METRICS: Using configs from the Registry (like --config=p/ci) reports pseudonymous rule metrics to semgrep.dev.
To disable Registry rule metrics, use "--metrics=off".
Using configs only from local files (like --config=xyz.yml) does not enable metrics.
More information: https://semgrep.dev/docs/metrics
┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 3985 files tracked by git with 7 Code rules:
Scanning 76 files with 7 bash rules.
┌───────────────────┐
│ 795 Code Findings │
└───────────────────┘
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/et
c/logrotate.d/statis/statistics.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
71┆ new_LMF=$(/usr/bin/md5sum $group_file)
⋮┆----------------------------------------
79┆ new_LUN="$(echo $users | cut -d' ' -f2)"
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
42┆ IFS=':'
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/et
c/qos/qos.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
101┆ set -- $CLASSES
⋮┆----------------------------------------
366┆ . $CONF_PATH || _error "Failed to source '$CONF_PATH'"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/et
c/rtp/set_video_dscp.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ VALUE=$(grep VideoDSCP $CONF_FILE | grep -E -o '[0-9]+')
⋮┆----------------------------------------
6┆ dbus-send --system --print-reply --type=method_call --dest=com.axis.Streamer /com/axis/Streamer/Video
org.freedesktop.DBus.Properties.Set string:com.axis.Stream ...
[shortened a long line from output, adjust with --max-chars-per-line]
⋮┆----------------------------------------
8┆ dbus-send --system --print-reply --type=method_call --dest=com.axis.JpegStreamer1
/com/axis/JpegStreamer1/Conf org.freedesktop.DBus.Properties.Set string:com.ax ...
[shortened a long line from output, adjust with --max-chars-per-line]
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/a1601_test.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
53┆ val=$(cat $port/value)
⋮┆----------------------------------------
58┆ x=$(($x+1))
⋮┆----------------------------------------
71┆ echo $VALUE > $RELAY_1/value
⋮┆----------------------------------------
72┆ echo $VALUE > $RELAY_2/value
⋮┆----------------------------------------
74┆ check_port_value $AUX_IO1 $INVERTED_VALUE
⋮┆----------------------------------------
75┆ check_port_value $AUX_IO2 $VALUE
⋮┆----------------------------------------
76┆ check_port_value $AUX_IO3 $INVERTED_VALUE
⋮┆----------------------------------------
77┆ check_port_value $AUX_IO4 $VALUE
⋮┆----------------------------------------
84┆ COUNT=$(($COUNT+1))
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/check_reader_1.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ $TRATT_COMMAND $PORT -p RS485_1_CTRL1
⋮┆----------------------------------------
20┆ $TRATT_COMMAND $PORT -p RS485_1_CTRL2
⋮┆----------------------------------------
23┆ $TRATT_COMMAND $PORT -p RS485_1_PU/PD
⋮┆----------------------------------------
26┆ $TRATT_COMMAND $PORT -p RS485_1_TERM
⋮┆----------------------------------------
29┆ $TRATT_COMMAND $PORT -p RS485_1_RTS
⋮┆----------------------------------------
32┆ $TRATT_COMMAND $PORT -p RS485_1_WIEGAND_ON
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/check_reader_2.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ $TRATT_COMMAND $PORT -p RS485_2_CTRL1
⋮┆----------------------------------------
20┆ $TRATT_COMMAND $PORT -p RS485_2_CTRL2
⋮┆----------------------------------------
23┆ $TRATT_COMMAND $PORT -p RS485_2_PU/PD
⋮┆----------------------------------------
26┆ $TRATT_COMMAND $PORT -p RS485_2_TERM
⋮┆----------------------------------------
29┆ $TRATT_COMMAND $PORT -p RS485_2_RTS
⋮┆----------------------------------------
32┆ $TRATT_COMMAND $PORT -p RS485_2_WIEGAND_ON
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/checkprogress.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
15┆ $(init_done)
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/compile_in_debug.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
26┆ echo $1
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/dinput.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
9┆ echo "Available inputs in "$IOS_PATH": (empty before hw conf)"
⋮┆----------------------------------------
10┆ ls $IOS_PATH
⋮┆----------------------------------------
22┆ echo "input not found: "$IO
⋮┆----------------------------------------
33┆ value=$(head -n 1 $IO)
⋮┆----------------------------------------
40┆ echo "invalid op: "$OP
⋮┆----------------------------------------
43┆ line=$(head -n 1 $IO)
⋮┆----------------------------------------
44┆ echo $IO "is now "$line
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/elflibcheck.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
8┆ echo $((1+${#t}))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ local t=`dd if=$1 bs=1 count=1 skip=$2 2>/dev/null`
⋮┆----------------------------------------
8┆ echo $((1+${#t}))
⋮┆----------------------------------------
12┆ local elfmag0=`getb $1 0`
⋮┆----------------------------------------
13┆ local elfmag1_3=`dd if=$1 bs=1 count=3 skip=1 2>/dev/null`
⋮┆----------------------------------------
14┆ local e_type0=`getb $1 16`
⋮┆----------------------------------------
15┆ local e_type1=`getb $1 17`
⋮┆----------------------------------------
16┆ local e_machine0=`getb $1 18`
⋮┆----------------------------------------
17┆ local e_machine1=`getb $1 19`
⋮┆----------------------------------------
19┆ local ei_data=`getb $1 5`
⋮┆----------------------------------------
20┆ local e_flags0=`getb $1 36`
⋮┆----------------------------------------
21┆ local e_flags1=`getb $1 37`
⋮┆----------------------------------------
22┆ local e_flags2=`getb $1 38`
⋮┆----------------------------------------
23┆ local e_flags3=`getb $1 39`
⋮┆----------------------------------------
236┆ ldd -s $file || {
⋮┆----------------------------------------
238┆ filestr=`emstr $file`
⋮┆----------------------------------------
245┆ exit $result
⋮┆----------------------------------------
248┆ ldd $file
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/function_button.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
8┆ $LOGIT -p err -- $*
⋮┆----------------------------------------
16┆ $GDBUS_CALL.assistant_is_active 2>/dev/null
⋮┆----------------------------------------
29┆ focus_active=$($GDBUS_CALL.assistant_is_active) ||
⋮┆----------------------------------------
36┆ $GDBUS_CALL.assistant_button ||
⋮┆----------------------------------------
60┆ $GDBUS_CALL.assistant_button ||
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/iowrapper.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
47┆ check_port $2
⋮┆----------------------------------------
48┆ check_state $3
⋮┆----------------------------------------
51┆ check_duration $4
⋮┆----------------------------------------
67┆ port=$(($2 + 1))
⋮┆----------------------------------------
83┆ $cmd
⋮┆----------------------------------------
101┆ $cmd
⋮┆----------------------------------------
130┆ $cmd "$args"
⋮┆----------------------------------------
149┆ $cmd "$args"
⋮┆----------------------------------------
158┆ port=$(($1 + 1))
⋮┆----------------------------------------
171┆ $cmd
⋮┆----------------------------------------
190┆ $cmd "$args"
⋮┆----------------------------------------
196┆ validate $*
⋮┆----------------------------------------
201┆ start_io2d $*
⋮┆----------------------------------------
203┆ start $*
⋮┆----------------------------------------
209┆ stop_io2d $*
⋮┆----------------------------------------
211┆ stop $*
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/ledsonoff.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
15┆ kill $pid
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/mcu_uptime.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ $TRATT_COMMAND $PORT -u
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/poe_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
225┆ printf " -Software Power Requested: %d.%d Watt\n" $(($requested/10))
$(($requested%10))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
27┆ value=$($GDBUS_POWERD_PROP_GET $2 2>&1) ||
⋮┆----------------------------------------
36┆ eval $1=\$value
⋮┆----------------------------------------
61┆ poe_class=$(($2 & 0x0F))
⋮┆----------------------------------------
64┆ poe_class=$(($2 & 0x0F))
⋮┆----------------------------------------
166┆ info=$($GDBUS_GLLDPD_METHOD.GetNeighbourInfo 2>&1) ||
⋮┆----------------------------------------
215┆ info=$($GDBUS_GLLDPD_METHOD.GetPoeInfo 2>&1) ||
⋮┆----------------------------------------
225┆ printf " -Software Power Requested: %d.%d Watt\n" $(($requested/10))
$(($requested%10))
⋮┆----------------------------------------
225┆ printf " -Software Power Requested: %d.%d Watt\n" $(($requested/10))
$(($requested%10))
⋮┆----------------------------------------
232┆ print_prio_string $prio
⋮┆----------------------------------------
253┆ info=$($GDBUS_POWERD_METHOD.TotalPowerConsumption 2>&1) || {
⋮┆----------------------------------------
268┆ set -- $info
⋮┆----------------------------------------
274┆ current_power=$(printf "%.1f" $current_power)
⋮┆----------------------------------------
277┆ min_power=$(printf "%.1f" $2)
⋮┆----------------------------------------
280┆ max_power=$(printf "%.1f" $3)
⋮┆----------------------------------------
285┆ average_power=$(printf "%.1f" $average_power)
⋮┆----------------------------------------
329┆ info=$($GDBUS_POWERD_METHOD.DevicePower $1 2>&1) ||
⋮┆----------------------------------------
335┆ set -- $info
⋮┆----------------------------------------
344┆ current_power=$(printf "%.1f" $2)
⋮┆----------------------------------------
347┆ min_power=$(printf "%.1f" $3)
⋮┆----------------------------------------
350┆ max_power=$(printf "%.1f" $4)
⋮┆----------------------------------------
355┆ average_power=$(printf "%.1f" $average_power)
⋮┆----------------------------------------
359┆ print_pretty_name $name
⋮┆----------------------------------------
370┆ info=$($GDBUS_POWERSAVE_METHOD.GetPowerSavingSupport 2>&1) ||
⋮┆----------------------------------------
379┆ info=$($GDBUS_POWERSAVE_METHOD.GetPowerSavingMode 2>&1) ||
⋮┆----------------------------------------
402┆ print_poeclass_string "Hardware:" $return_value
⋮┆----------------------------------------
406┆ print_poeclass_string "Software:" $return_value
⋮┆----------------------------------------
411┆ lldp_info=$($GDBUS_POLICYKIT_LLDPCLI show-neighbors 2>&1) ||
⋮┆----------------------------------------
419┆ print_power_status $return_value
⋮┆----------------------------------------
423┆ printf "Power Requested: %.1f Watt\n" $return_value
⋮┆----------------------------------------
427┆ printf "Power Received: %.1f Watt\n" $return_value
⋮┆----------------------------------------
441┆ print_external_power_string $return_value
⋮┆----------------------------------------
446┆ print_power_status $return_value
⋮┆----------------------------------------
450┆ printf "Power Requested: %.1f Watt\n" $return_value
⋮┆----------------------------------------
454┆ printf "Power Received: %.1f Watt\n" $return_value
⋮┆----------------------------------------
473┆ print_device_power_consumption $device_index
⋮┆----------------------------------------
475┆ device_index=$(($device_index + 1))
⋮┆----------------------------------------
529┆ poe_output=$($poet_executable --info 2>&1 || :)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
267┆ local IFS=,
⋮┆----------------------------------------
334┆ local IFS=,
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/print_a1210_inputs.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
14┆ tmp=`cat $GP/door_input_1/value`
⋮┆----------------------------------------
15┆ tmp2=`cat $ADC/in_voltage_DOOR_ADC_1_raw`
⋮┆----------------------------------------
18┆ tmp=`cat $GP/door_input_2/value`
⋮┆----------------------------------------
19┆ tmp2=`cat $ADC/in_voltage_DOOR_ADC_2_raw`
⋮┆----------------------------------------
22┆ tmp=`cat $GP/ext_input_1/value`
⋮┆----------------------------------------
23┆ tmp2=`cat $ADC/in_voltage_EXT_ADC_1_raw`
⋮┆----------------------------------------
26┆ tmp=`cat $GP/ext_input_2/value`
⋮┆----------------------------------------
27┆ tmp2=`cat $ADC/in_voltage_EXT_ADC_2_raw`
⋮┆----------------------------------------
30┆ tmp=`cat $GP/reader_input/value`
⋮┆----------------------------------------
31┆ tmp2=`cat $ADC/in_voltage_READER_ADC_raw`
⋮┆----------------------------------------
34┆ tmp=`cat $GP/sup_digin_aux_io_1/value`
⋮┆----------------------------------------
35┆ tmp2=`cat $ADC/in_voltage_SUP_ADC_AUX_IO_1_raw`
⋮┆----------------------------------------
38┆ tmp=`cat $GP/sup_digin_aux_io_2/value`
⋮┆----------------------------------------
39┆ tmp2=`cat $ADC/in_voltage_SUP_ADC_AUX_IO_2_raw`
⋮┆----------------------------------------
42┆ tmp=`cat $GP/aux_io_load_fault/value`
⋮┆----------------------------------------
45┆ tmp=`cat $ADC/in_voltage_READER_LOAD_FAULT_raw`
⋮┆----------------------------------------
48┆ tmp=`cat $ADC/in_voltage_READER_IMON_raw`
⋮┆----------------------------------------
51┆ tmp=`cat $ADC/in_voltage_RELAY_IMON_raw`
⋮┆----------------------------------------
54┆ tmp=`cat $GP/dc_available/value`
⋮┆----------------------------------------
57┆ tmp=`cat $ADC/in_voltage_DC_VMON_raw`
⋮┆----------------------------------------
60┆ tmp=`cat $GP/relay_12v_sel/value`
⋮┆----------------------------------------
63┆ tmp=`cat $GP/relay_24v_sel/value`
⋮┆----------------------------------------
66┆ tmp=`cat $GP/tampering/value`
⋮┆----------------------------------------
69┆ tmp=`cat $GP/poe_af/value`
⋮┆----------------------------------------
76┆ tmp=`$TCMD -p DOOR_INPUT_1`
⋮┆----------------------------------------
77┆ tmp2=`$TCMD -p DOOR_ADC_1`
⋮┆----------------------------------------
80┆ tmp=`$TCMD -p DOOR_INPUT_2`
⋮┆----------------------------------------
81┆ tmp2=`$TCMD -p DOOR_ADC_2`
⋮┆----------------------------------------
84┆ tmp=`$TCMD -p EXT_INPUT_1`
⋮┆----------------------------------------
85┆ tmp2=`$TCMD -p EXT_ADC_1`
⋮┆----------------------------------------
88┆ tmp=`$TCMD -p EXT_INPUT_2`
⋮┆----------------------------------------
89┆ tmp2=`$TCMD -p EXT_ADC_2`
⋮┆----------------------------------------
92┆ tmp=`$TCMD -p READER_INPUT`
⋮┆----------------------------------------
93┆ tmp2=`$TCMD -p READER_ADC`
⋮┆----------------------------------------
96┆ tmp=`$TCMD -p SUP_DIGIN_AUX_IO_1`
⋮┆----------------------------------------
97┆ tmp2=`$TCMD -p SUP_ADC_AUX_IO_1`
⋮┆----------------------------------------
100┆ tmp=`$TCMD -p SUP_DIGIN_AUX_IO_2`
⋮┆----------------------------------------
101┆ tmp2=`$TCMD -p SUP_ADC_AUX_IO_2`
⋮┆----------------------------------------
104┆ tmp=`$TCMD -p AUX_IO_LOAD_FAULT`
⋮┆----------------------------------------
107┆ tmp=`$TCMD -p READER_LOAD_FAULT`
⋮┆----------------------------------------
110┆ tmp=`$TCMD -p READER_IMON`
⋮┆----------------------------------------
113┆ tmp=`$TCMD -p RELAY_IMON`
⋮┆----------------------------------------
116┆ tmp=`$TCMD -p DC_AVAILABLE`
⋮┆----------------------------------------
119┆ tmp=`$TCMD -p DC_IMON`
⋮┆----------------------------------------
122┆ tmp=`$TCMD -p RELAY_12V_SEL`
⋮┆----------------------------------------
125┆ tmp=`$TCMD -p RELAY_24V_SEL`
⋮┆----------------------------------------
128┆ tmp=`$TCMD -p TAMPERING`
⋮┆----------------------------------------
131┆ tmp=`$TCMD -p POE_AF`
⋮┆----------------------------------------
134┆ tmp=`$TCMD -p PGOOD_24V`
⋮┆----------------------------------------
137┆ tmp=`$TCMD -p POE_AVAILABLE`
⋮┆----------------------------------------
148┆ linked=$(cat $LINK_FILE)
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/reader_1_rs485.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
16┆ $TRATT_COMMAND $PORT -p RS485_1_CTRL1 -v 0
⋮┆----------------------------------------
17┆ $TRATT_COMMAND $PORT -p RS485_1_CTRL2 -v 1
⋮┆----------------------------------------
18┆ $TRATT_COMMAND $PORT -p RS485_1_PU/PD -v 0
⋮┆----------------------------------------
19┆ $TRATT_COMMAND $PORT -p RS485_1_TERM -v 1
⋮┆----------------------------------------
20┆ $TRATT_COMMAND $PORT -p RS485_1_WIEGAND_ON -v 1
⋮┆----------------------------------------
21┆ $TRATT_COMMAND $PORT -Q
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/reader_1_wiegand.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
16┆ $TRATT_COMMAND $PORT -p RS485_1_CTRL1 -v 1
⋮┆----------------------------------------
17┆ $TRATT_COMMAND $PORT -p RS485_1_CTRL2 -v 0
⋮┆----------------------------------------
18┆ $TRATT_COMMAND $PORT -p RS485_1_PU/PD -v 1
⋮┆----------------------------------------
19┆ $TRATT_COMMAND $PORT -p RS485_1_TERM -v 0
⋮┆----------------------------------------
20┆ $TRATT_COMMAND $PORT -p RS485_1_RTS -v 1
⋮┆----------------------------------------
21┆ $TRATT_COMMAND $PORT -p RS485_1_WIEGAND_ON -v 0
⋮┆----------------------------------------
22┆ $TRATT_COMMAND $PORT -q
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/reader_2_rs485.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
16┆ $TRATT_COMMAND $PORT -p RS485_2_CTRL1 -v 0
⋮┆----------------------------------------
17┆ $TRATT_COMMAND $PORT -p RS485_2_CTRL2 -v 1
⋮┆----------------------------------------
18┆ $TRATT_COMMAND $PORT -p RS485_2_PU/PD -v 0
⋮┆----------------------------------------
19┆ $TRATT_COMMAND $PORT -p RS485_2_TERM -v 1
⋮┆----------------------------------------
20┆ $TRATT_COMMAND $PORT -p RS485_2_WIEGAND_ON -v 1
⋮┆----------------------------------------
21┆ $TRATT_COMMAND $PORT -W
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/reader_2_wiegand.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
16┆ $TRATT_COMMAND $PORT -p RS485_2_CTRL1 -v 1
⋮┆----------------------------------------
17┆ $TRATT_COMMAND $PORT -p RS485_2_CTRL2 -v 0
⋮┆----------------------------------------
18┆ $TRATT_COMMAND $PORT -p RS485_2_PU/PD -v 1
⋮┆----------------------------------------
19┆ $TRATT_COMMAND $PORT -p RS485_2_TERM -v 0
⋮┆----------------------------------------
20┆ $TRATT_COMMAND $PORT -p RS485_2_RTS -v 1
⋮┆----------------------------------------
21┆ $TRATT_COMMAND $PORT -p RS485_2_WIEGAND_ON -v 0
⋮┆----------------------------------------
22┆ $TRATT_COMMAND $PORT -w
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/reset_mcu.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
20┆ set_gpio io_mcu_rst $LOW
⋮┆----------------------------------------
22┆ set_gpio io_mcu_rst $HIGH
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/restartnbix.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
19┆ echo Stopping nbix resources: $resourceModules
⋮┆----------------------------------------
20┆ systemctl stop $resourceModules
⋮┆----------------------------------------
24┆ echo Stopping nbix base: $baseModules
⋮┆----------------------------------------
25┆ systemctl stop $baseModules
⋮┆----------------------------------------
45┆ echo Restarting nbix base: $baseModules
⋮┆----------------------------------------
46┆ systemctl start $baseModules
⋮┆----------------------------------------
49┆ systemctl is-active --quiet $module
⋮┆----------------------------------------
51┆ echo FAILED to start $module
⋮┆----------------------------------------
55┆ echo Restarting nbix resources: $resourceModules
⋮┆----------------------------------------
56┆ systemctl start $resourceModules
⋮┆----------------------------------------
59┆ systemctl is-active --quiet $module
⋮┆----------------------------------------
61┆ echo FAILED to start $module
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/run_with_valgrind.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
29┆ $valgrind_cmd /usr/bin/linkd
⋮┆----------------------------------------
32┆ $valgrind_cmd /usr/bin/served
⋮┆----------------------------------------
36┆ $valgrind_cmd /usr/bin/logicrunner --procname "$1" --library="$lib"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/set_wdr.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
9┆ wdr=$(busctl get-property $img_foo /com/axis/ImageControl/0/0 \
10┆ $img_interface
$wdr_prop) || {
⋮┆----------------------------------------
11┆ $logit "Could not get property: $wdr_prop from $img_interface";
⋮┆----------------------------------------
20┆ parhandclient set $param $1 ||
⋮┆----------------------------------------
21┆ $logit "Could not set $param to $1"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/start-package-allowed.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
23┆ MAXRUNNING=$(($MAXRUNNING + 1))
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/validate_parameters.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
27┆ echo $1 | grep "^[^0-9]*$" || ! ( [ $1 -lt 0 ] || [ $1 -gt 63 ] )
⋮┆----------------------------------------
51┆ ! ( [ -z $user ] || [ -z $host ] || ! validate_host $host) ||
⋮┆----------------------------------------
96┆ validate_host $OPTARG
⋮┆----------------------------------------
99┆ validate_url $OPTARG
⋮┆----------------------------------------
102┆ validate_port $OPTARG
⋮┆----------------------------------------
105┆ validate_qos $OPTARG
⋮┆----------------------------------------
108┆ validate_email $OPTARG
⋮┆----------------------------------------
111┆ validate_wdr $OPTARG
⋮┆----------------------------------------
114┆ validate_defog $OPTARG
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
44┆ IFS="$IFS,;"
⋮┆----------------------------------------
54┆ IFS=$old_IFS
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/bin/vmstatus.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
63┆ printf "%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%lu\t%d\t%s\n" \
64┆ $Rss $Pss $Pss_Dirty $Shared_Clean $Shared_Dirty $Private_Clean $Private_Dirty $Swap $SwapPss $1
$comm
⋮┆----------------------------------------
69┆ TOTAL_PSS=$(($TOTAL_PSS + $Pss + $SwapPss))
⋮┆----------------------------------------
82┆ vmstatus $p
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/html/axis-cgi/lib/acap_handle_files.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
23┆ [ -d $2 ] && rm -rf $2 2>&1
⋮┆----------------------------------------
25┆ rm -rf $tmpdir 2>&1
⋮┆----------------------------------------
27┆ res=$(mkdir $tmpdir 2>&1) || {
⋮┆----------------------------------------
32┆ res=$(cp -fa $1/. $tmpdir) || {
⋮┆----------------------------------------
34┆ rm -rf $tmpdir 2>&1
⋮┆----------------------------------------
41┆ rm -rf $tmpdir 2>&1
⋮┆----------------------------------------
45┆ res=$(mv $tmpdir $2) || {
⋮┆----------------------------------------
47┆ rm -rf $tmpdir 2>&1
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/html/axis-cgi/lib/adp.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
424┆ res=$(eval $(__rootpath) $INSTALLER preupgrade \
425┆ $tmp_ld/$PREUPGRADESCRIPT 2>&1) || warning
"$res"
⋮┆----------------------------------------
433┆ res=$(eval $(__rootpath) $INSTALLER uninstall) || warning "$res"
⋮┆----------------------------------------
463┆ eval $(__rootpath) $INSTALLER install $limited_postinstall >$instlog.tmp 2>&1 || ret=$?
⋮┆----------------------------------------
764┆ eval $(__rootpath) $INSTALLER uninstall >/dev/null || {
⋮┆----------------------------------------
921┆ if eval $(__rootpath) start-package-allowed.sh $packdir/$APPNAME $APPTYPE >/dev/null; then
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
14┆ logger -t ${0##*/} -p INFO -- "$*"
⋮┆----------------------------------------
18┆ logger -t ${0##*/} -p WARNING -- "$*"
⋮┆----------------------------------------
22┆ logger -t ${0##*/} -p CRIT -- "$*"
⋮┆----------------------------------------
69┆ exit $exit_status
⋮┆----------------------------------------
82┆ exit $exit_status
⋮┆----------------------------------------
149┆ arch=$($PHC get properties.System.Architecture 2>&1) || {
⋮┆----------------------------------------
153┆ eval arch=$arch
⋮┆----------------------------------------
175┆ return $retval
⋮┆----------------------------------------
185┆ eval enb=$val
⋮┆----------------------------------------
192┆ eval $2=\$enb
⋮┆----------------------------------------
204┆ state=$(systemctl is-active $service 2>/dev/null) ||:
⋮┆----------------------------------------
209┆ systemctl --quiet stop $service >/dev/null 2>&1 || warning "Failed to stop $service"
⋮┆----------------------------------------
210┆ systemctl --quiet disable $service >/dev/null 2>&1 || warning "Failed to disable $service"
⋮┆----------------------------------------
215┆ systemctl --quiet enable $service >/dev/null 2>&1 || warning "Failed to enable $service"
⋮┆----------------------------------------
218┆ systemctl --quiet disable $service >/dev/null 2>&1 || warning "Failed to disable $service"
⋮┆----------------------------------------
220┆ systemctl --quiet restart $service >/dev/null 2>&1 || warning "Failed to restart $service"
⋮┆----------------------------------------
228┆ fsynced_write_or_cleanup $PACKAGE_DIRECTORY/$2/conf/$runstate_conf.tmp
$PACKAGE_DIRECTORY/$2/conf/$runstate_conf
⋮┆----------------------------------------
253┆ tmp_file=$(file_upload -S $CONTENT_LENGTH -n 204800 \
254┆ --allowed-realms=$realms --allowed-dirs=$dirs 2>&1)
|| {
⋮┆----------------------------------------
266┆ [ $CLEANUP -eq 0 ] || rm -f $tmp_file
⋮┆----------------------------------------
278┆ eval $1=\$tmp_file_general
⋮┆----------------------------------------
301┆ __pkgconf_get_var $tmp_package APPNAME || :
⋮┆----------------------------------------
302┆ __pkgconf_get_var $tmp_package REQEMBDEVVERSION || :
⋮┆----------------------------------------
304┆ embdevversion=$($PHC get properties.EmbeddedDevelopment.Version 2>&1) || {
⋮┆----------------------------------------
310┆ compare_vers $REQEMBDEVVERSION le $embdevversion || {
⋮┆----------------------------------------
321┆ res=$(tar -xzf $tmp_package -C $tmp_ld 2>&1) || {
⋮┆----------------------------------------
323┆ res2=$(tar -xf $tmp_package -C $tmp_ld 2>&1) || {
⋮┆----------------------------------------
325┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
331┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
336┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
343┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
348┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
353┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
358┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
363┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
368┆ __is_supported_apptype $APPTYPE || {
⋮┆----------------------------------------
369┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
372┆ res=$($ELFCHECK $tmp_ld/$APPNAME 2>&1) || {
⋮┆----------------------------------------
373┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
382┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
388┆ res=$(mkdir $PACKAGE_DIRECTORY 2>&1) || {
⋮┆----------------------------------------
390┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
393┆ res=$(chmod 775 $PACKAGE_DIRECTORY 2>&1) || {
⋮┆----------------------------------------
395┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
407┆ _tmpbakdir=$(mktemp -d /tmp/$APPNAME.XXXXXX 2>&1) || {
⋮┆----------------------------------------
412┆ [ -z "$_tmpbakdir" ] || __preserve_app_runstate $dest_dir $_tmpbakdir
⋮┆----------------------------------------
419┆ preupgrade_res=$(chmod 755 $tmp_ld 2>&1) ||
⋮┆----------------------------------------
423┆ cd $dest_dir
⋮┆----------------------------------------
424┆ res=$(eval $(__rootpath) $INSTALLER preupgrade \
425┆ $tmp_ld/$PREUPGRADESCRIPT 2>&1) || warning
"$res"
⋮┆----------------------------------------
426┆ cd $oldpwd || :
⋮┆----------------------------------------
430┆ [ ! $_tmpbakdir ] || __preserve_app_conf $dest_dir $_tmpbakdir
⋮┆----------------------------------------
432┆ cd $dest_dir
⋮┆----------------------------------------
433┆ res=$(eval $(__rootpath) $INSTALLER uninstall) || warning "$res"
⋮┆----------------------------------------
435┆ cd $oldpwd || :
⋮┆----------------------------------------
436┆ rm -rf $dest_dir
⋮┆----------------------------------------
440┆ if ! __fsynced_write_or_cleanup_dir $tmp_ld $dest_dir; then
⋮┆----------------------------------------
442┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld $dest_dir $_tmpbakdir
⋮┆----------------------------------------
446┆ res=$(chmod 775 $dest_dir 2>&1) || {
⋮┆----------------------------------------
448┆ [ $CLEANUP -eq 0 ] || rm -fr $dest_dir $_tmpbakdir
⋮┆----------------------------------------
452┆ if ! __fsynced_write_or_cleanup_dir $_tmpbakdir $dest_dir/$BAKDIR; then
⋮┆----------------------------------------
457┆ rm -fr $tmp_ld $_tmpbakdir
⋮┆----------------------------------------
461┆ cd $dest_dir
⋮┆----------------------------------------
463┆ eval $(__rootpath) $INSTALLER install $limited_postinstall >$instlog.tmp 2>&1 || ret=$?
⋮┆----------------------------------------
464┆ fsynced_write_or_cleanup $instlog.tmp $instlog
⋮┆----------------------------------------
466┆ cd $oldpwd
⋮┆----------------------------------------
470┆ __logfile2error $instlog
⋮┆----------------------------------------
471┆ [ $CLEANUP -eq 0 ] || rm -fr $dest_dir
⋮┆----------------------------------------
479┆ __read_runstate $dest_dir/conf/runstate.conf _started
⋮┆----------------------------------------
481┆ __set_runstate start $APPNAME $STARTMODE ||
⋮┆----------------------------------------
499┆ __install_eap_file $eap_file reload_web
⋮┆----------------------------------------
502┆ [ "$result_code" -eq 0 ] || exit $result_code
⋮┆----------------------------------------
506┆ echo $APPNAME
⋮┆----------------------------------------
529┆ resstr=$(cp $keyfile $packdir/$LICFILENAME 2>&1) || {
⋮┆----------------------------------------
561┆ ... echo $licensekey | sed -rn
's/.*<ApplicationID>([[:digit:]]*)<\/ApplicationID>.*<MinimumMajorVersion>([-[:digit:]]*)<\/MinimumMajorVersion>.*<Min
imumMinorVersio ...
[shortened a long line from output, adjust with --max-chars-per-line]
⋮┆----------------------------------------
567┆ eval $expression || :
⋮┆----------------------------------------
610┆ serialnumber=$($PHC get \
611┆ properties.system.serialnumber -
RAW |
⋮┆----------------------------------------
613┆ deviceid=$(echo $deviceid |tr '[:lower:]' '[:upper:]')
⋮┆----------------------------------------
620┆ date -d $expirationdate -D%F +%s)
⋮┆----------------------------------------
646┆ __validate_license_key $keyfile
⋮┆----------------------------------------
648┆ [ $result_code -eq 0 ] || exit $result_code
⋮┆----------------------------------------
650┆ __install_license_key $pack $keyfile
⋮┆----------------------------------------
652┆ [ $result_code -eq 0 ] || exit $result_code
⋮┆----------------------------------------
670┆ resstr=$(rm $1 2>&1) || {
⋮┆----------------------------------------
683┆ __error 10 $pack
⋮┆----------------------------------------
692┆ __error 24 $pack
⋮┆----------------------------------------
696┆ __error 24 $pack
⋮┆----------------------------------------
700┆ [ $CLEANUP -eq 0 ] || rm -fr $tmp_ld
⋮┆----------------------------------------
701┆ __error 24 $pack
⋮┆----------------------------------------
703┆ tmp_file=$(file_upload -S $CONTENT_LENGTH -n 204800 \
704┆ --allowed-realms=$realms --allowed-dirs=$dirs 2>&1) ||
ret=$?
⋮┆----------------------------------------
707┆ __error 22 $pack
⋮┆----------------------------------------
711┆ __error 22 $pack
⋮┆----------------------------------------
714┆ rm -f $uploadfile
⋮┆----------------------------------------
717┆ __error 22 $pack
⋮┆----------------------------------------
721┆ error cannot mv $tmp_file $uploadfile
⋮┆----------------------------------------
722┆ __error 22 $pack
⋮┆----------------------------------------
724┆ chmod 644 $uploadfile || {
⋮┆----------------------------------------
726┆ __error 22 $pack
⋮┆----------------------------------------
730┆ __validate_license_key $uploadfile
⋮┆----------------------------------------
733┆ [ $result_code -ne 21 ] || rm -f $uploadfile
⋮┆----------------------------------------
734┆ __error "$result_code" $pack
⋮┆----------------------------------------
754┆ pid=$(__lua_application_is_running $xmlfile)
⋮┆----------------------------------------
756┆ pid=$(pidof $APPNAME) || :
⋮┆----------------------------------------
759┆ __set_runstate stop $APPNAME $STARTMODE || {
⋮┆----------------------------------------
763┆ cd $packdir
⋮┆----------------------------------------
764┆ eval $(__rootpath) $INSTALLER uninstall >/dev/null || {
⋮┆----------------------------------------
773┆ rm -f $APACHE_VHOSTS_ALL/urls_$APPNAME.conf
⋮┆----------------------------------------
774┆ rm -f $APACHE_VHOSTS_ALL/urls_$APPNAME.conf.tmp
⋮┆----------------------------------------
795┆ resstring=$(rm $packdir/$LICFILENAME 2>&1) || {
⋮┆----------------------------------------
822┆ cat $packdir/$LICFILENAME
⋮┆----------------------------------------
879┆ pid=$(__lua_application_is_running $xmlfile)
⋮┆----------------------------------------
881┆ pid=$(pidof $APPNAME) || :
⋮┆----------------------------------------
921┆ if eval $(__rootpath) start-package-allowed.sh $packdir/$APPNAME $APPTYPE >/dev/null; then
⋮┆----------------------------------------
922┆ __set_runstate start $APPNAME $STARTMODE ||
⋮┆----------------------------------------
940┆ __set_runstate stop $APPNAME $STARTMODE || :
⋮┆----------------------------------------
942┆ pid=$(__lua_application_is_running $xmlfile)
⋮┆----------------------------------------
944┆ pid=$(pidof $APPNAME) || :
⋮┆----------------------------------------
961┆ [ $err -eq 0 ] || exit $err
⋮┆----------------------------------------
980┆ __error 29 $pack
⋮┆----------------------------------------
984┆ __error 29 $pack
⋮┆----------------------------------------
988┆ __error 29 $pack
⋮┆----------------------------------------
1007┆ __error 27 $pack
⋮┆----------------------------------------
1010┆ response_code=$(echo $response |
⋮┆----------------------------------------
1016┆ __error 28 $pack
⋮┆----------------------------------------
1019┆ mkdir -p $LICDIR || {
⋮┆----------------------------------------
1021┆ __error 22 $pack
⋮┆----------------------------------------
1023┆ chmod 700 $LICDIR || {
⋮┆----------------------------------------
1025┆ __error 22 $pack
⋮┆----------------------------------------
1028┆ if ! touch $LICFILEPATH >/dev/null; then
⋮┆----------------------------------------
1030┆ __error 28 $pack
⋮┆----------------------------------------
1035┆ rm -f $LICFILEPATH.data $LICFILEPATH.raw
⋮┆----------------------------------------
1037┆ [ -z "$within_xml" ] || echo $line >>$LICFILEPATH
⋮┆----------------------------------------
1038┆ echo $line >>$LICFILEPATH.raw
⋮┆----------------------------------------
1039┆ echo $line >>$LICFILEPATH.data
⋮┆----------------------------------------
1041┆ echo $line >$LICFILEPATH
⋮┆----------------------------------------
1053┆ content=$(cat $LICFILEPATH.data || :)
⋮┆----------------------------------------
1056┆ __error 28 $pack
⋮┆----------------------------------------
1068┆ __error $err $pack
⋮┆----------------------------------------
1071┆ chmod 644 $LICFILEPATH || {
⋮┆----------------------------------------
1073┆ __error 28 $pack
⋮┆----------------------------------------
1076┆ __install_license_key $pack $LICFILEPATH
⋮┆----------------------------------------
1078┆ rm -f $LICFILEPATH
⋮┆----------------------------------------
1079┆ [ $result_code -eq 0 ] || __error "$result_code" $pack
⋮┆----------------------------------------
1081┆ __send_action_resp $action "" $pack
⋮┆----------------------------------------
1137┆ dbus_resp=$($DBUS_REQ_GET_APP_STATUS string:$PACKAGE_DIRECTORY/${APPNAME%.*}/$APPNAME 2>/dev/null)
⋮┆----------------------------------------
1158┆ eval $1=\$app_status
⋮┆----------------------------------------
1177┆ exit $res
⋮┆----------------------------------------
1188┆ licstatus=$(licensekey_cli -a $APPNAME -i $APPID -m $APPMAJORVERSION -n $APPMINORVERSION) || {
⋮┆----------------------------------------
1205┆ eval $2=\$licstatus
⋮┆----------------------------------------
1206┆ eval $3=\$licdate
⋮┆----------------------------------------
1216┆ __licinfo_from_file $license_file lic_status lic_date || return 1
⋮┆----------------------------------------
1220┆ lic_status=$($PACKAGE_DIRECTORY/$APPNAME/$APPNAME $LICENSE_CHECK_ARGS)
⋮┆----------------------------------------
1230┆ __licinfo_from_file $license_file lic_status lic_date || return 1
⋮┆----------------------------------------
1234┆ eval $2=\$lic_status
⋮┆----------------------------------------
1235┆ eval $3=\$lic_date
⋮┆----------------------------------------
1254┆ eval $2=\$lic_name
⋮┆----------------------------------------
1271┆ eval $3=\$url
⋮┆----------------------------------------
1279┆ eval $2=""
⋮┆----------------------------------------
1283┆ eval $2=\$link
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
179┆ local file=$1 enb=no var= val= IFS==
⋮┆----------------------------------------
552┆ IFS=
⋮┆----------------------------------------
556┆ IFS=$old_IFS
⋮┆----------------------------------------
991┆ IFS="&"
⋮┆----------------------------------------
1001┆ IFS=$old_IFS
⋮┆----------------------------------------
1033┆
IFS="
1034┆ "
⋮┆----------------------------------------
1050┆ IFS=$old_IFS
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/html/axis-cgi/lib/functions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
257┆ eval tmpvar__=$(echo \$$n__) || :
⋮┆----------------------------------------
260┆ eval outvar__=$(echo \$$(($n__ + $nof_params__)))
⋮┆----------------------------------------
260┆ eval outvar__=$(echo \$$(($n__ + $nof_params__)))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
25┆ [ -z "$3" ] || printf "Content-Length: %d\r\n" $3
⋮┆----------------------------------------
117┆ eval $ret__=\$mess__
⋮┆----------------------------------------
126┆ printf "Status: %d %s\r\n" $1 "$2"
⋮┆----------------------------------------
127┆ __cgi_hdgen yes $3
⋮┆----------------------------------------
128┆ [ $1 -lt 400 ] || printf "%d %s\r\n\r\n" $1 "$2"
⋮┆----------------------------------------
147┆ __cgi_errcode ctmess__ $code__
⋮┆----------------------------------------
149┆ __cgi_content $code__ "$ctmess__" $c_type__ $*
⋮┆----------------------------------------
158┆ __cgi_errcode hdmess__ $code__
⋮┆----------------------------------------
160┆ __cgi_content $code__ "$hdmess__" text/plain $*
⋮┆----------------------------------------
181┆ . $1
⋮┆----------------------------------------
230┆ return $reterr__
⋮┆----------------------------------------
252┆ set -- $*
⋮┆----------------------------------------
257┆ eval tmpvar__=$(echo \$$n__) || :
⋮┆----------------------------------------
260┆ eval outvar__=$(echo \$$(($n__ + $nof_params__)))
⋮┆----------------------------------------
263┆ n__=$(($n__ + 1))
⋮┆----------------------------------------
267┆ printf "%s" $outvar__
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
206┆ local inparam__=$1 IFS='&' param__
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/html/axis-cgi/lib/limited_access.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
15┆ __keyfile_value $PKG_PARSER_FILE Install AllowRoot _vapix_val
⋮┆----------------------------------------
60┆ for _line in $(tar -Oxf $1 $PKG_CONF_FILE); do
⋮┆----------------------------------------
84┆ _uid=$(id -u $1); [ $_uid -ne 0 ] || {
⋮┆----------------------------------------
104┆ __pkgconf_value $1 APPUSR _user
⋮┆----------------------------------------
105┆ __pkgconf_value $1 APPGRP _group
⋮┆----------------------------------------
107┆ __keyfile_value $PKG_PARSER_FILE Install AllowRoot _allow_root
⋮┆----------------------------------------
125┆ command -v $CHECKSUM_CMD >/dev/null 2>&1 || {
⋮┆----------------------------------------
138┆ _checksum=$($CHECKSUM_CMD "$_eap_path" || :)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
22┆ local IFS="="
⋮┆----------------------------------------
58┆ local
IFS='
59┆ '
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/html/axis-cgi/lib/systemlog.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
29┆ max_num_files=$(sed -rn 's/^[[:blank:]]rotate[[:blank:]]+//p'
$logrotate_file | head -n 1) ||
⋮┆----------------------------------------
35┆ max_num_files=$(($max_num_files + 1))
⋮┆----------------------------------------
37┆ [ "$lf_title__" != yes ] || __title $lf_title__ "System log"
⋮┆----------------------------------------
54┆ eval $cmd__ $logf__ ||
⋮┆----------------------------------------
60┆ [ "$lf_title__" != yes ] || __title $lf_title__ $3
⋮┆----------------------------------------
65┆ eval $cmd__ $3 || echo "$sn Failed to read file $3"
⋮┆----------------------------------------
89┆ __title $lf_title__ "Contents of $3 for '$appname__'"
⋮┆----------------------------------------
91┆ if __is_lua_application $appname__; then
⋮┆----------------------------------------
92┆ __do_show_logfile $* | grep
"monolith\[[0-9]\+\]:[[:blank:]]\+$appname__:\|[[:blank:]]\+$appname__\[[0-9]\+"
⋮┆----------------------------------------
94┆ __do_show_logfile $* | grep "[[:blank:]]\+$appname__\[[0-9]\+"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/html/axis-cgi/virtualinput/virtual_input_common.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
26┆ logger -s -t${0##*/} -perr -- $*
⋮┆----------------------------------------
62┆ xml_error_resp $1 "$2"
⋮┆----------------------------------------
130┆ state_changed=$(gdbus call -y -d $DBUS_DEST -o $DBUS_OBJ$1 -m $2) ||
⋮┆----------------------------------------
145┆ success_reply $method $state_changed
⋮┆----------------------------------------
165┆ eval $1=\$port
⋮┆----------------------------------------
183┆ eval $1=\$version
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/cmpversions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
35┆ _validate_vers $2 ||
⋮┆----------------------------------------
39┆ set -- $2
⋮┆----------------------------------------
40┆ eval $result=$#
⋮┆----------------------------------------
51┆ set -- $version
⋮┆----------------------------------------
54┆ eval tmp=\$$i
⋮┆----------------------------------------
56┆ eval $array$i=\$$i
⋮┆----------------------------------------
58┆ eval $array$i=0
⋮┆----------------------------------------
60┆ i=$(($i + 1))
⋮┆----------------------------------------
71┆ eval $arg=\${$arg#\\\"}
⋮┆----------------------------------------
72┆ eval $arg=\${$arg%\\\"}
⋮┆----------------------------------------
90┆ _validate_op $op || error "compare_vers: invalid operator '$op'"
⋮┆----------------------------------------
92┆ _nof_args nbr_count1 $version1 ||
⋮┆----------------------------------------
94┆ _nof_args nbr_count2 $version2 ||
⋮┆----------------------------------------
100┆ _split_vers v1_nbr_ $version1 $nbr
⋮┆----------------------------------------
101┆ _split_vers v2_nbr_ $version2 $nbr
⋮┆----------------------------------------
104┆ eval number1=\$v1_nbr_$i
⋮┆----------------------------------------
105┆ eval number2=\$v2_nbr_$i
⋮┆----------------------------------------
152┆ i=$(($i + 1))
⋮┆----------------------------------------
154┆ return $res
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
38┆ IFS=.
⋮┆----------------------------------------
49┆ local IFS=. array=$1 version=$2 i=1 nbr=$3 tmp
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/error.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
36┆ _message $SD_WARNING "!" "$*"
⋮┆----------------------------------------
43┆ _message $SD_ERR "!!!" "$*"
⋮┆----------------------------------------
51┆ _message $SD_INFO "+" "$*"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/files.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
28┆ if fsync $1; then
⋮┆----------------------------------------
29┆ if mv -f $1 $2; then
⋮┆----------------------------------------
30┆ if ! fsync ${2%/*}; then
⋮┆----------------------------------------
49┆ [ -z "$1" ] || rm -f $1 || error "$_f: $error_msg. Unable to remove '$1'"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/fsupgrade-functions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
7┆ printf "%s: %s!\n" $TAG "$*" >&2
⋮┆----------------------------------------
23┆ command which $1 >/dev/null 2>&1
⋮┆----------------------------------------
57┆ if umount $1; then
⋮┆----------------------------------------
76┆ [ -d $1 ] || mkdir -p $1 ||
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/macaddress-read.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
17┆ validate_varname $1 || error "$_f: invalid variable name '$1' (arg 1)"
⋮┆----------------------------------------
21┆ eval $1=\$mac_def
⋮┆----------------------------------------
23┆ validate_varname $2 ||
⋮┆----------------------------------------
25┆ eval $2=\$mac_def
⋮┆----------------------------------------
31┆ [ ! -r $conf ] || . $conf || error "Failed to source '$conf'"
⋮┆----------------------------------------
33┆ [ -z "${MAC:-}" ] || mac_res=$(echo $MAC | tr a-f A-F)
⋮┆----------------------------------------
41┆ mac_res=$(echo $serno | tr a-f A-F |
⋮┆----------------------------------------
53┆ eval $1=\$mac_res
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/module.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
34┆ modprobe -r $1 || error "Failed to unload '$1'"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/parhand-functions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
16┆ retry=$(($retry - 1))
⋮┆----------------------------------------
28┆ until [ -e $PH_PIDFILE ]; do
⋮┆----------------------------------------
29┆ retry=$(($retry - 1))
⋮┆----------------------------------------
59┆ rm -f $PH_PIDFILE
⋮┆----------------------------------------
60┆ $PH /dev/null 50011 $uep -d $EDP $epp -upgrade &
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/string.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
162┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
57┆ i=$(($i + 1))
⋮┆----------------------------------------
64┆ eval $1=\$lastc
⋮┆----------------------------------------
89┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
131┆ eval $1=\$__prefix
⋮┆----------------------------------------
132┆ eval $2=\$__suffix
⋮┆----------------------------------------
162┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
171┆ eval $1=\$_prefix\$_suffix
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/systemd-generator.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
11┆ rm -f $_SERVICEDIR/$2.wants/$1
⋮┆----------------------------------------
21┆ mkdir -p $d || error "$_f: failed to create directory '$d'"
⋮┆----------------------------------------
22┆ ln -sf /lib/systemd/system/$1 $d/$1
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/systemd.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
7┆ eval $(systemctl show -p $v || :)
⋮┆----------------------------------------
14┆ eval $(systemctl show -p $v || :)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
7┆ eval $(systemctl show -p $v || :)
⋮┆----------------------------------------
14┆ eval $(systemctl show -p $v || :)
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/sysvinit-functions.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
324┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
413┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
22┆ [ ! -r $RCLIB/sh/files.sh ] || . $RCLIB/sh/files.sh
⋮┆----------------------------------------
68┆ eval $2="$_LFD/$__lf.lock" ||
⋮┆----------------------------------------
77┆ validate_lock_fn $1 _lf
⋮┆----------------------------------------
119┆ validate_lock_fn $1 _lf
⋮┆----------------------------------------
226┆ if check_pid $1; then
⋮┆----------------------------------------
267┆ kill -TERM $1 || return 1
⋮┆----------------------------------------
270┆ if check_pid $1 && sleep 1 &&
⋮┆----------------------------------------
271┆ check_pid $1 && sleep 2 &&
⋮┆----------------------------------------
272┆ check_pid $1 && sleep 3 &&
⋮┆----------------------------------------
273┆ check_pid $1; then
⋮┆----------------------------------------
274┆ kill -KILL $1
⋮┆----------------------------------------
324┆ shift $(($OPTIND - 1))
⋮┆----------------------------------------
413┆ shift $(($OPTIND - 1))
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/lib/rcscripts/sh/times.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
47┆ eval $_r=$(dc <<-EOF
48┆
$_m
49┆
60
50┆
*
51┆
$_s
52┆
+
53┆
$_t
54┆
+
55┆
p
56┆
EOF
[hid 1 additional lines, adjust with --max-lines-per-finding]
204┆ eval $_r=$(dc <<-EOF
205┆
$_uptime_now
206┆
$2
207┆
-
208┆
p
209┆
EOF
210┆
)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
67┆ eval $1=0$2
⋮┆----------------------------------------
70┆ eval $1=$2
⋮┆----------------------------------------
80┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
125┆ tmp_f=$(mktemp $fs_mp/$$.XXXXXX) || {
⋮┆----------------------------------------
137┆ _dc_times_calc t $t $u || break
⋮┆----------------------------------------
138┆ _dc_times_calc t $t $s || break
⋮┆----------------------------------------
140┆ rm -f $tmp_f
⋮┆----------------------------------------
142┆ zeropad_real t $t
⋮┆----------------------------------------
143┆ eval $_r=$t
⋮┆----------------------------------------
152┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
169┆ validate_varname $1 || error "$f: invalid variable name '$1'"
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
20┆ IFS=ms
⋮┆----------------------------------------
22┆ IFS=$sIFS
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/api_setup_init.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
12┆ fsynced_write_or_cleanup $markerfile.tmp $markerfile ||
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/application_report.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
21┆ . $dir/$conffile
⋮┆----------------------------------------
24┆ printf "State: %s\n" $appstatus
⋮┆----------------------------------------
30┆ printf "Copy protection state: %s\n" $licstatus
⋮┆----------------------------------------
36┆ printf "\n%s/%s:\n" $dir $conffile
⋮┆----------------------------------------
41┆ printf "\n%s/%s:\n" $dir $cgiconf
⋮┆----------------------------------------
46┆ printf "\n%s/%s:\n" $dir $HTTPCGIPATHS
⋮┆----------------------------------------
50┆ printf "\n%s/%s:\n" $dir $licfile
⋮┆----------------------------------------
54┆ printf "error: Failed to read $conffile in %s\n" $dir
⋮┆----------------------------------------
66┆ output_info $appdir
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/coredump.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
29┆ ( tee /dev/fd/3 | /usr/sbin/coredump-handler $cmdlineargs ) 3>&1 | lzop>"$diskdumpfile.lzo" &&
⋮┆----------------------------------------
30┆ mkdir -p $tmppath/$dumpsdir && ln -s "$diskdumpfile.lzo" "$tmppath/$dumpsdir/$core_file_name.lzo"
⋮┆----------------------------------------
33┆ exec /usr/sbin/coredump-handler $cmdlineargs
⋮┆----------------------------------------
59┆ [ -d $extpath/$dumpsdir ] || mkdir $extpath/$dumpsdir &&
⋮┆----------------------------------------
60┆ chown :debugar $extpath/$dumpsdir && chmod g+w $extpath/$dumpsdir || :
⋮┆----------------------------------------
60┆ chown :debugar $extpath/$dumpsdir && chmod g+w $extpath/$dumpsdir || :
⋮┆----------------------------------------
68┆ [ ! -d $tmppath ] || [ -d $tmppath/$dumpsdir ] || mkdir $tmppath/$dumpsdir &&
⋮┆----------------------------------------
69┆ chown :debugar $tmppath/$dumpsdir && chmod g+w $tmppath/$dumpsdir || :
⋮┆----------------------------------------
69┆ chown :debugar $tmppath/$dumpsdir && chmod g+w $tmppath/$dumpsdir || :
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/gen_broker_passwd.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
25┆ printf '%s\n' "$users" | grep -F $user >/dev/null || users="$user $users"
⋮┆----------------------------------------
29┆ mkdir -p $RUN_DIR/user-pass
⋮┆----------------------------------------
32┆ touch $RUN_DIR/brok-pass
⋮┆----------------------------------------
33┆ chown mqtt-client:mqtt-client $RUN_DIR/brok-pass
⋮┆----------------------------------------
34┆ chmod 400 $RUN_DIR/brok-pass
⋮┆----------------------------------------
42┆ chown $user:mqtt-client $RUN_DIR/user-pass/$user
⋮┆----------------------------------------
43┆ chmod 400 $RUN_DIR/user-pass/$user
⋮┆----------------------------------------
46┆ /usr/bin/mosquitto_passwd -b $RUN_DIR/brok-pass $user $password
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/get_sia_osdp_verified_version.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
11┆ printf "%s" $UNKNOWN_VALUE
⋮┆----------------------------------------
16┆ [ -r $VARIABLESFILE ] && . $VARIABLESFILE 2>/dev/null ||
⋮┆----------------------------------------
19┆ printf "%s" $VERSION
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/get_ul_version.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
23┆ printf "%s" $UNKNOWN_VALUE
⋮┆----------------------------------------
28┆ [ -r $VARIABLESFILE ] && . $VARIABLESFILE 2>/dev/null ||
⋮┆----------------------------------------
37┆ count=$(($count + 1))
⋮┆----------------------------------------
39┆ count=$(($count + 1))
⋮┆----------------------------------------
51┆ printf "%s" $ul_version
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
31┆ IFS=.
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/install-package.sh
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
78┆ GROUPNAME=$(r=${APPNAME#?};f=${APPNAME%$r};echo $(echo $f | tr [:lower:] [:upper:])$r)
⋮┆----------------------------------------
402┆ cgi_path_dir=$INSTALLDIR/$DIRNAME/html/$(dirname $cgi_path) ||
⋮┆----------------------------------------
500┆ gdbus call -y -d com.axis.PolicyKitCert \
501┆ -o
/com/axis/PolicyKitCert \
502┆ -m
com.axis.PolicyKitCert.CertSetCreate \
503┆ "$CERTSETNAME" "$APPNAME"
"$CERTSETACTOR" \
504┆ "$CERTSETPROTOCOL" $(id -u $APPUSR)
||
⋮┆----------------------------------------
698┆ url_dir=$ACAP_DOC_ROOT/$acap_name/$(basename $subdir)
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
21┆ logger -t ${0##*/} -p INFO -- "$*"
⋮┆----------------------------------------
25┆ logger -t ${0##*/} -p WARNING -- "$*"
⋮┆----------------------------------------
29┆ logger -t ${0##*/} -p WARNING -- "$*"
⋮┆----------------------------------------
51┆ . ./$ADPPACKCFG || {
⋮┆----------------------------------------
64┆ XMLCONFFILE=$INSTALLDIR/$DIRNAME/$APPNAME
⋮┆----------------------------------------
75┆ ABSAPPNAME=$INSTALLDIR/$DIRNAME/$APPNAME
⋮┆----------------------------------------
78┆ GROUPNAME=$(r=${APPNAME#?};f=${APPNAME%$r};echo $(echo $f | tr [:lower:] [:upper:])$r)
⋮┆----------------------------------------
78┆ GROUPNAME=$(r=${APPNAME#?};f=${APPNAME%$r};echo $(echo $f | tr [:lower:] [:upper:])$r)
⋮┆----------------------------------------
203┆ chmod 755 $PKG_ETC_INIT_D_APPNAME.tmp ||
⋮┆----------------------------------------
205┆ fsynced_write_or_cleanup $PKG_ETC_INIT_D_APPNAME.tmp $PKG_ETC_INIT_D_APPNAME
⋮┆----------------------------------------
230┆ chmod 644 $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
232┆ chown root:root $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
234┆ fsynced_write_or_cleanup $ETC_SYSTEMD_APPNAME.tmp $ETC_SYSTEMD_APPNAME
⋮┆----------------------------------------
263┆ chmod 644 $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
265┆ chown root:root $ETC_SYSTEMD_APPNAME.tmp ||
⋮┆----------------------------------------
267┆ fsynced_write_or_cleanup $ETC_SYSTEMD_APPNAME.tmp $ETC_SYSTEMD_APPNAME
⋮┆----------------------------------------
270┆ mkdir -p $ETC_SYSTEMD_APPDIR ||
⋮┆----------------------------------------
277┆ chmod 644 $ETC_SYSTEMD_NETFILE.tmp ||
⋮┆----------------------------------------
279┆ chown root:root $ETC_SYSTEMD_NETFILE.tmp ||
⋮┆----------------------------------------
281┆ fsynced_write_or_cleanup $ETC_SYSTEMD_NETFILE.tmp $ETC_SYSTEMD_NETFILE
⋮┆----------------------------------------
294┆ rm -f $transfer_link || error "Failed to remove link: $transfer_link"
⋮┆----------------------------------------
310┆ chmod 644 $transfer_conf.tmp
⋮┆----------------------------------------
311┆ chown www:www $transfer_conf.tmp
⋮┆----------------------------------------
313┆ fsynced_write_or_cleanup $transfer_conf.tmp $transfer_conf
⋮┆----------------------------------------
315┆ ln -sf $transfer_conf $transfer_link ||
⋮┆----------------------------------------
317┆ chown -h www:www $transfer_link
⋮┆----------------------------------------
327┆ rm -f $mime_link || error "Failed to remove link: $mime_link"
⋮┆----------------------------------------
334┆ chmod 644 $mime_conf.tmp
⋮┆----------------------------------------
335┆ chown www:www $mime_conf.tmp
⋮┆----------------------------------------
337┆ fsynced_write_or_cleanup $mime_conf.tmp $mime_conf
⋮┆----------------------------------------
339┆ ln -sf $mime_conf $mime_link ||
⋮┆----------------------------------------
341┆ chown -h www:www $mime_link
⋮┆----------------------------------------
