Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix pattern matches

Browse Source 
This commit fixes three lines of code that use Bash substring matching. In each case, a list of strings to match was enclosed in brackets. This resulted in a match if the string to test contained any character from any of the strings to match. This commit fixes the issue by removing the brackets.

(The bugs were introduced in b8e9b09ca7 and 8149c2d5cf)
This commit is contained in:
David Cooper
2025-02-13 14:21:26 -08:00
committed by GitHub
parent 4b4260831e
commit acf48977c2
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@@ -3370,7 +3370,7 @@ run_cookie_flags() { # ARG1: Path
fi fi
if [[ ! "$HTTP_STATUS_CODE" =~ 20 ]]; then if [[ ! "$HTTP_STATUS_CODE" =~ 20 ]]; then
if [[ "$HTTP_STATUS_CODE" =~ [301|302] ]]; then if [[ "$HTTP_STATUS_CODE" =~ 301|302 ]]; then
msg302=" -- maybe better try target URL of 30x" msg302=" -- maybe better try target URL of 30x"
msg302_=" (30x detected, better try target URL of 30x)" msg302_=" (30x detected, better try target URL of 30x)"
else else
@@ -11312,7 +11312,7 @@ run_npn() {
fileout "$jsonID" "INFO" "not offered" fileout "$jsonID" "INFO" "not offered"
else else
# now comes a strange thing: "Protocols advertised by server:" is empty but connection succeeded # now comes a strange thing: "Protocols advertised by server:" is empty but connection succeeded
if [[ "$tmpstr" =~ [h2|spdy|http] ]]; then if [[ "$tmpstr" =~ h2|spdy|http ]]; then
out "$tmpstr" out "$tmpstr"
outln " (advertised)" outln " (advertised)"
fileout "$jsonID" "INFO" "offered with $tmpstr (advertised)" fileout "$jsonID" "INFO" "offered with $tmpstr (advertised)"
@@ -16854,7 +16854,7 @@ run_ccs_injection(){
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
fi fi
elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then
if [[ ! "${tls_hello_ascii:5:2}" =~ [03|02|01|00] ]]; then if [[ ! "${tls_hello_ascii:5:2}" =~ 03|02|01|00 ]]; then
pr_warning "test failed " pr_warning "test failed "
out "no proper TLS reply (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}" out "no proper TLS reply (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}"
fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint" fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint"