposureTime $channel) && [ "$max_exposure_time" ] ||
⋮┆----------------------------------------
72┆ max_slow_shutter=$(get_property MaxSlowShutter $channel) && [ "$max_slow_shutter" ] ||
⋮┆----------------------------------------
74┆ max_fps=$(get_property SensorMaxFramerate $channel) && [ "$max_fps" ] ||
⋮┆----------------------------------------
85┆ set_max_exposure_time $max_exposure_time $channel 2>&1 || {
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/libexec/sshdgenkeys.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
10┆ rm -f $t*
⋮┆----------------------------------------
11┆ ssh-keygen -q -t rsa -f $t -N '' -b 2048 || error "$0: key generation failed"
⋮┆----------------------------------------
13┆ fsynced_write_or_cleanup $f $1${f#$t}
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/anonymousview.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
8┆ logger -perr -t${0##*/} -- $*
⋮┆----------------------------------------
14┆ . $cf || croak "Failed to source '$cf'"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/api_setup_init.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
12┆ fsynced_write_or_cleanup $markerfile.tmp $markerfile ||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/application_report
.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
21┆ . $dir/$conffile
⋮┆----------------------------------------
24┆ printf "State: %s\n" $appstatus
⋮┆----------------------------------------
30┆ printf "Copy protection state: %s\n" $licstatus
⋮┆----------------------------------------
36┆ printf "\n%s/%s:\n" $dir $conffile
⋮┆----------------------------------------
41┆ printf "\n%s/%s:\n" $dir $cgiconf
⋮┆----------------------------------------
46┆ printf "\n%s/%s:\n" $dir $HTTPCGIPATHS
⋮┆----------------------------------------
50┆ printf "\n%s/%s:\n" $dir $licfile
⋮┆----------------------------------------
54┆ printf "error: Failed to read $conffile in %s\n" $dir
⋮┆----------------------------------------
66┆ output_info $appdir
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/coredump.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
26┆ ( tee /dev/fd/3 | /usr/sbin/coredump-handler $cmdlineargs ) 3>&1 | lzop>"$diskdumpfile.lzo"
⋮┆----------------------------------------
28┆ exec /usr/sbin/coredump-handler $cmdlineargs
⋮┆----------------------------------------
46┆ [ -d $extpath/$dumpsdir ] || mkdir $extpath/$dumpsdir || :
⋮┆----------------------------------------
54┆ [ ! -d $tmppath ] || [ -d $tmppath/$dumpsdir ] || mkdir $tmppath/$dumpsdir || :
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/fan_available.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
15┆ nbr_of_fans=$($DBUS_CALL) || croak "Failed to get nbr of fans"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/gen_serverreport.s
h
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
789┆ ! systemctl is-enabled $(echo $mcu | tr A-Z a-z).service >/dev/null 2>&1 ||
⋮┆----------------------------------------
791┆ title $(mcu_accessory_status.sh $mcu title)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
8┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
29┆ eval $1=\$dirty_var
⋮┆----------------------------------------
40┆ eval $1=\$dirty_var
⋮┆----------------------------------------
50┆ dirty_var=${dirty_var%>*)}
51┆ eval $1=\$dirty_var
⋮┆----------------------------------------
72┆ title $1
⋮┆----------------------------------------
74┆ if dir_empty $2; then
⋮┆----------------------------------------
79┆ for f in $(find $2 -type f); do
⋮┆----------------------------------------
80┆ echo $f
⋮┆----------------------------------------
83┆ sed -e 's/>/>\n/g' $f
⋮┆----------------------------------------
85┆ sed -re '1,2d' -e "$CENSOR_PASSWD_EXPR" $f
⋮┆----------------------------------------
107┆ cat $f
⋮┆----------------------------------------
132┆ title $f
⋮┆----------------------------------------
134┆ cat $f
⋮┆----------------------------------------
140┆ ! command -v $h >/dev/null 2>&1 || {
⋮┆----------------------------------------
142┆ $h -i BoardID ProductionDate 2>&1 || :
⋮┆----------------------------------------
162┆ x=$($gdbus_cmd UsageTime | sed -E "s/$REGEX_PROPERTY_NUMBER/\1/") &&
⋮┆----------------------------------------
164┆ x=$($gdbus_cmd BootCount | sed -E "s/$REGEX_PROPERTY_NUMBER/\1/") &&
⋮┆----------------------------------------
166┆ x=$($gdbus_cmd RebootCount | sed -E "s/$REGEX_PROPERTY_NUMBER/\1/") &&
⋮┆----------------------------------------
204┆ echo "System-Peak: "$system
⋮┆----------------------------------------
205┆ echo "Services-Peak: "$services
⋮┆----------------------------------------
206┆ echo "Addons-Peak: "$addons
⋮┆----------------------------------------
207┆ echo "Acaps-Peak: "$acap
⋮┆----------------------------------------
224┆ [ ! -r $1/device/$var ] || read $var <$1/device/$var
⋮┆----------------------------------------
227┆ printf "name: %6s date: %s\n" ${name:-NA} ${date:-NA}
⋮┆----------------------------------------
228┆ printf "type: %6s manfid: %s\n" ${type:-NA} ${manfid:-NA}
⋮┆----------------------------------------
229┆ printf "oemid: %6s serial: %s\n" ${oemid:-NA} ${serial:-NA}
⋮┆----------------------------------------
230┆ printf "fwrev: %6s hwrev: %s\n" ${fwrev:-NA} ${hwrev:-NA}
⋮┆----------------------------------------
231┆ printf "cid: %s\n" ${cid:-NA}
⋮┆----------------------------------------
232┆ printf "csd: %s\n" ${csd:-NA}
⋮┆----------------------------------------
233┆ printf "scr: %s\n" ${scr:-NA}
⋮┆----------------------------------------
247┆ print_card_info $sd_base$i
⋮┆----------------------------------------
249┆ i=$(($i + 1))
⋮┆----------------------------------------
254┆ print_card_info $sd_base$i
⋮┆----------------------------------------
256┆ i=$(($i + 1))
⋮┆----------------------------------------
270┆ cat $lf || echo "Warning: Failed to read $lf"
⋮┆----------------------------------------
278┆ sort $psln*
⋮┆----------------------------------------
287┆ $secklog 2>&1 || :
⋮┆----------------------------------------
293┆ date -r $pstoreconsole
⋮┆----------------------------------------
294┆ cat $pstoreconsole
⋮┆----------------------------------------
300┆ date -r $ramoops
⋮┆----------------------------------------
301┆ cat $ramoops
⋮┆----------------------------------------
316┆ cat $f 2>&1 || :
⋮┆----------------------------------------
324┆ [ ! -r $f ] || sed -re "s/^(Password=).*/\1*****/" $f
⋮┆----------------------------------------
372┆ echo $num_of_clients
⋮┆----------------------------------------
379┆ busctl call --json=pretty $1 $2 \
380┆ org.freedesktop.DBus.ObjectManager
GetManagedObjects |
⋮┆----------------------------------------
395┆ cat $onvif_media_conf || :
⋮┆----------------------------------------
413┆ title Settings for $1
⋮┆----------------------------------------
414┆ $ETHTOOL_CMD $1 2>&1 || :
⋮┆----------------------------------------
417┆ $ETHTOOL_CMD -i $1 2>&1 || :
⋮┆----------------------------------------
420┆ $ETHTOOL_CMD -S $1 2>&1 || :
⋮┆----------------------------------------
424┆ if reg_dump=$(gdbus call -y -d com.axis.PolicyKitSystem -o /com/axis/PolicyKitSystem -m
com.axis.PolicyKitSystem.ExecuteEthtool d $1 2>&1); then
⋮┆----------------------------------------
434┆ print_interface_info $i
⋮┆----------------------------------------
449┆ $show_addr_cmd
⋮┆----------------------------------------
452┆ $show_route_cmd
⋮┆----------------------------------------
461┆ $show_route6_cmd
⋮┆----------------------------------------
464┆ $show_maddr_cmd
⋮┆----------------------------------------
491┆ dev_list=$(gdbus call $dbus_net -m com.axis.Net1.GetDevices 2>/dev/null || :)
⋮┆----------------------------------------
520┆ intro=$(gdbus introspect $dbus_net/Device/${dev%%\'*} 2>/dev/null || :)
⋮┆----------------------------------------
541┆ if [ -x $ip_cmd ] && ip_msg=$($ip_cmd -s link show $iface 2>&1); then
⋮┆----------------------------------------
544┆ title iw $iface link
⋮┆----------------------------------------
545┆ $iw_cmd $iface link 2>&1 || :
⋮┆----------------------------------------
547┆ title iw $iface scan
⋮┆----------------------------------------
551┆ gdbus_response=$(gdbus call -y -d com.axis.PolicyKitSystem -o /com/axis/PolicyKitSystem -m
com.axis.PolicyKitSystem.ExecuteIw $iface scan 2>&1)
⋮┆----------------------------------------
577┆ dev_list=$(gdbus call $dbus_net -m com.axis.Net1.GetDevices 2>/dev/null || :)
⋮┆----------------------------------------
606┆ intro=$(gdbus introspect $dbus_net/Device/${dev%%\'*} 2>/dev/null || :)
⋮┆----------------------------------------
628┆ $iw_cmd list || :
⋮┆----------------------------------------
629┆ $iw_cmd dev $iface info || :
⋮┆----------------------------------------
636┆ ! exists $poe_script || $poe_script 2>&1 || :
⋮┆----------------------------------------
636┆ ! exists $poe_script || $poe_script 2>&1 || :
⋮┆----------------------------------------
662┆ blk_devices=$(echo $blk_pattern)
⋮┆----------------------------------------
665┆ ls -l $blk_devices || :
⋮┆----------------------------------------
671┆ title Disk status $dev
⋮┆----------------------------------------
674┆ if smart_status=$(gdbus call -y -d com.axis.PolicyKitSystem -o /com/axis/PolicyKitSystem -m
com.axis.PolicyKitSystem.ExecuteSmartctl all $dev 2>&1); then
⋮┆----------------------------------------
691┆ ! command -v $cmd >/dev/null || $cmd || :
⋮┆----------------------------------------
691┆ ! command -v $cmd >/dev/null || $cmd || :
⋮┆----------------------------------------
701┆ nbr_temp_sensors=$($gdbus_call $temp_ctrl_dbus_interface.GetNbrOfTemperatureSensors 2>&1) &&
⋮┆----------------------------------------
707┆ nbr_humidity_sensors=$($gdbus_call $temp_ctrl_dbus_interface.GetNbrOfHumiditySensors 2>&1) &&
⋮┆----------------------------------------
713┆ nbr_fans=$($gdbus_call $temp_ctrl_dbus_interface.GetNbrOfFans 2>&1) &&
⋮┆----------------------------------------
719┆ nbr_heaters=$($gdbus_call $temp_ctrl_dbus_interface.GetNbrOfHeaters 2>&1) &&
⋮┆----------------------------------------
782┆ cat $ptr_state 2>&1 || echo "Failed to print "
⋮┆----------------------------------------
789┆ ! systemctl is-enabled $(echo $mcu | tr A-Z a-z).service >/dev/null 2>&1 ||
⋮┆----------------------------------------
791┆ title $(mcu_accessory_status.sh $mcu title)
⋮┆----------------------------------------
792┆ mcu_accessory_status.sh $mcu status
⋮┆----------------------------------------
818┆ output_aeconf "User defined action templates (user)" $d/actiontemplates
⋮┆----------------------------------------
819┆ output_aeconf "User defined recipient templates (user)" $d/recipienttemplates
⋮┆----------------------------------------
820┆ output_aeconf "Action rules (user)" $d/rules
⋮┆----------------------------------------
821┆ output_aeconf "Action configurations (user)" $d/configurations
⋮┆----------------------------------------
822┆ output_aeconf "Recipients (user)" $d/recipients
⋮┆----------------------------------------
825┆ output_aeconf "User defined action templates (legacy)" $d/actiontemplates
⋮┆----------------------------------------
826┆ output_aeconf "User defined recipient templates (legacy)" $d/recipienttemplates
⋮┆----------------------------------------
827┆ output_aeconf "Action rules (legacy)" $d/rules
⋮┆----------------------------------------
828┆ output_aeconf "Action configurations (legacy)" $d/configurations
⋮┆----------------------------------------
829┆ output_aeconf "Recipients (legacy)" $d/recipients
⋮┆----------------------------------------
832┆ if dir_empty $d; then
⋮┆----------------------------------------
836┆ for f in $(find $d -type f); do
⋮┆----------------------------------------
837┆ echo $f
⋮┆----------------------------------------
838┆ sed '/^$/d' $f
⋮┆----------------------------------------
843┆ [ ! -x $ssr ] || $ssr 2>&1 || :
⋮┆----------------------------------------
846┆ [ ! -x $rsr ] || $rsr 2>&1 || :
⋮┆----------------------------------------
857┆ cat $titan_fw_v 2>/dev/null ||
⋮┆----------------------------------------
863┆ ! exists $psr || $psr || :
⋮┆----------------------------------------
863┆ ! exists $psr || $psr || :
⋮┆----------------------------------------
867┆ [ ! -f $eva_conf ] || cat $eva_conf 2>/dev/null ||
⋮┆----------------------------------------
871┆ if ls $analytic_conf >/dev/null 2>& then
⋮┆----------------------------------------
874┆ cat $file 2>/dev/null || echo "Failed to read $file."
⋮┆----------------------------------------
878┆ if ls $analytic_conf >/dev/null 2>& then
⋮┆----------------------------------------
881┆ cat $file 2>/dev/null || echo "Failed to read $file."
⋮┆----------------------------------------
885┆ if ls $analytic_conf >/dev/null 2>& then
⋮┆----------------------------------------
888┆ cat $file 2>/dev/null || echo "Failed to read $file."
⋮┆----------------------------------------
892┆ if ls $analytic_conf >/dev/null 2>& then
⋮┆----------------------------------------
895┆ cat $file 2>/dev/null || echo "Failed to read $file."
⋮┆----------------------------------------
901┆ sed -re '/^([^=]+=[[:blank:]]*$|(id|camera)[[:blank:]]*=)/d' $rectour_conf |
⋮┆----------------------------------------
908┆ $shi_bin -report || echo "Unable to fetch information."
⋮┆----------------------------------------
912┆ ! exists $ptz_counter_script || $ptz_counter_script || :
⋮┆----------------------------------------
912┆ ! exists $ptz_counter_script || $ptz_counter_script || :
⋮┆----------------------------------------
915┆ ! exists $wiper_counter_script || $wiper_counter_script || :
⋮┆----------------------------------------
915┆ ! exists $wiper_counter_script || $wiper_counter_script || :
⋮┆----------------------------------------
922┆ image_sources=$(grep ^$nois_prefix $lef_file 2>/dev/null) || {
⋮┆----------------------------------------
939┆ [ ! -f $mzd_conf ] || cat $mzd_conf 2>/dev/null ||
⋮┆----------------------------------------
941┆ i=$(($i + 1))
⋮┆----------------------------------------
956┆ echo $f
⋮┆----------------------------------------
958┆ cat $f
⋮┆----------------------------------------
978┆ title $2
⋮┆----------------------------------------
984┆ echo $file_name
⋮┆----------------------------------------
985┆ cat $file 2>/dev/null || echo Failed to read $file.
⋮┆----------------------------------------
985┆ cat $file 2>/dev/null || echo Failed to read $file.