352┆ ln -sf $PKG_ETC_INIT_D_APPNAME $ETC_INIT_D_APPNAME ||
⋮┆----------------------------------------
357┆ ln -sfn $INSTALLDIR/$DIRNAME/html $WEB_DIR/$APPNAME ||
⋮┆----------------------------------------
374┆ printf "%s" "$cgi_path" | grep -q $path_validation_expr ||
⋮┆----------------------------------------
381┆ chmod 644 $tmp_file || error "Failed to chmod: $tmp_file"
⋮┆----------------------------------------
383┆ fsynced_write_or_cleanup $tmp_file $PKG_CONFDIR/$HTTPCGIPATHS
⋮┆----------------------------------------
385┆ ln -sf $PKG_CONFDIR/$HTTPCGIPATHS $ETC_TRANSFER_CONF/transfer_$APPNAME.conf ||
⋮┆----------------------------------------
402┆ cgi_path_dir=$INSTALLDIR/$DIRNAME/html/$(dirname $cgi_path) ||
⋮┆----------------------------------------
405┆ cgi_path_file=$cgi_path_dir/$(basename $cgi_path) ||
⋮┆----------------------------------------
408┆ mkdir -p $cgi_path_dir ||
⋮┆----------------------------------------
411┆ find $cgi_path_dir -type d | xargs chown sdk:sdk ||
⋮┆----------------------------------------
417┆ chgrp $owner $cgi_path_file.tmp ||
⋮┆----------------------------------------
420┆ chmod 0750 $cgi_path_file.tmp ||
⋮┆----------------------------------------
423┆ fsynced_write_or_cleanup $cgi_path_file.tmp $cgi_path_file
⋮┆----------------------------------------
435┆ chmod 0640 $lic_file ||
⋮┆----------------------------------------
438┆ ln -sf $lic_file $INSTALLDIR/$DIRNAME/html/LICENSE >/dev/null 2>&1 ||
⋮┆----------------------------------------
443┆ for dir in $(find $INSTALLDIR/$DIRNAME/html -type d); do
⋮┆----------------------------------------
444┆ chmod 751 $dir || error "Failed to set permissions html"
⋮┆----------------------------------------
447┆ install_urls $APPNAME $INSTALLDIR/$DIRNAME/html ||
⋮┆----------------------------------------
450┆ chown $APPUSR:www $INSTALLDIR/$DIRNAME/html ||
⋮┆----------------------------------------
455┆ chown $APPUSR:www $lic_file ||
⋮┆----------------------------------------
460┆ ln -sf $PKG_ETC_DYN_APP_CONF $ETC_DYN_APP_CONF ||
⋮┆----------------------------------------
465┆ ln -sf $PKG_ETC_DYN_PARAM_APP_CONF $ETC_DYN_PARAM_APP_CONF ||
⋮┆----------------------------------------
470┆ ln -sf $PKG_DBUS_FILE $DBUS_FILE ||
⋮┆----------------------------------------
483┆ $PHC readgroupfile $ETC_DYN_PARAM_APP_CONF ||
⋮┆----------------------------------------
504┆ "$CERTSETPROTOCOL" $(id -u $APPUSR) ||
⋮┆----------------------------------------
539┆ chmod 755 $ABSAPPNAME || error "Failed to change permissions on $ABSAPPNAME"
⋮┆----------------------------------------
554┆ mkdir -p $DATA_DIR || error "Failed to create dir $DATA_DIR"
⋮┆----------------------------------------
556┆ chown $APPUSR:$APPGRP $DATA_DIR ||
⋮┆----------------------------------------
559┆ mkdir -p $ETC_DYN_PARAM || error "Failed to create dir $ETC_DYN_PARAM"
⋮┆----------------------------------------
560┆ mkdir -p $ETC_DYN || error "Failed to create dir $ETC_DYN"
⋮┆----------------------------------------
573┆ entry=$(echo $line | sed -rne
's/^[[:space:]]*([[:alnum:]]*)[[:space:]]*=[[:space:]]*"?([^"]*)"?.*/\1="\2"/p')
⋮┆----------------------------------------
575┆ type=$(echo $line | sed -rne 's/.*type[[:space:]]*=[[:space:]]*"([^"]*)"[[:space:]]*$/\1/p')
⋮┆----------------------------------------
584┆ echo $entry >> $PKG_ETC_DYN_APP_CONF.tmp
⋮┆----------------------------------------
590┆ chown $APPUSR:$APPGRP $PKG_ETC_DYN_APP_CONF.tmp ||
⋮┆----------------------------------------
593┆ chown $APPUSR:$APPGRP $PKG_ETC_DYN_PARAM_APP_CONF.tmp ||
⋮┆----------------------------------------
596┆ fsynced_write_or_cleanup $PKG_ETC_DYN_APP_CONF.tmp $PKG_ETC_DYN_APP_CONF
⋮┆----------------------------------------
597┆ fsynced_write_or_cleanup $PKG_ETC_DYN_PARAM_APP_CONF.tmp $PKG_ETC_DYN_PARAM_APP_CONF
⋮┆----------------------------------------
620┆ chmod 644 $PKG_DBUS_FILE.tmp || error "Failed to chmod on $PKG_DBUS_FILE.tmp"
⋮┆----------------------------------------
621┆ fsynced_write_or_cleanup $PKG_DBUS_FILE.tmp $PKG_DBUS_FILE
⋮┆----------------------------------------
672┆ files=$(ls -A $dir)
⋮┆----------------------------------------
675┆ add_file_to_url_conf $url_conf_file $dir/$file
⋮┆----------------------------------------
689┆ rm -f $url_conf_file 1>/dev/null 2>&1
⋮┆----------------------------------------
690┆ rm -f $url_conf_tmpfile 1>/dev/null 2>&1
⋮┆----------------------------------------
691┆ dirs=$(find $dir -type d)
⋮┆----------------------------------------
698┆ url_dir=$ACAP_DOC_ROOT/$acap_name/$(basename $subdir)
⋮┆----------------------------------------
704┆ gen_url_conf $url_conf_tmpfile $subdir
⋮┆----------------------------------------
711┆ fsynced_write_or_cleanup $url_conf_tmpfile $url_conf_file
⋮┆----------------------------------------
721┆ [ ! -d "$BAK_DIR" ] || rm -rf $BAK_DIR
⋮┆----------------------------------------
724┆ handle_eventdecl -d $INSTALLDIR/$DIRNAME/declarations -n $APPNAME -a ||
⋮┆----------------------------------------
727┆ mkdir -p $PKG_CONFDIR || error "Failed to mkdir -p $PKG_CONFDIR"
⋮┆----------------------------------------
729┆ chmod 755 $PKG_CONFDIR || error "Failed to change permissions on $PKG_CONFDIR"
⋮┆----------------------------------------
733┆ chmod 644 $RUNSTATE_CONF.tmp || error "Failed to change permissions on $RUNSTATE_CONF.tmp"
⋮┆----------------------------------------
734┆ fsynced_write_or_cleanup $RUNSTATE_CONF.tmp $RUNSTATE_CONF
⋮┆----------------------------------------
737┆ chown -Rh $APPUSR:admin $INSTALLDIR/$DIRNAME ||
⋮┆----------------------------------------
741┆ mkdir -p $INSTALLDIR/$DIRNAME/html ||
⋮┆----------------------------------------
752┆ if __restore_app $INSTALLDIR/$DIRNAME $BAK_DIR; then
⋮┆----------------------------------------
760┆ chmod 644 $INSTALLDIR/$DIRNAME/$ADPPACKCFG || {
⋮┆----------------------------------------
767┆ printf
"\
768┆ [Unit]
769┆ Description=%s
770┆
771┆ [Service]
772┆ User=%s
773┆ Type=oneshot
774┆ ExecStart=/bin/sh %s
775┆ WorkingDirectory=%s/%s
776┆ " $PREUPGRADE_SERVICE $1 $2 $INSTALLDIR $APPNAME > $ETC_SYSTEMD_DIR/$PREUPGRADE_SERVICE_FILENAME
⋮┆----------------------------------------
781┆ rm $ETC_SYSTEMD_DIR/$PREUPGRADE_SERVICE_FILENAME ||
⋮┆----------------------------------------
798┆ create_preupgrade_service $APPUSR $1
⋮┆----------------------------------------
800┆ systemctl --quiet start $PREUPGRADE_SERVICE >/dev/null 2>&1 || {
⋮┆----------------------------------------
802┆ systemctl --quiet reset-failed $PREUPGRADE_SERVICE > /dev/null 2>&1 ||
⋮┆----------------------------------------
810┆ execpath=$INSTALLDIR/$APPNAME/$POSTINSTALLSCRIPT
⋮┆----------------------------------------
813┆ printf
"\
814┆ [Unit]
815┆ Description=%s
816┆
817┆ [Service]
818┆ User=%s
819┆ Type=oneshot
820┆ ExecStart=/bin/sh %s 2>&1
821┆ WorkingDirectory=%s
822┆ StandardOutput=file:%s
[hid 2 additional lines, adjust with --max-lines-per-finding]
829┆ rm $ETC_SYSTEMD_DIR/$POSTINSTALL_SERVICE_FILENAME ||
⋮┆----------------------------------------
842┆ create_postinstall_service $APPUSR
⋮┆----------------------------------------
849┆ systemctl --quiet status $POSTINSTALL_SERVICE >/dev/null 2>&1 || [ $? != 4 ] || {
⋮┆----------------------------------------
853┆ systemctl --quiet start $POSTINSTALL_SERVICE >/dev/null 2>&1 || {
⋮┆----------------------------------------
855┆ systemctl --quiet reset-failed $POSTINSTALL_SERVICE > /dev/null 2>&1 ||
⋮┆----------------------------------------
860┆ chmod 644 $INSTALLDIR/$DIRNAME/$ADPPACKCFG || {
⋮┆----------------------------------------
867┆ rm -f $ETC_TRANSFER_CONF/transfer_$APPNAME.conf
⋮┆----------------------------------------
868┆ rm -f $ETC_TRANSFER_CONF/legacy_transfer_$APPNAME.conf
⋮┆----------------------------------------
869┆ rm -f $ETC_MIME_CONF/legacy_mime_$APPNAME.conf
⋮┆----------------------------------------
870┆ rm -rf $HTTP_VAR_RUN/$APPNAME
⋮┆----------------------------------------
872┆ rm -f $ETC_DYN_PARAM_APP_CONF
⋮┆----------------------------------------
873┆ rm -f $ETC_DYN_APP_CONF
⋮┆----------------------------------------
874┆ $PHC deletegroup $GROUPNAME >/dev/null 2>&1 || :
⋮┆----------------------------------------
878┆ rm -rf $INSTALLDIR/$DIRNAME
⋮┆----------------------------------------
889┆ eval enb=$val
⋮┆----------------------------------------
892┆ $log_info "unknown runstate $var for $APPNAME"
⋮┆----------------------------------------
897┆ $log_info "no runstate for $APPNAME"
⋮┆----------------------------------------
899┆ echo $enb
⋮┆----------------------------------------
908┆ systemctl --quiet enable $SYSTEMD_SERVICE_FILENAME >/dev/null 2>&1 ||
⋮┆----------------------------------------
922┆ handle_eventdecl -d $INSTALLDIR/$DIRNAME/declarations -n $APPNAME -r
⋮┆----------------------------------------
924┆ rm -rf $WEB_DIR/$APPNAME
⋮┆----------------------------------------
927┆ rm -f $ETC_INIT_D_APPNAME
⋮┆----------------------------------------
929┆ rm -f $ETC_SYSTEMD_APPNAME
⋮┆----------------------------------------
930┆ rm -rf $ETC_SYSTEMD_APPDIR
⋮┆----------------------------------------
931┆ rm -f $DBUS_FILE
⋮┆----------------------------------------
948┆ run_pre_upgrade $2
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.security.ifs-tampering
The special variable IFS affects how splitting takes place when expanding unquoted
variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you
need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS="," read
-a my_array'.
883┆ local enb=no var= val= IFS==
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/sbin/populate-extfs.sh
external.semgrep-rules.bash.lang.best-practice.iteration-over-ls-output
Iterating over ls output is fragile. Use globs, e.g. 'dir/*' instead of '$(ls dir)'.
92┆ for i in `ls $INODE_DIR`; do
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.best-practice.useless-cat
Useless call to 'cat' in a pipeline. Use '<' and '>' for any command to read from a file or
write to a file.
100┆ LN_CNT=`cat $INODE_DIR/$i | wc -l`
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-command-substitution-in-command
The result of command substitution $(...) or `...`, if unquoted, is split on whitespace or
other separators specified by the IFS variable. You should surround it with double quotes to
avoid splitting the result.
26┆ CONTRIB_DIR=$(dirname $(readlink -f $0))
⋮┆----------------------------------------
88┆ eval `echo $i | sed 's$###$ $'`
⋮┆----------------------------------------
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
26┆ CONTRIB_DIR=$(dirname $(readlink -f $0))
⋮┆----------------------------------------
32┆ find $SRCDIR | while read FILE; do
⋮┆----------------------------------------
47┆ STAT=$(stat -c "TYPE=\"%F\";DEVNO=\"0x%t 0x%T\";MODE=\"%f\";U=\"%u\";G=\"%g\"" $FILE)
⋮┆----------------------------------------
48┆ eval $STAT
⋮┆----------------------------------------
58┆ LINK_TGT=$(readlink $FILE)
⋮┆----------------------------------------
87┆ for i in `find $SRCDIR -type f -links +1 -printf 'INODE=%i###FN=%p\n'`; do
⋮┆----------------------------------------
88┆ eval `echo $i | sed 's$###$ $'`
⋮┆----------------------------------------
89┆ echo ${FN#$SRCDIR} >>$INODE_DIR/$INODE
⋮┆----------------------------------------
92┆ for i in `ls $INODE_DIR`; do
⋮┆----------------------------------------
94┆ SRC=`head -1 $INODE_DIR/$i`
⋮┆----------------------------------------
96┆ for TGT in `sed -n -e '1!p' $INODE_DIR/$i`; do
⋮┆----------------------------------------
100┆ LN_CNT=`cat $INODE_DIR/$i | wc -l`
⋮┆----------------------------------------
104┆ rm -fr $INODE_DIR
⋮┆----------------------------------------
105┆ } | $DEBUGFS -w -f - $DEVICE
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/apache2/previewmode.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
13┆ systemctl stop $PM_TIMER || echo "failed to stop $PM_TIMER"
⋮┆----------------------------------------
14┆ rm $PM_EXIST_FILE || error "failed to remove $PM_EXIST_FILE file"
⋮┆----------------------------------------
22┆ chmod 0755 $PM_CONF
⋮┆----------------------------------------
30┆ X=$(cat $PM_CONF)
⋮┆----------------------------------------
35┆ timeleft=$(expr $duration - $uptime)
⋮┆----------------------------------------
40┆ touch $PM_EXIST_FILE
⋮┆----------------------------------------
41┆ systemctl start $PM_TIMER || error "failed to start $PM_TIMER"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/keyutils/request-key-debug.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
19┆ echo RQDebug keyid: $1
⋮┆----------------------------------------
20┆ echo RQDebug desc: $2
⋮┆----------------------------------------
21┆ echo RQDebug callout: $3
⋮┆----------------------------------------
22┆ echo RQDebug session keyring: $4
⋮┆----------------------------------------
26┆ keyctl instantiate $1 "Debug $3" $4 || exit 1
⋮┆----------------------------------------
29┆ echo keyctl negate $1 30 $4
⋮┆----------------------------------------
30┆ keyctl negate $1 30 $4
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/customheader_report.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
4┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
9┆ cat $confpath/$conffile 2>&1 || :
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/device_config_serverreport.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
6┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
10┆ echo $res | jq -r '.data[0]' | jq -e .data ||
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/etc_serverreport.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
7┆ [ ! -f $f ] || [ ! -r $f ] || [ ! -x $f ] || $f || :
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/feature-flag.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/lldp_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
12┆ lldp_neigh_info=$($PK_LLDPCLI s show-neighbors 2>&1) ||
⋮┆----------------------------------------
16┆ echo $lldp_neigh_info | sed -e 's#\\n$##;s#\\n#\n#g'
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/mqtt_config.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
11┆ sed -re "s/^(password=).*/\\1*****/" $f
⋮┆----------------------------------------
19┆ status=$(busctl call $service $path $interface GetDefaultStatus 2>/dev/null || :)
⋮┆----------------------------------------
25┆ echo Client status: $state
⋮┆----------------------------------------
26┆ echo Connection status: $connection
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/nbix.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
7┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
15┆ cat $nblog*
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/ntp_status.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
5┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
16┆ if _ret=$($GET_PROP_CMD $1 $2 2>&1); then
⋮┆----------------------------------------
21┆ echo $2
⋮┆----------------------------------------
25┆ echo $* | tr -d '"'
⋮┆----------------------------------------
38┆ get_ntp_property com.axis.NTP1 $1
⋮┆----------------------------------------
43┆ get_ntp_property com.axis.NTP1.Server $1
⋮┆----------------------------------------
48┆ get_ntp_property com.axis.NTP $1
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/serverreport.d/sdcard-report.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
9┆ . $rc || error "Failed to source %c$rc%c"
⋮┆----------------------------------------
12┆ . $rc || error "Failed to source '$rc'"
⋮┆----------------------------------------
23┆ [ ! -r $1/device/$var ] || read $var <$1/device/$var
⋮┆----------------------------------------
26┆ printf "name: %s\n" ${name:-NA}
⋮┆----------------------------------------
27┆ printf "date: %s\n" ${date:-NA}
⋮┆----------------------------------------
28┆ printf "type: %s\n" ${type:-NA}
⋮┆----------------------------------------
29┆ printf "oemid: %s\n" ${oemid:-NA}
⋮┆----------------------------------------
30┆ printf "fwrev: %s\n" ${fwrev:-NA}
⋮┆----------------------------------------
31┆ printf "manfid: %s\n" ${manfid:-NA}
⋮┆----------------------------------------
32┆ printf "serial: %s\n" ${serial:-NA}
⋮┆----------------------------------------
33┆ printf "hwrev: %s\n" ${hwrev:-NA}
⋮┆----------------------------------------
34┆ printf "cid: %s\n" ${cid:-NA}
⋮┆----------------------------------------
35┆ printf "csd: %s\n" ${csd:-NA}
⋮┆----------------------------------------
39┆ print_common_info $1
⋮┆----------------------------------------
42┆ printf "scr: %s\n" ${scr:-NA}
⋮┆----------------------------------------
46┆ print_common_info $1
⋮┆----------------------------------------
52┆ printf "EXT_CSD_REV: %s\n" $rev
⋮┆----------------------------------------
54┆ !exists $udevadm ||
⋮┆----------------------------------------
55┆ device=/dev/$(udevadm info --query=name $1 2>/dev/null) || :
⋮┆----------------------------------------
58┆ ! exists $mmcreadblock ||
⋮┆----------------------------------------
59┆ $mmcreadblock $device 8 | sed -e "s/^/EXTCSD: /" || :
⋮┆----------------------------------------
61┆ ! exists $mmchealth || $mmchealth $device || :
⋮┆----------------------------------------
61┆ ! exists $mmchealth || $mmchealth $device || :
⋮┆----------------------------------------
80┆ print_emmc_info $sd_base$i
⋮┆----------------------------------------
85┆ print_card_info $sd_base$i
⋮┆----------------------------------------
89┆ i=$(($i + 1))
/logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/us
r/share/syslog-ng/include/scl/loadbalancer/gen-loadbalancer.sh
external.semgrep-rules.bash.lang.correctness.unquoted-variable-expansion-in-command
Variable expansions must be double-quoted so as to prevent being split into multiple pieces
according to whitespace or whichever separator is specified by the IFS variable. If you
really wish to split the variable's contents, you may use a variable that starts with an
underscore e.g. $_X instead of $X, and semgrep will ignore it. If what you need is an array,
consider using a proper bash array.
27┆ target_cnt=$(echo $TARGETS | wc -w)
⋮┆----------------------------------------
36┆ echo -n $target_id
⋮┆----------------------------------------
38┆ echo -n $target_cnt
⋮┆----------------------------------------
43┆ echo -n $target
⋮┆----------------------------------------
45┆ echo -n $TARGET_PARAMS
┌──────────────┐
│ Scan Summary │
└──────────────┘
Some files were skipped or only partially analyzed.
Partially scanned: 10 files only partially analyzed due to parsing or internal Semgrep errors
Ran 7 rules on 76 files: 795 findings.
