@@ -17325,19 +17325,19 @@ run_breach() {
1732517325
1732617326 # Final verdict (if not happened preemptively before). We reuse $detected_compression here
1732717327 detected_compression=""
17328- if [[ ${has_compression[@ ]} =~ warn ]]; then
17328+ if [[ ${has_compression[* ]} =~ warn ]]; then
1732917329 # warn_empty / warn_stalled
17330- if [[ ${has_compression[@ ]} =~ warn_empty ]]; then
17331- pr_warning "At least 1/4 checks failed (HTTP header request was empty, debug: ${has_compression[@ ]}"
17332- out ", debug: ${has_compression[@ ]})"
17333- fileout "$jsonID" "WARN" "Test failed as HTTP response was empty, debug: ${has_compression[@ ]}" "$cve" "$cwe"
17330+ if [[ ${has_compression[* ]} =~ warn_empty ]]; then
17331+ pr_warning "At least 1/4 checks failed (HTTP header request was empty, debug: ${has_compression[* ]}"
17332+ out ", debug: ${has_compression[* ]})"
17333+ fileout "$jsonID" "WARN" "Test failed as HTTP response was empty, debug: ${has_compression[* ]}" "$cve" "$cwe"
1733417334 else # warn_stalled
1733517335 pr_warning "At least 1/4 checks failed (HTTP header request stalled and was terminated"
17336- out ", debug: ${has_compression[@ ]})"
17336+ out ", debug: ${has_compression[* ]})"
1733717337 fileout "$jsonID" "WARN" "Test failed as HTTP request stalled and was terminated" "$cve" "$cwe"
1733817338 fi
1733917339 else
17340- for c in ${has_compression[@]}; do
17340+ for c in " ${has_compression[@]}" ; do
1734117341 if [[ $c =~ yes ]]; then
1734217342 detected_compression+="${c%:*} "
1734317343 fi
@@ -17348,7 +17348,7 @@ run_breach() {
1734817348 outln "${spaces}${when_makesense}"
1734917349 fileout "$jsonID" "MEDIUM" "potentially VULNERABLE, $detected_compression HTTP compression detected $disclaimer" "$cve" "$cwe" "$hint"
1735017350 fi
17351- debugme outln "${spaces}has_compression: ${has_compression[@ ]}"
17351+ debugme outln "${spaces}has_compression: ${has_compression[* ]}"
1735217352 ;;
1735317353 esac
1735417354
@@ -18743,7 +18743,7 @@ run_winshock() {
1874318743 # Check whether there are any TLS extension which should not be available under <= Windows 2012 R2
1874418744 for tls_ext in $TLS_EXTENSIONS; do
1874518745 # We use the whole array, got to be careful when the array becomes bigger (unintended match)
18746- if [[ ${forbidden_tls_ext[@ ]} =~ $tls_ext ]]; then
18746+ if [[ ${forbidden_tls_ext[* ]} =~ $tls_ext ]]; then
1874718747 pr_svrty_best "not vulnerable (OK)"; outln " - TLS extension $tls_ext detected"
1874818748 fileout "$jsonID" "OK" "not vulnerable - TLS extension $tls_ext detected" "$cve" "$cwe"
1874918749 return 0
@@ -23134,7 +23134,7 @@ debug_globals() {
2313423134set_skip_tests() {
2313523135 local t
2313623136
23137- for t in ${SKIP_TESTS[@]} ; do
23137+ for t in " ${SKIP_TESTS[@]}" ; do
2313823138 t="do_${t}"
2313923139 # declare won't do it here --> local scope
2314023140 eval "$t"=false
@@ -23318,7 +23318,7 @@ parse_cmd_line() {
2331823318 # then we need to make sure we catch --ids-friendly. Normally we do not,
2331923319 # see #1717. The following statement makes sure. In the do-while + case-esac
2332023320 # loop it will be execute again, but it does not hurt
23321- if [[ "${CMDLINE_ARRAY[@ ]}" =~ --ids-friendly ]]; then
23321+ if [[ "${CMDLINE_ARRAY[* ]}" =~ --ids-friendly ]]; then
2332223322 OFFENSIVE=false
2332323323 fi
2332423324 do_vulnerabilities=true
0 commit comments