⋮┆----------------------------------------
1000┆ ! exists $radar_conf_script || $radar_conf_script || :
⋮┆----------------------------------------
1000┆ ! exists $radar_conf_script || $radar_conf_script || :
⋮┆----------------------------------------
1005┆ cat $regionalsettings_conf || :
⋮┆----------------------------------------
1011┆ cat $lensselection_conf || :
⋮┆----------------------------------------
1019┆ cat $remoteptz_conf || :
⋮┆----------------------------------------
1027┆ gpio_value=$(cat $gpio_audioring_detected)
⋮┆----------------------------------------
1039┆ cat $audioring_status
⋮┆----------------------------------------
1042┆ cat $dad_conf || :
⋮┆----------------------------------------
1046┆ ! exists $sipd_report_cmd || $sipd_report_cmd || :
⋮┆----------------------------------------
1046┆ ! exists $sipd_report_cmd || $sipd_report_cmd || :
⋮┆----------------------------------------
1055┆ ! exists /usr/sbin/$script || /usr/sbin/$script || :
⋮┆----------------------------------------
1055┆ ! exists /usr/sbin/$script || /usr/sbin/$script || :
⋮┆----------------------------------------
1061┆ hexdump -ve '/4 "0x%08x "' $nvmem || :
⋮┆----------------------------------------
1080┆ cat $1
⋮┆----------------------------------------
1089┆ print_file $f
⋮┆----------------------------------------
1092┆ print_file $f
⋮┆----------------------------------------
1097┆ [ -L $f ] || [ ! -f $f ] || [ ! -r $f ] || [ ! -x $f ] || $f || :
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
333┆
IFS="
334┆ "
⋮┆----------------------------------------
353┆ IFS=$restoreIFS
⋮┆----------------------------------------
668┆ IFS=" "
⋮┆----------------------------------------
682┆ IFS=$ifs_bak
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/heater_available.s
h
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
15┆ nbr_of_heaters=$($DBUS_CALL) || croak "Failed to get nbr of heaters"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/install-package.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
78┆ GROUPNAME=$(r=${APPNAME#?};f=${APPNAME%$r};echo $(echo $f | tr [:lower:] [:upper:])$r)
⋮┆----------------------------------------
381┆ cgi_path_dir=$INSTALLDIR/$DIRNAME/html/$(dirname $cgi_path) ||
⋮┆----------------------------------------
477┆ gdbus call -y -d com.axis.PolicyKitCert \
478┆ -o
/com/axis/PolicyKitCert \
479┆ -m
com.axis.PolicyKitCert.CertSetCreate \
480┆ "$CERTSETNAME" "$APPNAME"
"$CERTSETACTOR" \
481┆ "$CERTSETPROTOCOL" $(id -u $APPUSR)
||
⋮┆----------------------------------------
672┆ url_dir=$ACAP_DOC_ROOT/$acap_name/$(basename $subdir)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
51┆ . ./$ADPPACKCFG || {
⋮┆----------------------------------------
64┆ XMLCONFFILE=$INSTALLDIR/$DIRNAME/$APPNAME
⋮┆----------------------------------------
75┆ ABSAPPNAME=$INSTALLDIR/$DIRNAME/$APPNAME
⋮┆----------------------------------------
78┆ GROUPNAME=$(r=${APPNAME#?};f=${APPNAME%$r};echo $(echo $f | tr [:lower:] [:upper:])$r)
⋮┆----------------------------------------
78┆ GROUPNAME=$(r=${APPNAME#?};f=${APPNAME%$r};echo $(echo $f | tr [:lower:] [:upper:])$r)
⋮┆----------------------------------------
201┆ chmod 755 $PKG_ETC_INIT_D_APPNAME.tmp ||
⋮┆----------------------------------------
203┆ fsynced_write_or_cleanup $PKG_ETC_INIT_D_APPNAME.tmp $PKG_ETC_INIT_D_APPNAME
⋮┆----------------------------------------
225┆ chmod 644 $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
227┆ chown root:root $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
229┆ fsynced_write_or_cleanup $ETC_SYSTEMD_APPNAME.tmp $ETC_SYSTEMD_APPNAME
⋮┆----------------------------------------
257┆ chmod 644 $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
259┆ chown root:root $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
261┆ fsynced_write_or_cleanup $ETC_SYSTEMD_APPNAME.tmp $ETC_SYSTEMD_APPNAME
⋮┆----------------------------------------
274┆ rm -f $transfer_link || error "Failed to remove link: $transfer_link"
⋮┆----------------------------------------
290┆ chmod 644 $transfer_conf.tmp
⋮┆----------------------------------------
291┆ chown www:www $transfer_conf.tmp
⋮┆----------------------------------------
293┆ fsynced_write_or_cleanup $transfer_conf.tmp $transfer_conf
⋮┆----------------------------------------
295┆ ln -sf $transfer_conf $transfer_link ||
⋮┆----------------------------------------
297┆ chown -h www:www $transfer_link
⋮┆----------------------------------------
307┆ rm -f $mime_link || error "Failed to remove link: $mime_link"
⋮┆----------------------------------------
314┆ chmod 644 $mime_conf.tmp
⋮┆----------------------------------------
315┆ chown www:www $mime_conf.tmp
⋮┆----------------------------------------
317┆ fsynced_write_or_cleanup $mime_conf.tmp $mime_conf
⋮┆----------------------------------------
319┆ ln -sf $mime_conf $mime_link ||
⋮┆----------------------------------------
321┆ chown -h www:www $mime_link
⋮┆----------------------------------------
331┆ ln -sf $PKG_ETC_INIT_D_APPNAME $ETC_INIT_D_APPNAME ||
⋮┆----------------------------------------
336┆ ln -sfn $INSTALLDIR/$DIRNAME/html $WEB_DIR/$APPNAME ||
⋮┆----------------------------------------
353┆ printf "%s" "$cgi_path" | grep -q $path_validation_expr ||
⋮┆----------------------------------------
360┆ chmod 644 $tmp_file || error "Failed to chmod: $tmp_file"
⋮┆----------------------------------------
362┆ fsynced_write_or_cleanup $tmp_file $PKG_CONFDIR/$HTTPCGIPATHS
⋮┆----------------------------------------
364┆ ln -sf $PKG_CONFDIR/$HTTPCGIPATHS $ETC_TRANSFER_CONF/transfer_$APPNAME.conf ||
⋮┆----------------------------------------
381┆ cgi_path_dir=$INSTALLDIR/$DIRNAME/html/$(dirname $cgi_path) ||
⋮┆----------------------------------------
384┆ cgi_path_file=$cgi_path_dir/$(basename $cgi_path) ||
⋮┆----------------------------------------
387┆ mkdir -p $cgi_path_dir ||
⋮┆----------------------------------------
390┆ find $cgi_path_dir -type d | xargs chown sdk:sdk ||
⋮┆----------------------------------------
396┆ chgrp $owner $cgi_path_file.tmp ||
⋮┆----------------------------------------
399┆ chmod 0750 $cgi_path_file.tmp ||
⋮┆----------------------------------------
402┆ fsynced_write_or_cleanup $cgi_path_file.tmp $cgi_path_file
⋮┆----------------------------------------
414┆ chmod 0640 $lic_file ||
⋮┆----------------------------------------
417┆ ln -sf $lic_file $INSTALLDIR/$DIRNAME/html/LICENSE >/dev/null 2>&1 ||
⋮┆----------------------------------------
422┆ for dir in $(find $INSTALLDIR/$DIRNAME/html -type d); do
⋮┆----------------------------------------
423┆ chmod 751 $dir || error "Failed to set permissions html"
⋮┆----------------------------------------
426┆ install_urls $APPNAME $INSTALLDIR/$DIRNAME/html ||
⋮┆----------------------------------------
429┆ chown $APPUSR:www $INSTALLDIR/$DIRNAME/html ||
⋮┆----------------------------------------
434┆ chown $APPUSR:www $lic_file ||
⋮┆----------------------------------------
439┆ ln -sf $PKG_ETC_DYN_APP_CONF $ETC_DYN_APP_CONF ||
⋮┆----------------------------------------
444┆ ln -sf $PKG_ETC_DYN_PARAM_APP_CONF $ETC_DYN_PARAM_APP_CONF ||
⋮┆----------------------------------------
449┆ ln -sf $PKG_DBUS_FILE $DBUS_FILE ||
⋮┆----------------------------------------
460┆ $PHC readgroupfile $ETC_DYN_PARAM_APP_CONF ||
⋮┆----------------------------------------
481┆ "$CERTSETPROTOCOL" $(id -u $APPUSR) ||
⋮┆----------------------------------------
516┆ chmod 755 $ABSAPPNAME || error "Failed to change permissions on $ABSAPPNAME"
⋮┆----------------------------------------
531┆ mkdir -p $DATA_DIR || error "Failed to create dir $DATA_DIR"
⋮┆----------------------------------------
533┆ chown $APPUSR:$APPGRP $DATA_DIR ||
⋮┆----------------------------------------
536┆ mkdir -p $ETC_DYN_PARAM || error "Failed to create dir $ETC_DYN_PARAM"
⋮┆----------------------------------------
537┆ mkdir -p $ETC_DYN || error "Failed to create dir $ETC_DYN"
⋮┆----------------------------------------
550┆ entry=$(echo $line | sed -rne
's/^[[:space:]]*([[:alnum:]]*)[[:space:]]*=[[:space:]]*"?([^"]*)"?.*/\1="\2"/p')
⋮┆----------------------------------------
552┆ type=$(echo $line | sed -rne 's/.*type[[:space:]]*=[[:space:]]*"([^"]*)"[[:space:]]*$/\1/p')
⋮┆----------------------------------------
561┆ echo $entry >> $PKG_ETC_DYN_APP_CONF.tmp
⋮┆----------------------------------------
567┆ chown $APPUSR:$APPGRP $PKG_ETC_DYN_APP_CONF.tmp ||
⋮┆----------------------------------------
570┆ chown $APPUSR:$APPGRP $PKG_ETC_DYN_PARAM_APP_CONF.tmp ||
⋮┆----------------------------------------
573┆ fsynced_write_or_cleanup $PKG_ETC_DYN_APP_CONF.tmp $PKG_ETC_DYN_APP_CONF
⋮┆----------------------------------------
574┆ fsynced_write_or_cleanup $PKG_ETC_DYN_PARAM_APP_CONF.tmp $PKG_ETC_DYN_PARAM_APP_CONF
⋮┆----------------------------------------
597┆ chmod 644 $PKG_DBUS_FILE.tmp || error "Failed to chmod on $PKG_DBUS_FIL.tmp"
⋮┆----------------------------------------
598┆ fsynced_write_or_cleanup $PKG_DBUS_FILE.tmp $PKG_DBUS_FILE
⋮┆----------------------------------------
616┆ url_group=$(stat -c "%G" $url_file)
⋮┆----------------------------------------
620┆ url_base_file=$(basename $url_file)
⋮┆----------------------------------------
632┆ $cmd || warning "'$cmd' failed"
⋮┆----------------------------------------
635┆ $cmd || warning "'$cmd' failed"
⋮┆----------------------------------------
646┆ files=$(ls -A $dir)
⋮┆----------------------------------------
649┆ add_file_to_url_conf $url_conf_file $dir/$file
⋮┆----------------------------------------
663┆ rm -f $url_conf_file 1>/dev/null 2>&1
⋮┆----------------------------------------
664┆ rm -f $url_conf_tmpfile 1>/dev/null 2>&1
⋮┆----------------------------------------
665┆ dirs=$(find $dir -type d)
⋮┆----------------------------------------
672┆ url_dir=$ACAP_DOC_ROOT/$acap_name/$(basename $subdir)
⋮┆----------------------------------------
678┆ gen_url_conf $url_conf_tmpfile $subdir
⋮┆----------------------------------------
685┆ fsynced_write_or_cleanup $url_conf_tmpfile $url_conf_file
⋮┆----------------------------------------
695┆ [ ! -d "$BAK_DIR" ] || rm -rf $BAK_DIR
⋮┆----------------------------------------
698┆ handle_eventdecl -d $INSTALLDIR/$DIRNAME/declarations -n $APPNAME -a ||
⋮┆----------------------------------------
701┆ mkdir -p $PKG_CONFDIR || error "Failed to mkdir -p $PKG_CONFDIR"
⋮┆----------------------------------------
703┆ chmod 755 $PKG_CONFDIR || error "Failed to change permissions on $PKG_CONFDIR"
⋮┆----------------------------------------
707┆ chmod 644 $RUNSTATE_CONF.tmp || error "Failed to change permissions on $RUNSTATE_CONF.tmp"
⋮┆----------------------------------------
708┆ fsynced_write_or_cleanup $RUNSTATE_CONF.tmp $RUNSTATE_CONF
⋮┆----------------------------------------
711┆ chown -Rh $APPUSR:admin $INSTALLDIR/$DIRNAME ||
⋮┆----------------------------------------
715┆ mkdir -p $INSTALLDIR/$DIRNAME/html ||
⋮┆----------------------------------------
726┆ if __restore_app $INSTALLDIR/$DIRNAME $BAK_DIR; then
⋮┆----------------------------------------
734┆ chmod 644 $INSTALLDIR/$DIRNAME/$ADPPACKCFG || {
⋮┆----------------------------------------
741┆ printf
"\
742┆ [Unit]
743┆ Description=%s
744┆
745┆ [Service]
746┆ User=%s
747┆ Type=oneshot
748┆ ExecStart=/bin/sh %s
749┆ WorkingDirectory=%s/%s
750┆ " $PREUPGRADE_SERVICE $1 $2 $INSTALLDIR $APPNAME > $ETC_SYSTEMD_DIR/$PREUPGRADE_SERVICE_FILENAME
⋮┆----------------------------------------
755┆ rm $ETC_SYSTEMD_DIR/$PREUPGRADE_SERVICE_FILENAME ||
⋮┆----------------------------------------
772┆ create_preupgrade_service $APPUSR $1
⋮┆----------------------------------------
774┆ systemctl start $PREUPGRADE_SERVICE >/dev/null 2>&1 || {
⋮┆----------------------------------------
776┆ systemctl reset-failed $PREUPGRADE_SERVICE > /dev/null 2>&1 ||
⋮┆----------------------------------------
784┆ printf
"\
785┆ [Unit]
786┆ Description=%s
787┆
788┆ [Service]
789┆ User=%s
790┆ Type=oneshot
791┆ ExecStart=/bin/sh %s/%s/%s
792┆ WorkingDirectory=%s/%s
793┆ " $POSTINSTALL_SERVICE $1 $INSTALLDIR $APPNAME $POSTINSTALLSCRIPT $INSTALLDIR $APPNAME >
$ETC_SYSTEMD_DIR/$POSTINSTALL_SERVICE_FILENAME
⋮┆----------------------------------------
798┆ rm $ETC_SYSTEMD_DIR/$POSTINSTALL_SERVICE_FILENAME ||
⋮┆----------------------------------------
811┆ create_postinstall_service $APPUSR
⋮┆----------------------------------------
816┆ systemctl --quiet status $POSTINSTALL_SERVICE >/dev/null 2>&1 ||
⋮┆----------------------------------------
819┆ systemctl start $POSTINSTALL_SERVICE >/dev/null 2>&1 || {
⋮┆----------------------------------------
821┆ systemctl reset-failed $POSTINSTALL_SERVICE > /dev/null 2>&1 ||
⋮┆----------------------------------------
826┆ chmod 644 $INSTALLDIR/$DIRNAME/$ADPPACKCFG || {
⋮┆----------------------------------------
833┆ rm -f $ETC_TRANSFER_CONF/transfer_$APPNAME.conf
⋮┆----------------------------------------
834┆ rm -f $ETC_TRANSFER_CONF/legacy_transfer_$APPNAME.conf
⋮┆----------------------------------------
835┆ rm -f $ETC_MIME_CONF/legacy_mime_$APPNAME.conf
⋮┆----------------------------------------
836┆ rm -rf $HTTP_VAR_RUN/$APPNAME
⋮┆----------------------------------------
838┆ rm -f $ETC_DYN_PARAM_APP_CONF
⋮┆----------------------------------------
839┆ rm -f $ETC_DYN_APP_CONF
⋮┆----------------------------------------
840┆ $PHC deletegroup $GROUPNAME >/dev/null 2>&1 || :
⋮┆----------------------------------------
844┆ rm -rf $INSTALLDIR/$DIRNAME
⋮┆----------------------------------------
855┆ eval enb=$val
⋮┆----------------------------------------
858┆ $log_info "unknown runstate $var for $APPNAME"
⋮┆----------------------------------------
863┆ $log_info "no runstate for $APPNAME"
⋮┆----------------------------------------
865┆ echo $enb
⋮┆----------------------------------------
874┆ systemctl enable $SYSTEMD_SERVICE_FILENAME ||
⋮┆----------------------------------------
888┆ handle_eventdecl -d $INSTALLDIR/$DIRNAME/declarations -n $APPNAME -r
⋮┆----------------------------------------
890┆ rm -rf $WEB_DIR/$APPNAME
⋮┆----------------------------------------
893┆ rm -f $ETC_INIT_D_APPNAME
⋮┆----------------------------------------
895┆ rm -f $ETC_SYSTEMD_APPNAME
⋮┆----------------------------------------
896┆ rm -f $DBUS_FILE
⋮┆----------------------------------------
913┆ run_pre_upgrade $2
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
849┆ local enb=no var= val= IFS==
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/manual_ir_override
.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
15┆ use_dn=$($GDBUS_CALL 2>/dev/null) ||
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/populate-extfs.sh
external.semgrep-rules.bash.lang.best-practice.iteration-over-ls-output
Iterating over ls output is fragile. Use globs, e.g. 'dir/*' instead of '$(ls dir)'.
92┆ for i in `ls $INODE_DIR`; do
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.best-practice.useless-cat
Useless call to 'cat' in a pipeline. Use '<' and '>' for any command to read from a file or
write to a file.
100┆ LN_CNT=`cat $INODE_DIR/$i | wc -l`
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
26┆ CONTRIB_DIR=$(dirname $(readlink -f $0))
⋮┆----------------------------------------
88┆ eval `echo $i | sed 's$###$ $'`
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
26┆ CONTRIB_DIR=$(dirname $(readlink -f $0))
⋮┆----------------------------------------
32┆ find $SRCDIR | while read FILE; do
⋮┆----------------------------------------
47┆ STAT=$(stat -c "TYPE=\"%F\";DEVNO=\"0x%t 0x%T\";MODE=\"%f\";U=\"%u\";G=\"%g\"" $FILE)
⋮┆----------------------------------------
48┆ eval $STAT
⋮┆----------------------------------------
58┆ LINK_TGT=$(readlink $FILE)
⋮┆----------------------------------------
87┆ for i in `find $SRCDIR -type f -links +1 -printf 'INODE=%i###FN=%p\n'`; do
⋮┆----------------------------------------
88┆ eval `echo $i | sed 's$###$ $'`
⋮┆----------------------------------------
89┆ echo ${FN#$SRCDIR} >>$INODE_DIR/$INODE
⋮┆----------------------------------------
92┆ for i in `ls $INODE_DIR`; do
⋮┆----------------------------------------
94┆ SRC=`head -1 $INODE_DIR/$i`
⋮┆----------------------------------------
96┆ for TGT in `sed -n -e '1!p' $INODE_DIR/$i`; do
⋮┆----------------------------------------
100┆ LN_CNT=`cat $INODE_DIR/$i | wc -l`
⋮┆----------------------------------------
104┆ rm -fr $INODE_DIR
⋮┆----------------------------------------
105┆ } | $DEBUGFS -w -f - $DEVICE
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/storage_serverrepo
rt.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
9┆ cat $sd_stats_file
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/temp_sensor_availa
ble.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ logger -s -t${0##*/} -p err -- $*
⋮┆----------------------------------------
15┆ nbr_of_sensors=$($DBUS_CALL) || croak "Failed to get nbr of sensors"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/apache2/cipher_va
lidator.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
8┆ $err "Invalid CIPHERS assignment"
⋮┆----------------------------------------
16┆ $err "An error occurred checking ciphers"
⋮┆----------------------------------------
20┆ $err "No supported ciphers provided"
⋮┆----------------------------------------
25┆ $warn "Openssl supported ciphers differ from ciphers provided"
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/audio/prop/functi
ons.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
11┆ val=$(sed -ne "/$2\}\"$/{N;p}" $1) && [ "$val" ] || exit 0
⋮┆----------------------------------------
28┆ eval $1=0
⋮┆----------------------------------------
34┆ eval $1=\$reply
⋮┆----------------------------------------
44┆ nin=$(($nin + 1))
⋮┆----------------------------------------
47┆ nout=$(($nout + 1))
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/resolution_update
/resolution_update.d/10-monolith-delete_overlay.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ remove_groups 'Image.I[0-9][0-9]*.Overlay.MaskWindows.M[0-9][0-9]*' $CONF_DIR/image_privacy_mask.conf ||
:
⋮┆----------------------------------------
9┆ rm -f \
10┆ /etc/dynamic/image_i${stream_id}_overlay_maskwindows.conf \
11┆ /etc/dynamic/param/image_i${stream_id}_overlay_maskwindows.conf
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/resolution_update
/resolution_update_dir.d/10-monolith-resolution_update.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
29┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((0 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
32┆ set_resolution $((0 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
34┆ reso0=$(res_finder --default_res --channel $((0 + 1))) ||
⋮┆----------------------------------------
36┆ set_resolution $((0 + 1)) $reso0
⋮┆----------------------------------------
40┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((1 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
43┆ set_resolution $((1 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
45┆ reso1=$(res_finder --default_res --channel $((1 + 1))) ||
⋮┆----------------------------------------
47┆ set_resolution $((1 + 1)) $reso1
⋮┆----------------------------------------
51┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((2 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
54┆ set_resolution $((2 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
56┆ reso2=$(res_finder --default_res --channel $((2 + 1))) ||
⋮┆----------------------------------------
58┆ set_resolution $((2 + 1)) $reso2
⋮┆----------------------------------------
62┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((3 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
65┆ set_resolution $((3 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
67┆ reso3=$(res_finder --default_res --channel $((3 + 1))) ||
⋮┆----------------------------------------
69┆ set_resolution $((3 + 1)) $reso3
⋮┆----------------------------------------
73┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((4 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
76┆ set_resolution $((4 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
78┆ reso4=$(res_finder --default_res --channel $((4 + 1))) ||
⋮┆----------------------------------------
80┆ set_resolution $((4 + 1)) $reso4
⋮┆----------------------------------------
84┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((5 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
87┆ set_resolution $((5 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
89┆ reso5=$(res_finder --default_res --channel $((5 + 1))) ||
⋮┆----------------------------------------
91┆ set_resolution $((5 + 1)) $reso5
⋮┆----------------------------------------
95┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((6 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
98┆ set_resolution $((6 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
100┆ reso6=$(res_finder --default_res --channel $((6 + 1))) ||
⋮┆----------------------------------------
102┆ set_resolution $((6 + 1)) $reso6
⋮┆----------------------------------------
106┆ res=$(busctl get-property com.axis.Video1 /com/axis/Video1/Channel/$((7 + 1))
com.axis.Video1.Channel Enabled) && res=${res#* } ||
⋮┆----------------------------------------
109┆ set_resolution $((7 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
111┆ reso7=$(res_finder --default_res --channel $((7 + 1))) ||
⋮┆----------------------------------------
113┆ set_resolution $((7 + 1)) $reso7
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ busctl set-property com.axis.Video1 /com/axis/Video1/Channel/$1 com.axis.Video1.Channel
Resolution s $2 || {
⋮┆----------------------------------------
32┆ set_resolution $((0 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
36┆ set_resolution $((0 + 1)) $reso0
⋮┆----------------------------------------
43┆ set_resolution $((1 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
47┆ set_resolution $((1 + 1)) $reso1
⋮┆----------------------------------------
54┆ set_resolution $((2 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
58┆ set_resolution $((2 + 1)) $reso2
⋮┆----------------------------------------
65┆ set_resolution $((3 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
69┆ set_resolution $((3 + 1)) $reso3
⋮┆----------------------------------------
76┆ set_resolution $((4 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
80┆ set_resolution $((4 + 1)) $reso4
⋮┆----------------------------------------
87┆ set_resolution $((5 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
91┆ set_resolution $((5 + 1)) $reso5
⋮┆----------------------------------------
98┆ set_resolution $((6 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
102┆ set_resolution $((6 + 1)) $reso6
⋮┆----------------------------------------
109┆ set_resolution $((7 + 1)) $RESOLUTION_MAXZOOM
⋮┆----------------------------------------
113┆ set_resolution $((7 + 1)) $reso7
⋮┆----------------------------------------
130┆ channel=$(($1 + 1))
⋮┆----------------------------------------
131┆ default_res=$(res_finder --default_res -c $channel) ||
⋮┆----------------------------------------
133┆ set_resolution $channel $default_res
⋮┆----------------------------------------
148┆ update_resolution_by_cm $RESOLUTION_UPDATE_PAR1
⋮┆----------------------------------------
152┆ update_resolution_by_cm $RESOLUTION_UPDATE_PAR1
⋮┆----------------------------------------
157┆ write_resolution_for_head $head
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/serverreport.d/mq
tt_config.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
12┆ sed -re "s/^(password=).*/\\1*****/" $f
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/serverreport.d/nt
p_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
16┆ if _ret=$($GET_PROP_CMD $1 $2 2>&1); then
⋮┆----------------------------------------
21┆ echo $2
⋮┆----------------------------------------
25┆ echo $* | tr -d '"'
⋮┆----------------------------------------
38┆ get_ntp_property com.axis.NTP1 $1
⋮┆----------------------------------------
43┆ get_ntp_property com.axis.NTP1.Server $1
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/syslog-ng/include
/scl/loadbalancer/gen-loadbalancer.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
27┆ target_cnt=$(echo $TARGETS | wc -w)
⋮┆----------------------------------------
36┆ echo -n $target_id
⋮┆----------------------------------------
38┆ echo -n $target_cnt
⋮┆----------------------------------------
43┆ echo -n $target
⋮┆----------------------------------------
45┆ echo -n $TARGET_PARAMS
/logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/share/temperature_ctrld
/product_config.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
20┆ POE_STATUS=$(cat $POE_CLASS) || POE_STATUS=0
┌──────────────┐
│ Scan Summary │
└──────────────┘
Some files were skipped or only partially analyzed.
Partially scanned: 12 files only partially analyzed due to parsing or internal Semgrep errors
Ran 7 rules on 77 files: 984 findings.